Bob Thanks for taking the oposite point of view. After using windows for years and then installing and running Linux I've learned a lot. Especially when you and other's like Cory explain the why's.
Well you explained what I did the other day before I got Boyle online. I ssh'd into Tesla then shh'd to EFN. I liked Larry's response. :-) But I guess I could say my two boxes I trusted them. It's so nice to be able to use Boyle on ocasion now. I like the linuxcare boot disk for the truly paranoid. However, I don't think they would alow it to be used at a public access terminal. A sample question "Excuse me, can I boot this linux care disk? Because I'm really paranoid and I don't trust your computer." :-) I think that would go over real well at EFN or the Public Library. I Liked the shell account terminals at EFN if they still have them? After listening to the OpenBSDer on the list I would I'm almost to the point of installing it. A question I have is there a OpenBSD disk like the Linuxcare disk which does the same thing? Again Thanks Bob Tim On Monday 22 July 2002 01:06, you wrote: > Timothy Bolz wrote: > > Wouldn't cygwin and sshd be insecure because it's on a windows box. > > Because in windows you can run keyborard loggers and other programs. > > Just Curious. > > I already read Cory's reply to this question, and I'm going to take > the opposite viewpoint. > > Yes, you should always be careful where you run the ssh client. Every > time you run the client, you make it possible for anyone who 0wnz the > client host to also 0wn the remote host. > > It's dangerous to run ssh on a computer whose software you haven't > audited or installed, such as a public workstation. It's dangerous to > daisychain ssh connections, i.e., sit at A, ssh into B, then from B > ssh into C. It's dangerous to run ssh clients whose origin you don't > know, such as the free Java ssh that's floating around, or one that > just happens to be on the box already. > > And since Windows boxes, especially 9X and ME, are inherently hard to > secure, yes, you're taking an extra risk running ssh on Windows rather > than on a Unix box. > > On the other hand, it's not guaranteed that you'll get hacked when you > do one of those unsafe things. You might get away with it for years. > I don't know anyone who practices 100% safe computing all the time.
