- To: slug@xxxxxxxxxxx
- Subject: Re: [SLUG] ssh certificate logins
- From: Daniel Pittman <daniel@xxxxxxxxxxxx>
- Date: Sun, 12 Oct 2008 11:07:47 +1100
- Organization: I know I put it down here, somewhere.
- User-agent: Gnus/5.110006 (No Gnus v0.6) Emacs/23.0.60 (gnu/linux)
"Brian Sydney Jathanna" <briansydney@xxxxxxxxx> writes:
> I don't know what makes you flame so hard with a simple suggestion of
I am not, by the traditional meaning of the term, "flaming" you here,
though I will grant you that I am not working hard to be being
especially nice about it.
Because this /is/ important, let me explain why:
> I've tested PortKnock, I like it and I feel comfortable with it.
Great. The problem is that while you like it, and feel comfortable with
it, you don't really /understand/ it, especially not in the bigger
picture of security, do you?
Port Knocking is complicated, but it isn't any more secure than a wide
range of alternatives, including the CGI option I mentioned -- in my
One of the consistent lessons in security is that complexity is an
invitation to failure -- you are more secure with the simplest solution
that works, and adding complexity often *reduces* the protection you get.
On the other hand, the reason that I asked you to define how it was more
secure, or to detail how it protected from threats, was to give you a
chance to prove my assumptions wrong.
Perhaps you /had/ thought about and understood the wider security
picture, or perhaps you could cite something other than personal feeling
as a basis for believing that Port Knocking was a secure option.
What you are advocating is that someone else *feel* secure without
This is like advising them to put a magic crystal on their dashboard and
forget about seatbelts -- it works just fine, until it actually matters,
at which point it turns out to have added no value at all.
> Since Phill had asked an open question for alternative approaches to
> secure his network, I made a simple suggestion.
> I don't know why you take it so personally to prove your point better
> than mine and start an all out war with it, or is it the technical
> supremacy ego that kicks in at times...
This isn't about winning -- I have nothing to gain from beating you,
personally, or being more "right" here.
If this was just a "matter of opinion" question, like the best
distribution, or which text editor to use, and we disagreed like this I
would shrug and accept that -- each person is different and all that.
> Mate, we all don't know everything, but we're here to learn and share
> with others... I'm sure you have more knowledge and experience than
> me and I respect you for that. And I'm sure your CGI script or some
> other approach would do the trick just fine, but what I learnt along
> the way I thought of sharing in this space.... am I wrong for it, you
> be the judge.
I hope that the explanation above helps explain why I am reluctant to
let this go -- why I have been asking you to explain why you are
correct, even if I don't believe you.
Finally, a large part of the problem is not my views -- I know that
I have done enough in the security area to keep my systems secure, and
to tell the difference between snake oil and security, most of the time.
What I worry about are the people out there who don't have that
experience, but see you advocating something that will leave them at
risk -- and follow through, then end up burned by it.
To me, this is like airport security: I am all in favour of securing air
travel. I am not in favour of doing things that make people *feel*
secure without actually doing a damn thing.