From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=unavailable autolearn_force=no version=3.4.4 Path: eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!news.eternal-september.org!news.eternal-september.org!news.eternal-september.org!feeder.eternal-september.org!news.swapon.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail From: =?UTF-8?B?QmrDtnJu?= Persson Newsgroups: comp.lang.ada Subject: Re: library/binding for sftp? Date: Fri, 9 Aug 2013 10:49:04 +0200 Message-ID: <20130809104904.6ca91de2@hactar.xn--rombobjrn-67a.se> References: <85li4gmhrt.fsf@stephe-leake.org> <2wgl8bcmdsu0$.1rs1604fzwufv.dlg@40tude.net> <85vc3jfias.fsf@stephe-leake.org> <1gwg87tgm2bo7$.ae7440ka6kmc.dlg@40tude.net> <85bo59g6h7.fsf@stephe-leake.org> <5987935c-dbce-4602-b0e6-2bb85513588b@googlegroups.com> <9oo34px7j5ko$.1j7bcnxwzgcxe.dlg@40tude.net> <20130808111404.5fc6ce14@hactar.xn--rombobjrn-67a.se> <1nfcrgjw8vkrb.1aukq12ys882l$.dlg@40tude.net> <20130808133709.09dfef98@hactar.xn--rombobjrn-67a.se> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Trace: individual.net TLly7Q5PLe2rJFm5nZSwbgPzC4Clq7k30q66ERKx/KNN4pSxhB Cancel-Lock: sha1:OEZVXGmTDmmIFWDAigAJh7jBlt0= X-Newsreader: Claws Mail 3.9.0 (GTK+ 2.24.13; x86_64-redhat-linux-gnu) Xref: news.eternal-september.org comp.lang.ada:16710 Date: 2013-08-09T10:49:04+02:00 List-Id: Randy Brukardt wrote: > "Bj=C3=B6rn Persson" wrote in message=20 > news:20130808133709.09dfef98@hactar.xn--rombobjrn-67a.se... > Dmitry A. Kazakov wrote: > >> Firstly, there is no protection against targeted attack. Secondly, > >> regarding spies, they aren't any good in programming. Obscuring is > >> the best method against unfocused surveillance which works only > >> with known protocols. > > > >Four false statements in a row. >=20 > There are only three here, Three sentences, but I see two statements in the third sentence. > >Dmitry isn't going to change his mind so I won't debate this with him > >further, but to everybody else: Don't listen to Dmitry. He doesn't > >understand basic information security and is giving dangerous advice. >=20 > Then you better debate it with me, because at least part of Dmitry's > advice matches what I would give. >=20 > Everything I read about security says that there is "no practical > defense against a determined attacker". That's a bit more nuanced > than Dmitry's statement, but it's repeated all of the time by the > security experts I read. You might be able to stop such an attack by > unplugging all of your internet connections and shutting down all of > your computers, but even that isn't certain. And who can do that for > long? Let's try to remember the context now. I may have pruned my previous post too much, so I'll repeat the statement that Dmitry replied to: | It will certainly not be hard for spies to get the sensitive data out | of a simple but undocumented file transfer protocol, even if there are | some protocol details that they haven't quite figured out. The context was file transfer protocols and Dmitry was arguing that "just open a socket and send whatever you want over it" would somehow be more secure than SFTP. I read all of Dmitry's statements in that context and understood "targeted attack" to mean an attack on a file transfer protocol. It is not true that there is nothing you can do to protect a file transfer protocol. One-time pad encryption is one form of protection that exists. It's mathematically proven to be unbreakable if it's done right, but has some drawbacks that make it impractical in many cases. There are also several more practical encryption algorithms (that for example SFTP uses) that none of the cryptologists who work openly have been able to break so far, which shows that they are at least very difficult to break. Those haven't been mathematically proven, but it's wrong to dismiss them as "no protection". But it's possible that I misunderstood that statement and your interpretation is closer to what Dmitry meant. His statement still isn't literally true. It's true that there is no *totally secure* defense against a determined attacker *with sufficient resources*, but that's not the same as there being "no protection" at all. You can have various degrees of protection, just not total protection. Anyway I don't see how this is an argument against SFTP. You wouldn't be able to fend off a squad of paratroopers coming to take your disk, so don't bother to authenticate your file transfers? That's just silly. > And Dmitry's point about spies (like the NSA) using "known protocols" > is certainly true. They are much less likely to generally monitor > what they don't know about. Of course, if they are targetting you > directly, see statement 1. Of course spies use knowledge of protocols to assemble packets into messages and conversations. They'd be stupid if they didn't, and now that Edward Snowden has told us about Xkeyscore we know that at least the NSA does. It is however na=C3=AFve to assume that they spy *only* on selected "known" protocols. If I were in charge of a surveillance agency I would make sure to scan even unknown protocols for selected keywords, and to have unknown protocols analyzed to turn them into known protocols. I would also map out who communicates with whom regardless of protocols, and watch for changes in traffic patterns, for example traffic surges indicating that something has happened. I don't have any proof that surveillance agencies around the world actually do those things, but they'd be stupid if they didn't. Snowden might know, if you can reach him to ask. The simplistic "just connect to a socket" protocol doesn't even qualify as an unknown protocol by the way. It's the data channel of FTP, just (probably) on another port. I'll finish by returning to the beginning of your message where you said: > at least part of Dmitry's advice matches what I would give. Not every statement is advice. Dmitry's actual advice was, paraphrased: "Don't bother with encryption. Invent a proprietary protocol where you send everything in the clear. That will protect your secrets better than any encryption. Don't bother with authentication. Nobody will figure out how to connect with your proprietary protocol, so you can assume that all connections are legitimate." That's the advice that I'm calling dangerous. Does that match the advice you would give? Bj=C3=B6rn Persson