[nSLUG] Netscape

Richard Bonner ak621 at chebucto.ns.ca
Wed Jan 21 10:09:05 AST 2009


On Sun, 18 Jan 2009, Ian Campbell wrote:

> On Sat, Jan 17, 2009 at 07:41:06PM -0400, Richard Bonner wrote:
>>
>> ***   Chebucto's shell server is https compliant; would it not have
>> to have security in place in order to be so?
>
> I don't use Chebucto, so I have no idea why HTTPS enters into a shell
> account at all...

***   I assumed it had to be https compliant so as to be able to 
even get on secure websites.



> but if you SSH to the chebucto shell server and then
> run lynx to your banks HTTPS website, you're still vulnerable to
> someone who controls the shell server. They could trojan SSH, trojan
> lynx, they could leave both intact and trace the browser, they could
> even install a fake cert and redirect you to some random site, unless
> you're in the habit of comparing the certificate fingerprints to a
> known good set every time you'll be none the wiser.

***   I don't see that as being any different with any other ISP.


(Snip)
>> ***   How might I get such a virus? It can't come down the shell
>> server pipe unless I manually download and run an infected executable.
>
> No, but few people use their machines as just a terminal.

***   I don't either, but for most of my Internet needs, it is fine.

  Richard



More information about the nSLUG mailing list