Berkeley CSUA MOTD:Entry 10857
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2025/07/08 [General] UID:1000 Activity:popular
7/8     

2003/10/30 [Computer/SW/Security] UID:10857 Activity:nil
10/29   Is there a way to turn off encryption of the data stream in openssh?
        Encryption during the authentication process is fine and good, but
        sometimes I want to transfer files across a fast network on slow
        machines, and the data encryption becomes the bottleneck rather than
        the network. I've check the manpage, but the openssh guys seem a little
        fascist about encryption. Thanks.
        \_ telnet rcp
        \_ weird how a bunch of dudes writing security software would be so
           anal about all that encryption stuff, huh?
           \_ there's anal, then there's too anal.
              \_ go ahead and write your own encryption method and compile it
                 in and just have it not encrypt.  the source is always built
                 with an option to let the user change methods.  use it.
        \_ you can build it yourself with a null cipher, or just live with
           -c arcfour as one of the faster ones.  btw, if you are transfering
           smallish files, tar cf - | ssh tar xf - will gain much more than
           tinkering with ciphers on the crappy scp protocol.
        \_ I would think that part of a secure transmission is ensuring that
           the data stream hasn't been tampered with. If you don't encrypt
           everything, someone could possibly inject bad data.
2025/07/08 [General] UID:1000 Activity:popular
7/8     

You may also be interested in these entries...
2012/8/26-11/7 [Computer/SW/Security] UID:54465 Activity:nil
8/26    Poll: how many of you pub/priv key users: 1) use private keys that
        are not password protected 2) password protect your private keys
        but don't use ssh-agent 3) use ssh-agent:
        1) .
        2) ..
        3) ...
	...
2012/8/7-10/17 [Computer/SW/Security] UID:54455 Activity:nil
8/6     Amazon and Apple have lame security policies:
        http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/all
        "First you call Amazon and tell them you are the account holder, and
         want to add a credit card number to the account. All you need is the
         name on the account, an associated e-mail address, and the billing
         address. "
	...
2012/7/18-8/19 [Health/Men, Computer/SW/Security] UID:54438 Activity:nil
7/18    "Largest penis record holder arouses security suspicions at airport"
        http://www.csua.org/u/x2f (in.news.yahoo.com)
        \_ I often have that same problem.
        \_ I think the headline writer had some fun with that one.
           \_ One time when I glanced over a Yahoo News headline "U.S. busts
              largest-ever identity theft ring" all I saw was "U.S. busts
	...
2012/4/23-6/1 [Computer/SW/WWW/Browsers] UID:54360 Activity:nil
4/19    My Firefox 3.6.28 pops up a Software Update box that reads "Your
        version of Firefox will soon be vulnerable to online attacks."  Are
        they planning to turn off some security feature in my version of
        Firefox?
        \_ Not as such, no, but they're no longer developing this version,
           so if a 3.6.x-targeted hack shows up, you're not going to get
	...
2011/11/8-30 [Computer/SW/Security, Computer/SW/OS/Windows] UID:54218 Activity:nil
11/8    ObM$Sucks
        http://technet.microsoft.com/en-us/security/bulletin/ms11-083
        \_ How is this different from the hundreds of other M$ security
           vulnerabilities that people have been finding?
           \_ "The vulnerability could allow remote code execution if an
               attacker sends a continuous flow of specially crafted UDP
	...
2011/11/11-30 [Computer/SW/Security] UID:54224 Activity:nil
11/11   MacOSX's Sandbox security hole:
        http://preview.tinyurl.com/7ph2wtg [arstechnica]
	...
2011/2/10-19 [Computer/SW/Security] UID:54034 Activity:nil
2/9     http://www.net-security.org/secworld.php?id=10570
        Summary: iPhone passwd storage is unsafe after all
	...