Subj : Re: fsxNet Feedback
To : Avon
From : Warpslide
Date : Sun May 09 2021 06:02 am
*** Quoting Avon from a message to All ***
Av> Security / Privacy ==================
Av> Binkp secure encryption for all hubs.
Av> Better privacy.
Av> SSH officially supported.
Av> SSH for specific echos.
There would probably need to be more discussion around this. I'm all for
adding privacy/encryption to things, but it's only as strong as its weakest
link. I'm not sure echomail was ever designed with privacy in mind.
System A could be well secured with binkp encryption & SSH access; the
message is written on the BBS over SSH & transfered to its hub with encrypted
binkp, so far so good. System B then picks that message up from the same (or
another hub) over an unencrypted channel (bink, ftp, frontdoor, etc) while
System C simply has all if its message bases accessible on a web http/https
interface (intentionally or otherwise) that is then indexed by Google.
Sure there could be a policy put in place that FSX_SECURE is only to be made
available over SSH connections, e.g: s20OS on Mystic, which would mean my
Telegard system couldn't carry it it all, but then how can you enforce that
it's only distributed over secure bink connections?
Again, I'm all for privacy/encryption but I'm not sure the purpose of it on
an echomail network, other than keeping our credentials secure when connecting
to our uplinks.
Jay
... I once boxed a pirate, he had a strong right hook
