Subject: Re: ssh, /dev/urandom - msg#00219

Previous Message by Date: click to view message preview

Re: ssh, /dev/urandom

On Thu, 2002-12-19 at 14:52, Thomas Bushnell, BSG wrote: > "Alfred M. Szmidt" <ams@xxxxxxxxxxx> writes: > > > > Why do I feel like repeating this old mantra: Bad security is worse > > > than no security. > > > > Sez you. Many disagree. Especially for a system in development, with > > already has bad security. > > > > Fine, would you like to work on this? Or do you purpose to worse the > > already bad security? > > Telnet has worse security than even a buggy miserably fake ssh. > > This seems like a case of the best being an enemy of the barely > workable. I'd suggest that this matter might better be addressed off-list, or else identified as something that the two of you are not going to reach a common vision through the mechanism of the mailing list. After 70 posts, a significant block between two of obviously different perspectives, I am doubting that this point is going to be satisfactorily resolved to the concurrence of all parties through this medium at this time. I'd offer that some of this effort might be even better lent to developing possible translators to provide a viable /dev/urandom solution. Just an observation from a former systems programmer who now does mediation work, that is interested in watching the viability of The Hurd and has speculated on concepts of possible future translators... -- Mark L. Kahnt, FLMI/M, ALHC, HIA, AIAA, ACS, MHP ML Kahnt New Markets Consulting Tel: (613) 531-8684 / (613) 539-0935 Email: kahnt@xxxxxxxxxxxxxxxxxxx signature.asc Description: This is a digitally signed message part

Next Message by Date: click to view message preview

Re: ssh, /dev/urandom

On Thu, 2002-12-19 at 17:33, Alfred M. Szmidt wrote: > I'd suggest that this matter might better be addressed off-list, or > else identified as something that the two of you are not going to > reach a common vision through the mechanism of the mailing list. > > We came to a conclusion that I think everyone agrees with, and there > is nothing off-topic here. It is a discussion about how to solve a > problem that concerns Debian GNU/Hurd and the Hurd. At the point of my interjection, discussion had drifted toward personal cognitive ability rather than system design and code implementation, which would tend to be off-topic. I see that later in the thread, interjections finally steered things to a more constructive analysis of needs. > > I'd offer that some of this effort might be even better lent to > developing possible translators to provide a viable /dev/urandom > solution. > > Nothing about providing viable /dev/urandom solution (it already > exists), we need an driver that provides random entropy. Would you > like to work on this? If my number theory was stronger, and I was more familiar with the related code, I would be rather tempted, but my programming background leans far more to compilers and API definitions, translations and interfaces, as well as user interfaces. You don't usually want your compilers introducing too much entropy into the code they produce. -- Mark L. Kahnt, FLMI/M, ALHC, HIA, AIAA, ACS, MHP ML Kahnt New Markets Consulting Tel: (613) 531-8684 / (613) 539-0935 Email: kahnt@xxxxxxxxxxxxxxxxxxx signature.asc Description: This is a digitally signed message part

Previous Message by Thread: click to view message preview

Re: ssh, /dev/urandom

On Thu, 2002-12-19 at 14:52, Thomas Bushnell, BSG wrote: > "Alfred M. Szmidt" <ams@xxxxxxxxxxx> writes: > > > > Why do I feel like repeating this old mantra: Bad security is worse > > > than no security. > > > > Sez you. Many disagree. Especially for a system in development, with > > already has bad security. > > > > Fine, would you like to work on this? Or do you purpose to worse the > > already bad security? > > Telnet has worse security than even a buggy miserably fake ssh. > > This seems like a case of the best being an enemy of the barely > workable. I'd suggest that this matter might better be addressed off-list, or else identified as something that the two of you are not going to reach a common vision through the mechanism of the mailing list. After 70 posts, a significant block between two of obviously different perspectives, I am doubting that this point is going to be satisfactorily resolved to the concurrence of all parties through this medium at this time. I'd offer that some of this effort might be even better lent to developing possible translators to provide a viable /dev/urandom solution. Just an observation from a former systems programmer who now does mediation work, that is interested in watching the viability of The Hurd and has speculated on concepts of possible future translators... -- Mark L. Kahnt, FLMI/M, ALHC, HIA, AIAA, ACS, MHP ML Kahnt New Markets Consulting Tel: (613) 531-8684 / (613) 539-0935 Email: kahnt@xxxxxxxxxxxxxxxxxxx signature.asc Description: This is a digitally signed message part

Next Message by Thread: click to view message preview

Re: ssh, /dev/urandom

On Thu, 2002-12-19 at 17:33, Alfred M. Szmidt wrote: > I'd suggest that this matter might better be addressed off-list, or > else identified as something that the two of you are not going to > reach a common vision through the mechanism of the mailing list. > > We came to a conclusion that I think everyone agrees with, and there > is nothing off-topic here. It is a discussion about how to solve a > problem that concerns Debian GNU/Hurd and the Hurd. At the point of my interjection, discussion had drifted toward personal cognitive ability rather than system design and code implementation, which would tend to be off-topic. I see that later in the thread, interjections finally steered things to a more constructive analysis of needs. > > I'd offer that some of this effort might be even better lent to > developing possible translators to provide a viable /dev/urandom > solution. > > Nothing about providing viable /dev/urandom solution (it already > exists), we need an driver that provides random entropy. Would you > like to work on this? If my number theory was stronger, and I was more familiar with the related code, I would be rather tempted, but my programming background leans far more to compilers and API definitions, translations and interfaces, as well as user interfaces. You don't usually want your compilers introducing too much entropy into the code they produce. -- Mark L. Kahnt, FLMI/M, ALHC, HIA, AIAA, ACS, MHP ML Kahnt New Markets Consulting Tel: (613) 531-8684 / (613) 539-0935 Email: kahnt@xxxxxxxxxxxxxxxxxxx signature.asc Description: This is a digitally signed message part