[Info-vax] FTP FYI

Stephen Hoffman seaohveh at hoffmanlabs.invalid
Wed Nov 25 15:35:07 EST 2020 

On 2020-11-25 19:55:33 +0000, Dave Froble said:

> On 11/25/2020 11:24 AM, Stephen Hoffman wrote:
>> On 2020-11-25 14:46:00 +0000, Dave Froble said:
>> 
>>> Perhaps we should be a bit more focused on the issue?
>>> 
>>> From what I was reading, the issue was catching data corruptions, not 
>>> security.  Isn't it sort of silly to introduce security into another 
>>> issue?  A checksum either works, or it doesn't.  If it works, doesn't 
>>> that solve the potential issue?
>>> 
>>> Or maybe I don't understand the issue ...
>> 
>> OpenVMS is "the most secure operating system on the planet" 🤣, which 
>> means that vendor and third-party developers have thought about both 
>> non-malicious corruptions and about actively-malicious corruptions, 
>> right?
>> 
>> Same applies for the default choice for random-number generation: use a 
>> cryptographically secure random number generator, absent very specific 
>> reasons to use a lesser generator. Or a lesser message digest hash.
>> 
>> Or somewhat more succinctly, choose and use and offer and work toward 
>> secure defaults, absent specific reasons not to.
>> 
>> We are all working toward actually living up to that "the most secure 
>> operating system on the planet" claim, right?
> 
> Actually, no.
> 
> Why, because security is so much more than an OS, or any other single thing.
> 
> I find it irritating when security is not the topic, that some feel 
> that they have to introduce it into a topic, where it is not an issue.
> 
> If it ain't broke, don't fix it ...
> 
> YMMV


We should all have bad checksums, bad defaults, bad designs, bad APIs, 
and bad documentation, right?

telnet, FTP, DECnet, AUTODIN-2 CRC32, MD5, that was good enough for our 
ancestors, so it's good enough for us, right?

Do I like that we're increasingly forced to choose insecurity or to 
update our app code? No.  I've commented around frameworks to help 
incrementally isolate some of that, as have others.

But change is the development world that we're increasingly all 
residing within. With the occasional breaking changes and/or source 
code changes, yes.

And awful defaults and sentiments including "you should have known 
better than to use the defaults" don't help our app development and 
maintenance efforts.

Put differently... If the data here is important enough, then MD5 and 
AUTODIN-2 CRC32 and ilk are broken.

And if the data is not important, the defaults should still be reliable 
and robust.




-- 
Pure Personal Opinion | HoffmanLabs LLC

More information about the Info-vax mailing list