On 12/26/2011 09:45 PM, Timothy Murphy wrote:
> 夜神 岩男 wrote:
>
>
>> The hard part is developing an initial understanding of how certificates
>> are interpreted and managed -- and where insecurity in the system can
>> arise. Key and certificate management is, in fact, the hardest part of
>> staying cryptographically secure at the present time. Unfortunately this
>> seems to be too much trouble for most large system administrators, even
>> at enormously connected places like universities, so it just gets
>> ignored and MitM attacks are more commonplace than most people realise.
>> The effects of such are generally minimal enough that most people don't
>> even know they've been snooped, however, which is a testament to how
>> unimportant most of our private data/lives really are anyway.
>
> Thanks again for your lucid explanation.
>
> I do feel there is a serious lack of what I would call "low-level"
> documentation in RedHat/CentOS/Fedora on authentication.
There is a lack, in a grand sense, but a lot of it is considered
non-OS-specific specialist knowledge and is covered in other places
thoroughly. To that end the Fedora and RedHat docs tend to include
extensive references to security texts elsewhere. Understanding Kerberos
and TLS, for example, requires at least a lay understanding of both
public key and symmetric key encryption, and how those structures can be
combined to make such encryption sub-systems work. Explaining those
things is beyond the scope of the Fedora/RH docs, but the references to
Kerberos docs, and the Kerberos references to general encryption docs do
cover the subject in detail -- but most people (even system operators)
tend to not follow the chain of references nearly so far as to learn all
that. (Instead they get the 4-day "certification" version for "...the
low, low seminar-only price of just $4,300! Come on today, bring a
friend for a $1,000 cash back voucher! Impress your manager and totally
snow government contract hiring departments into thinking you know your
stuff!")
> On your last point, I do agree that many people seem to elevate
> their personal security to an absurd level,
> as though there are people in China who are desperate to find out
> their "secrets".
> Apart from credit card and bank account details
> I don't think most of us have anything of interest to declare.
Generally, no. Besides, finding a single person in all the mess is
itself another mess -- which is why it happens a lot less than people
fear. On the other hand the principle is what is important here. I don't
want you reading mail between me and my mother. Why? No real reason. But
just because its my life, not yours.
Of course, if we really cared about that we'd go back to remebering that
http is a broadcast, deliberately insecure protocol and can't be made
secure via redirects. Period. And then maybe we'd suddenly remember that
the "web" was never intended to be an applications development
environment as much as it naturally *is* a massively linked bulletin
system... and maybe we'd even remember that World of Warcraft is, in
very real terms, cloud computing... blah blah blah. There are many
places the current market is way off base today. And that's not going to
change anytime soon...
> Speaking of China, I do find that according to logwatch/shorewall
> the majority of people trying to enter my system
> seem to live in that country.
> Maybe it is just that there are so many of them?
> Or are chinese naturally more inquisitive?
No, the Chinese really do have a massive, concerted government cracking
program to crack literally everything. They conduct what is known as
mosaic intelligence, where no collected piece is considered individually
important and targeted intelligence is considered infeasable, but enough
non-sensitive data collected in a wide enough arc can be assembled in
such a way as to predict whatever the really sensitive data should be.
And this is workable with a program as large as theirs.
This used to be a specific area of speciality/concern for me for
professional reasons (more on the human collection side, not signal
collections, though) and it really is a concern. But it is a general
threat, not a specific one, and doesn't generally need to alarm an
individual as much as it should alarm large organizations and governments.
Blah blah. This is getting pretty OT, so I'll end this chain of thought
here.
Back on your email question...
I did push some requests around your school server our of curiosity, and
the -ssh option alone works but does give a warning ("this is
certificate is worthless, but I'm continuing anyway" sort of message).
If you get a chance or even can it might be a good thing to talk to the
admin about that -- he might not even know the situation, perhaps not
being the one who set things up to begin with.