tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: rshd...

On 15/07/2012 9:26 AM, Lloyd Parkes wrote:
> On 15/07/2012, at 10:53 AM, Mouse wrote:
>>> Is there any way at all that anyone can justify shipping rshd and friends 
>>> as$
>> Why would they need justifying?
> Their security mechanisms aren't actually security, and quite frankly aren't 
> much of a mechanism either.

Look, I don't know why you decided to get on the ssh soap box but quite clearly 
you have an oversubscribed opinion of how many security problems ssh fixes.

In certain environments the use of ssh is reduced to encrypted rsh.  i.e lets 
slow down rsh and make it encrypted for no benefit other than there is no way 
to turn off the encryption. And sometimes you can't ever pretend that the 
encryption provides real secrecy.

> The last thing TNF needs is to have 10,000 NetBSD based consumer NAS boxes 
> start emailing out pharma spam.

This statement has nothing to do with this project (NetBSD.)


Home | Main Index | Thread Index | Old Index