[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Network security manager
From: |
Ted Zlatanov |
Subject: |
Re: Network security manager |
Date: |
Tue, 18 Nov 2014 10:19:02 -0500 |
User-agent: |
Gnus/5.130012 (Ma Gnus v0.12) Emacs/25.0.50 (gnu/linux) |
On Tue, 18 Nov 2014 00:26:17 +0100 Lars Magne Ingebrigtsen <address@hidden>
wrote:
LMI> There's one slight privacy leak in the security manager. To keep track
LMI> of STARTTLS man-in-the-middle downgrades, nsm needs to store data on all
LMI> STARTTLS connections you've made. A wily hacker (I mean, the NSA) could
LMI> use this file to determine what servers you've been talking to.
LMI> The ~/.emacs.d/network-security.data will have things like
LMI> (:id "sha1:ac7feb949147490ee549b5b6c3ae7edd929ea335" :fingerprint
"sha1:c0:ec:2f:01:6c:ff:4a:43:c1:a7:c7:83:4b:48:0b:3a:c5:4e:90:f9")
LMI> it it, where the :id is the sha1 of "host:port", and the latter is the
LMI> fingerprint of the certificate.
LMI> The wily hacker (I mean, the NSA) wouldn't find it easy to get a list of
LMI> the servers (because they would have to check all servers/port names in
LMI> existence), but they could use it to check for specific servers.
You could name the file `~/.emacs.d/network-security.gpg' by default :)
Ted
- Re: Network security manager, (continued)
- Re: Network security manager, Kelvin White, 2014/11/17
- Re: Network security manager, Kelvin White, 2014/11/17
- Re: Network security manager, Lars Magne Ingebrigtsen, 2014/11/17
- Re: Network security manager, Rob Browning, 2014/11/17
- Re: Network security manager, Óscar Fuentes, 2014/11/17
- Re: Network security manager, Sebastien Vauban, 2014/11/18
- Re: Network security manager, Óscar Fuentes, 2014/11/18
- Re: Network security manager, Lars Magne Ingebrigtsen, 2014/11/17
- Re: Network security manager, Lars Magne Ingebrigtsen, 2014/11/17
- Re: Network security manager, Lars Magne Ingebrigtsen, 2014/11/17
- Re: Network security manager,
Ted Zlatanov <=
- Re: Network security manager, Lars Magne Ingebrigtsen, 2014/11/17
- Re: Network security manager, Lars Magne Ingebrigtsen, 2014/11/18
- Re: Network security manager, Rasmus, 2014/11/18
- Re: Network security manager, Lars Magne Ingebrigtsen, 2014/11/18
- Re: Network security manager, Achim Gratz, 2014/11/18
- Re: Network security manager, Lars Magne Ingebrigtsen, 2014/11/18
- Re: Network security manager, Tassilo Horn, 2014/11/18
- Re: Network security manager, Lars Magne Ingebrigtsen, 2014/11/18
- Re: Network security manager, Tassilo Horn, 2014/11/18
- Re: Network security manager, Ted Zlatanov, 2014/11/18