TIP: Click on subject to list as thread! ANSI
echo: binkd
to: MICHIEL VAN DER VLIST
from: ROB SWINDELL
date: 2020-05-03 13:20:00
subject: Security
  Re: Security
  By: Michiel van der Vlist to Alan Ianson on Sun May 03 2020 03:52 pm

 > Hello Alan,
 >
 > On Sunday May 03 2020 02:43, you wrote to me:
 >
 >  MV>> Even more: I say binkds is an overkill.
 >
 >  AI> Binkp over TLS is secure and provides privacy in a new and robust way.
 >
 > Security against what threats and privacy against which snooping eyes?

If the threats/snooping-eyes announced their presence and intentions, they
wouldn't be very effective, now would they?

 > The biggest potential invasion of privacy in Fidonet are sysops snooping om
 > in transit mail. TLS does not protect against that.

The second sentence is true.

 > The best strategy
 > against snooping governments is to not be of interest.

False. You're *already* being snooped on by governments and you're not
interesting at all. You seem to be a very trusting person.

 > I doubt TLS is safe against the resources of governments.

It seems to be effective enough for data in-flight that they (resources of
governments) usually go after the persistent data on either end of the
transport instead.

 >  AI> It's a natural movement forward.
 >
 > Binkd already has build in encryption.

... which is terrible.

 > I do not think the added value of TL is worth the effort and overhead.

It was very little effort and unnoticeable overhead.

 > Not for Fidonet...

For Fidonet proper, possibly true (though that depends on the content of your
netmail messages). For FTN, likely false.

 >  AI> It's not easy to do in all mailers, but if it was and it was supported
 >  AI> and available by your links and your own mailer would you use it?
 >
 > I don't know. If I'd have to go through the hassle of getting a certificate
 > and pay for it and renew it every tweo years, probably not.

Free certs are available.

 > And I do not trust LetsEncrypt.

Now you don't sound like a very trusting person. That was a quick turn around.


                                            digital man

Synchronet "Real Fact" #56:
Synchronet Terminal Server introduced SecureShell (SSH) support w/v3.14a
(2006).
Norco, CA WX: 74.9øF, 50.0% humidity, 11 mph ESE wind, 0.00 inches rain/24hrs
--- SBBSecho 3.11-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
SOURCE: echomail via QWK@docsplace.org

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.