On Thu, 6 Jul 2000, Benjamin Scott <[EMAIL PROTECTED]> wrote:
> While certainly better then simple, cleartext telnet, please imagine the
> following scenario: An attacker manages to compromise the link between you
> and the host you are trying to SSH to. This is, after all, why you want SSH
> in the first place. The attacker intercepts the mindterm download and
> replaces it with a trojan designed to filter all traffic though his systems.
>
> There goes the neighborhood.
>
> The only way to protect against intercept-and-replace attacks is with a
> secret transported only via trusted media (e.g., your very own floppy disk),
> and used only with trusted binaries.
Of course. But let's be practical here. It's about the continuum of
risk management rather than absolute "NSA level" security. And I'd
claim there is a wide range of practical usage where this scheme plays
a useful role. It is SO much better than telnet!
Intercept-and-replace attacks are a good deal harder than sniffing
attacks; I agree mindterm just protects against the latter. Someday,
sniffing will be passe and intercept+replace will be par for the
course and it will be necessary to be as careful as you describe (or
even more careful if the client side machine might be compromised).
However if I ever needed "NSA level" security, I'd hire you Ben ;-)
Karl
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
