[nSLUG] Chebucto Security
draker at gmail.com
Wed Jan 21 23:27:09 AST 2009
2009/1/21 Jason Kenney <jdkenney at gmail.com>:
> If you connect to Chebucto via some other method, either their PPP
> service or by telnet/ssh, then you have the worst of the two above
> scenarios. You must trust the integrity of both.
Small quibble -- although I'm not sure I completely grasped your
meaning in this last example.
First, if you use telnet, you have to trust (at a minimum) everyone on
the network, from where you are, all the way to the telnet server.
Don't use telnet for anything less than trivial.
If you use ssh, then yes, you have to trust both the computer in front
of you, and the computers at Chebucto. Your data is encrypted between
you and the Chebucto shell, and from Chebucto's lynx https:// to the
bank, but there is that crucial 'unencrypted' stage at Chebucto.
But if you use Chebucto's PPP service, I would argue that you don't
need to trust them. Correctly used (!), TSL encryption (https)
guarantees the security of the endpoints, regardless of who might
inspect the data along the way. It guarantees that your browser is
talking to the correct server (as vouched for by a commercial
certificate authority), that no one has read your data along the
way(*), and that if the data has been tampered with, this will be
So you don't need to trust the network between you and the bank, if
the endpoints of the encryption are: you, and the bank.
(*) at sufficient key lengths, the data encryption cannot be
brute-force cracked with modern computer equipment before the
timestamp will render it invalid. So you cannot intercept and corrupt
(i.e. insert a trojan) at the time the communication occurs. I
suppose it could be possible to record your transaction, and then get
the unencrypted result in a few years' time (a few months if you have
$$$). I don't want to get into conspiracy theories about secret
backdoors or secret super-duper hyper computers that the NSA have
hidden behind Mt. Rushmore...)
More information about the nSLUG