Subj : Re: binkd crypt
To   : NuSkooler
From : tenser
Date : Thu Jan 04 2024 03:51 am

On 02 Jan 2024 at 07:27p, NuSkooler pondered and said...

Nu> tenser around Wednesday, January 3rd...
Nu>  Te> Oh, I don't know: incremental progress towards security as a goal may
Nu>  Te> slow, but is still progress, no?
Nu>
Nu> I'd argue that it's just a false sense of security, which can be worse
Nu> than none.

Perhaps.  It wouldn't protect against any number of other
attack vectors, but neither would a new protocol.  On the
other hand, if binkp regularly ran over TLS-protected
connections, it would be (largely) immune to passive sniffing.

Not that that matters much; I doubt the greater BBS community
is passing any traffic that _requires_ it.

Nu> If we were to implement a *new* protocol that is always encrypted, that
Nu> would be a better start -- only policy can prevent people from exposing
Nu> the messages elsewhere though + old setups will inherently be left out.

A way around that would be a proxy at the edge of that system's
local network that handles encryption.  It's not completely
end-to-end, but does it need to be?

--- Mystic BBS v1.12 A48 (Linux/64)
* Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)

You are viewing proxied material from cvs.synchro.net. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.