Hacker Newsnew | past | comments | ask | show | jobs | submit | Bad_CRC's commentslogin

this, I'm not going to start using a random ssh fork with modified ciphers.


It may still be sensible if you only expose it to private networks.


So could this safely be used on Tailscale then ? I’m very curious though also a bit paranoid.


> So could this safely be used on Tailscale then ? I’m very curious though also a bit paranoid.

You may as well just use tailscale ssh in that case. It already disables ssh encryption because your connection is encrypted with WireGuard anyway.


It could safely be used on public internet, all this fearmongering has no basis under it.

Better question is 'does it have any actual improvements in day-to-day operations'? Because it seems like it mostly changes up some ciphering which is already very fast.


> It could safely be used on public internet, all this fearmongering has no basis under it.

On what basis are making that claim? Because AFAICT, concern about it being less secure is entirely reasonable and is one of the big caveats to it.


Concern about it being less secure is fully justified. I'm the lead developer and have been for the past 20 years. I'm happy to answer any questions you might happen to have.


I'm not fear mongering. I'm just saying

- IF you don't trust it

- AND you want to use it

=> run it on a private network

You don't have to trust it for security to use it. Putting services on secure networks when the public doesn't need access is standard practice.


I remember the last time I really cared to look into this was in the 2000’s, I had these wdtv embedded boxes that had a super anemic cpu that doing local copies with scp was slow as hell from the cipher overhead. I believe at the time it was possible to disable ciphers in scp but it was still slower than smbfs. NFS was to be avoided as wifi was shit then and losing connection meant risking system locking up. This of course was local LAN so I did not really care about encryption.

But I don’t miss having those limitations.


It's still possible but we only suggest doing it on private known secure networks or when it's data you don't care about. Authentication is still fully encrypted - we just rekey post authentication with a null cipher.


Fast & Furious: Quantum Drift.

I'm in.


I was just trying buypass for exactly that reason when I found out that they are ending it :(


na na na na na


I expect an updated post with it running doom as the author is not strange to it: https://stefan-gloor.ch/voip-phone-hack


It sounds like the Linux system he got access to doesn't control the screen though so this might not be that easy.


I'm close to a refinery and seeing black smoke coming out 5 minutes later of the blackout was a bit of a scare tbh.


and Balay, i'm currently looking to renovate my kitchen right now and you can buy the same appliance in any of the 3 brands (Bosch, Balay and Siemens).


I don't know about the name: https://en.wikipedia.org/wiki/RADIUS


I have a titanium plate on my wrist and this make me very nervous...


the strength to weight ratio is fortuitous, but this application is for its biocompatibility.


tragedeighOS


a-aronOS


The default user in SerenityOS is called anon which made me think along similar lines to you.


reference to this, I assume:

https://www.youtube.com/watch?v=OQaLic5SE_I


That’s right, En Oh Wizárd


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: