Like I said, out-of-scope. As I alluded to, and Chad stated: SSL is safe between target server and client.
All other data is out of scope to this convo. On Thu, Apr 2, 2009 at 2:34 PM, Scott Elcomb <[email protected]> wrote: > > On Thu, Apr 2, 2009 at 3:26 PM, Andrew Badera <[email protected]> wrote: > > Define "on the net." > > > > If I'm ssh(-2)'d to my server at home, tunneling my HTTP content, > forwarding > > all DNS requests to the SOCKS proxy Putty presents, how are anyone but > > myself and the SSH server going to know exactly what content I just > pulled? > > > > (Obviously everything in front of the SSH server is likely unencrypted, > but > > that's out of scope.) > > Easy enough - anything that is stored (or passed-and-cached) > electronically outside of tcp/ip networks you control. Ie. if one > sends a search query to service not under their control that search > string must also be accessible from devices not under their control. > > Encryption's great and I use it where I can, but it's not foolproof. > Unfortunately that has been consistently proven throughout history. > Proving otherwise is the ideal case. > > -- > Scott Elcomb > http://www.psema4.com/ >
