On Dec 6, 2003, at 2:49 PM, Henri Yandell wrote: > Cool. How secure is this? Can the work firewall see etc?
The password negotiation is encrypted, but the content is not. It's possible to tunnel everything through SSL, in order to get the whole thing strongly encrypted. I don't bother to do this because the stuff I send back and forth is not sensitive enough to justify that level of paranoia. Besides, I think anyone with the ability to do a man-in-the-middle attack is already sitting at the network on one end or the other and can get at sensitive information with a screwdriver at 2:00 in the morning, unless you encrypt your hard drive. | The next meeting of the Louisville Computer Society will | be January 27. The LCS Web page is <http://www.kymac.org>. | This list's page is <http://erdos.math.louisville.edu/macgroup>.
