On Friday, August 23, 2013 12:30:31 dragorn wrote:
> Posted this on irc, but:
>
> "Security is hard"
> "Cryptography is harder."
>
> http://secupost.net/2325962497/bitmessage-security
>
> Bitmessage extremely vulnerable and insecure.
Wow. Thanks for the information man. Definitively puts the nail in the
coffin for me concenring this service. [Having closure is a nice thing.]
Concerning email, I've taken to using 'swaks' to check MTAs listed in MX
records for a domain for TLS / ESMTPS being available:
$ dig kismetwireless.net mx +short
25 durandal.kismetwireless.net.
$ swaks --ehlo testing.example.com --server durandal.kismetwireless.net. \
-tls -q TLS
=== Trying durandal.kismetwireless.net.:25...
=== Connected to durandal.kismetwireless.net..
<- 220 durandal.kismetwireless.net ESMTP Postfix (Ubuntu)
-> EHLO testing.example.com
<- 250-durandal.kismetwireless.net
<- 250-PIPELINING
<- 250-SIZE 10240000
<- 250-VRFY
<- 250-ETRN
<- 250-STARTTLS
<- 250-ENHANCEDSTATUSCODES
<- 250-8BITMIME
<- 250 DSN
-> STARTTLS
<- 220 2.0.0 Ready to start TLS
=== TLS started with cipher TLSv1:DHE-RSA-AES256-SHA:256
=== TLS no local certificate set
=== TLS peer DN="/CN=dragorn"
~> QUIT
<~ 221 2.0.0 Bye
=== Connection closed with remote host.
I'm working on a bash script to test all MX records for a domain; the only
thing left to work on is dealing with (and reporting) error conditions.
-- Chris
--
Chris Knadle
[email protected]
_______________________________________________
Mid-Hudson Valley Linux Users Group http://mhvlug.org
http://mhvlug.org/cgi-bin/mailman/listinfo/mhvlug
Upcoming Meetings (6pm - 8pm) Vassar College
Sep 4 - NoSQL and MongoDB
Oct 2 - OpenFlow: Open Standard for Networking Hardware
Nov 6 - November Meeting
