From: "Björn Persson" <bjorn@xn--rombobjrn-67a.se>
Subject: Re: library/binding for sftp?
Date: Thu, 8 Aug 2013 11:14:04 +0200
Date: 2013-08-08T11:14:04+02:00 [thread overview]
Message-ID: <20130808111404.5fc6ce14@hactar.xn--rombobjrn-67a.se> (raw)
In-Reply-To: ef5ac77e-14b7-4328-8b7f-0db73020cee5@googlegroups.com
Alan Jump wrote:
> On Wednesday, August 7, 2013 1:26:24 PM UTC-7, Dmitry A. Kazakov
> wrote:
>
> > Yep, and obscurity means that others don't know the technique even
> > if the technique itself is stunningly simple.
>
> It also means no one but you can implement it.
That's not true. Free software developers have reverse-engineered
several proprietary protocols and written compatible free
implementations. One prominent example is Samba, a free implementation
of Microsoft's proprietary file sharing protocol SMB.
Of course a public standard protocol is always preferable. I
reverse-engineered a protocol myself once. I was given a sample dump of
the communication between two programs, and wrote a filter that could
be inserted between them to modify the messages in transit. My code had
a lot of conditionals to allow for all the variation I saw in the dump.
A couple years later, when I got to see some source code, it turned out
that my code was unnecessarily complex. It allowed for combinations
that would never occur. So a protocol specification is better but
reverse-engineering is also possible when there is no specification.
Eavesdropping doesn't even require a complete protocol implementation.
It will certainly not be hard for spies to get the sensitive data out
of a simple but undocumented file transfer protocol, even if there are
some protocol details that they haven't quite figured out.
Björn Persson
next prev parent reply other threads:[~2013-08-08 9:14 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-08-05 12:41 library/binding for sftp? Stephen Leake
2013-08-05 15:18 ` Dmitry A. Kazakov
2013-08-06 6:24 ` Stephen Leake
2013-08-06 6:54 ` Dmitry A. Kazakov
2013-08-07 10:06 ` Stephen Leake
2013-08-07 13:04 ` Dmitry A. Kazakov
2013-08-07 17:15 ` Simon Clubley
2013-08-07 19:57 ` Dmitry A. Kazakov
2013-08-07 20:09 ` Alan Jump
2013-08-07 20:26 ` Dmitry A. Kazakov
2013-08-07 20:32 ` Alan Jump
2013-08-08 9:14 ` Björn Persson [this message]
2013-08-08 9:49 ` Dmitry A. Kazakov
2013-08-08 11:37 ` Björn Persson
2013-08-08 19:18 ` Randy Brukardt
2013-08-08 20:03 ` Alan Jump
2013-08-09 9:19 ` Björn Persson
2013-08-09 20:21 ` Randy Brukardt
2013-08-09 8:49 ` Björn Persson
2013-08-09 20:12 ` Randy Brukardt
2013-08-19 17:26 ` Stefan.Lucks
2013-08-19 18:15 ` AdaMagica
2013-08-19 22:45 ` Randy Brukardt
2013-08-19 23:15 ` Randy Brukardt
2013-08-20 6:43 ` Georg Bauhaus
2013-09-13 9:58 ` Oliver Kleinke
2013-09-13 21:12 ` Georg Bauhaus
2013-08-20 8:14 ` Stefan.Lucks
2013-08-20 20:59 ` Randy Brukardt
2013-08-21 7:27 ` Stefan.Lucks
2013-08-21 16:46 ` Alan Jump
2013-08-22 5:53 ` Per Sandberg
2013-08-26 21:21 ` Randy Brukardt
2013-08-24 8:06 ` David Thompson
2013-08-24 11:26 ` Stefan.Lucks
2013-08-07 21:46 ` Dennis Lee Bieber
2013-08-07 17:44 ` Björn Persson
2013-08-05 18:40 ` Jeffrey Carter
2013-08-06 6:26 ` Stephen Leake
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox