[GTALUG] NAT [was Re: Linux hardening question]

Russell rreiter91 at gmail.com
Mon Jul 3 08:56:03 EDT 2017


On July 2, 2017 11:06:35 AM EDT, James Knott via talk <talk at gtalug.org> wrote:
>On 07/02/2017 11:01 AM, Russell via talk wrote:
>>> And while listing currently lost causes, I really wish we'd gotten
>to
>>> >Opportunistic Encryption.
>> Ok, this made me chuckle. 
>>
>> One of the first questions I typically get when I get into a computer
>discussion with a non techie parent is, "what should my child learn as
>part of the basics"  I always said try a machine assembly language.
>
>I recently watched a show on CNN about how the Russians interfered with
>the U.S. election, including stealing thousands of emails.  If they'd
>just used X.509 encryption, that wouldn't have been an issue.  Every
>modern email app supports it, yet it's generally not used.

It took a lot of highway deaths before car manufacturers were compelled to make seatbelts a standard from the factory. It took another generation and a lot of physical hacks, ie. no start till buckled up, to get people to use them.  

Its open to everyone to generate or use a keysigning authority. 

Perhaps that was the problem with Hillary Clintons use of a home network mailserver? That she signed her own keys privately but then did the governments work using them. This would clearly outside of government and even any reasonable business policy.

Notwithstanding that the least amount of understanding of any network topology is a tool which may be used in formulating an exploit. 

Linking cryptography needs a strong enforcement of objectives and policy.

X.509 is a policy objective; a part of an abstraction which has established a protocol of verification under Standardly Applied Protocols. Everyone ignores standards at their own peril.

In effect, there is truth to the statement that cloud services are more secure. They are generally large enough to have enabled Rapid Response Protocols for such eventualities.

Interact e-transfer was down locally last week. No doubt recent some recent TLS issues are to blame. For economic and security reasons the general public will probably not know whether there was actual financial loss or what network hardware topology has been modified.

>---
>Talk Mailing List
>talk at gtalug.org
>https://gtalug.org/mailman/listinfo/talk


-- 
Russell
Sent by K-9 Mail


More information about the talk mailing list