Hi, On Mon, Aug 20, 2018 at 3:28 PM dmccunney <dennis.mccun...@gmail.com> wrote: > > On Mon, Aug 20, 2018 at 10:31 AM, Karen Lewellen > <klewel...@shellworld.net> wrote: > > really? > > If sshdos no longer connects, then how am I sending this e-mail? > > Karen, the point to SSH is an *encrypted* connection to the other end. > Flaws have been identified in some of the commonly used encryption > schemes that make them crackable and therefore insecure. I believe a > TLS variant is the only currently known *secure* encryption scheme, > and SSH clients and server side code are all being updated to only > permit it. Connections using something else for encryption will > *fail*.
Let's not be naive or overreact. Some problems are man-made, and some of it is fear-based. So it's not rational to expect everyone to constantly upgrade daily all software on their end. Not everything is a rolling Linux distro, and not every piece of software is actively supported by a team of engineers. I sympathize with fixing bugs, but constantly deprecating everything, without much warning, is annoyingly destructive. (I'm not directly referring to the moribund DOS ecosystem here, which is different, just talking in general.) Just to restate the obvious, our old Wget build (using DJGPP, by Michael Kostylev) from 2008 stopped working sometime this year. Well, partially stopped working, most sites work, but Github and SF.net no longer do. So I have to instead use a newer build (by same dude, circa 2015), which does thankfully work. This wouldn't be a problem except it's not mirrored to iBiblio (still) because I haven't verified its sources yet. Things like that are somewhat annoying to build, and trying to be Free/libre (ahem, "Free"DOS) is harder than it sounds sometimes. (Most big stuff like that is cross-compiled, which is far from easy, even with obvious tools and ports. I wish people, in general, were more careful and diligent about things like this. But I'm also grateful that we have such ports at all.) > I don't know what you get email from/send email to, but it still > accepts older deprecated encryption schemes. What will you do when it > no longer does? Does email even need to be encrypted?? Seriously, is this conversation that sensitive that we need to care? Maybe it's possible to spoof someone's identity and ruin their reputation or relationship with others. But even then, is that a serious, pervasive threat here? Security shouldn't be made mandatory on nonsense like this. DOS is always root, but sometimes it doesn't matter because you're not doing anything dangerous. Know what I mean? Maybe for online banking but not for just shooting the breeze. Do you put a lock on your refrigerator? You'd better, someone might steal all the cheese!!! > I do *not* see SSHDOS or SSHDOS2 getting updated to support the > currently mandated encryption scheme. Who would actually make the > updates? Who else? Presumably someone familiar with DJGPP, which indeed has updated SSL libraries. "ANNOUNCE: DJGPP port of OpenSSL 1.0.2o uploaded." (July 16) * https://groups.google.com/forum/#!topic/comp.os.msdos.djgpp/nkmm9_im6Ks * ftp://ftp.delorie.com/pub/djgpp/current/v2tk/ssl102ob.zip "This port has been created because 1.0.2 is the Long Term Support (LTS) version (support will be provided until 31st December 2019)" > > granted, I am not running freedos, but I can with my dos network > > configuration run a browser from my desktop if needful, it is just not > > needful for me due to ssh. > > Whether you run FreeDOS, or a flavor like MSDOS or DR-DOS is > irrelevant. What *is* relevant is that network standards are changing > and DOS is being left behind because there is no one to update > software for it to be compliant. The same guy (Juan) who did the SSL update for DJGPP also updated the Lynx port. To quote the newsgroup (again): "Please note that I am not a lynx user. I have ported it as a real world test for the OpenSSL and WATT-32 ports." There's also Links2 (2.16 is dated May 11), which also supports SSL/TLS (in non-lite, full, version): * http://links.twibright.com/download/binaries/dos/ > At some point, sooner rather than later, your DOS based home network > will no longer be *able* to connect to the outside world. What will > you do then? Presumably they will just use Linux? It's true that DOS isn't well-supported, but it's not totally hopeless. You always sound like you *want* it to be hopeless and dead, but it's not. Certainly some of her engineer friends / helpers could potentially get involved in improving or supporting aforementioned DJGPP ports, if they deem it useful enough. > I play with FreeDOS, and have some old DOS apps still running under > Windows using vDOS Plus, but I do that for fun. The actual *work* > gets done elsewhere, because it can't be *done* under DOS. I don't know why you think a real-mode OS that allows direct hardware access can't "do" some things. Now, whether anyone cares enough or knows enough to actually do it is another story, but there's plenty of potential there. > I'm happy for you that DOS still meets your needs and you can do what > you need to do with it. I'm just quite certain that at some point, > you will no longer be able to. For her to keep using DOS this long is probably not a fluke. It's probably not an accident. So that means somebody somewhere still cares. Hey, I care, but I'm no engineer! ;-) And I haven't done any major work for her (or others) besides a very few minor hacks over the years. I'm clueless about networking, too. But I do love DJGPP, which is still alive (barely), and I think it's a grave mistake to underestimate it. ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Freedos-user mailing list Freedos-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/freedos-user
