[nSLUG] Chebucto Security
ak621 at chebucto.ns.ca
Thu Jan 22 09:32:16 AST 2009
On Wed, 21 Jan 2009, Jason Kenney wrote:
>> *** So how is a PPP connection any more secure?
> The difference is where the encryption is taking place. If you are a
> dial-up user over PPP, your browser on your computer is the one doing
> the encrypting, before it gets sent out over the network to the ISP to
> be routed into the Internet. You are trusting the integrity of your
> own computer.
> If you connect to Chebucto via dial-up to the shell and use lynx, then
> there is no encryption until the lynx browser *on the Chebucto server*
> encrypts the traffic. The traffic from your computer to the Chebucto
> server is unencrpyted. The traffic leaving Chebucto for the Internet
> is still encrypted. You are trusting the integrity of the Chebucto
*** OK, I get it. Thanks, Jason.
> In this case I would argue you don't need to trust the integrity of
> your own computer so much, as you don't have a direct connection to
> the internet - while it would be possible to write a
> trojan/virus/keylogger that would capture and transmit this
> information to an attacker, it would be *significantly* more involved,
> and the pool of victims is minimal. I suspect no such malicious
> software exists to this end.
*** Nor do I. I can't see virus writers using their time to screw so
More information about the nSLUG