Re: [Trisquel-users] What you think of LibreSSL?
20151113xiaodaige moncler jackets supra shoes uggs outlet louis vuitton handbags outlet nfl jersey wholesale hermes birkin bag hermes outlet store babyliss flat iron giuseppe zanotti outlet barbour jackets coach outlet store ysl outlet tiffany and co coach handbags outlet pandora outlet moncler outlet store louis vuitton handbags outlet marc jacobs kobe shoes pittsburgh steelers gucci,borse gucci,gucci sito ufficiale,gucci outlet cyber monday deals ugg boots nike air huarache the north face outlet mbt shoes outlet michael kors handbags soccer jerseys wholesale tory burch outlet online cheap jordan shoes michael kors outlet michael kors outlet herve leger dresses fred perry polo shirts michael kors outlet sale nike air huarache hollister canada ugg boots lululemon pants longchamp handbags outlet nfl jerseys philadelphia eagles boston celtics swarovski outlet tiffany outlet ferragamo outlet michael kors outlet cheap wedding dresses north face outlet green bay packers prada outlet online mizuno running shoes new york jets roshe run men michael kors outlet online true religion jeans air max 90 chicago bulls polo shirts ugg outlet michael kors handbags converse shoes michael kors handbags fitflop sale cheap nike shoes rolex watches,rolex,watches for men,watches for women,omega watches,replica watches,rolex watches for sale,rolex replica,rolex watch,cartier watches,rolex submariner,fake rolex,rolex replica watches,replica rolex nike trainers asics,asics israel,asics shoes,asics running shoes,asics israel,asics gel,asics running,asics gel nimbus,asics gel kayano mulberry uk ray ban outlet hollister clothing uggs outlet ray ban,rayban,occhiali ray ban,ray-ban,ray ban occhiali,ray ban sunglasses ugg boots karen millen uk oakley sunglasses cheap football shirts barbour jackets ray ban sunglasses cleveland cavaliers chicago bears lebron shoes cheap uggs wedding dresses uk ray-ban sunglasses ugg clearance lacoste shirts swarovski crystal oakland raiders louis vuitton bags cheap coach outlet online nike running shoes oakley,occhiali oakley,oakley italia,oakley occhiali,oakley sunglasses nhl jerseys cheap ugg boots north face jackets nike foamposite michael kors outlet ugg outlet store kansas city chiefs mcm backpack instyler ionic styler tods outlet kobe 9 vans shoes michael kors outlet chanel handbags outlet lebron shoes ralph lauren,polo ralph lauren,ralph lauren outlet,ralph lauren italia,ralph lauren sito ufficiale canada goose outlet oakley sunglasses louis vuitton outlet store air force 1 shoes tory burch outlet online louis vuitton,borse louis vuitton,louis vuitton sito ufficiale,louis vuitton outlet nike air max new york knicks north face outlet canada goose outlet ghd uk swarovski crystal hermes belt for sale uggs outlet cheap soccer jerseys thomas sabo outlet louis vuitton outlet online air jordan shoes for sale michael kors outlet miami heat atlanta falcons oakley sunglasses wholesale woolrich outlet store ugg boots clearance,ugg australia,uggs on sale,ugg slippers,uggs boots,uggs outlet,ugg boots,ugg,uggs salomon shoes black friday 2015 north face outlet store air max shoes san francisco 49ers oakley sunglasses timberland shoes replica handbags,replica handbags outlet,cheap handbags,purses and handbags,wholesale replica handbags,replica bags,bags outlet,replica handbags wholesale,cheap purses,discount handbags,handbags sale,wholesale purses,handbags and purses,replica purses the north face outlet michael kors uk discount ugg boots winter jackets michael kors outlet parajumpers outlet indianapolis colts true religion jeans outlet new york giants oakley sunglasses wholesale ray-ban sunglasses baltimore ravens true religion outlet arizona cardinals ugg outlet oakley canada toms outlet store canada goose coats michael kors outlet online canada goose jackets mont blanc pens coach outlet store winter coats air jordan 11 abercrombie and fitch mac cosmetics denver broncos christian louboutin shoes coach outlet store louis vuitton handbags rolex watches,rolex watches,swiss watches,watches for men,watches for women,omega watches,replica watches,rolex watches for sale,rolex replica,rolex watch,cartier watches,rolex submariner,fake rolex,rolex replica watches,replica rolex air jordan 13 golden state warriors snow boots nike roshe michael kors factory store los angeles clippers michael kors handbags sale pandora outlet michael kors handbags clearance prada outlet louis vuitton outlet store mlb jerseys nike mercurial puma outlet ray ban outlet camisetas futbol baratas moncler outlet lacoste pas cher designer handbags,handbags outlet,cheap handbags,purses and handbags,wholesale handbags,designer bags,bags outlet,handbags wholesale,cheap purses,discount handbags,handbags sale,wholesale purses,handbags and purses,designer purses michael kors outlet online beats by dre swarovski crystal abercrombie and fitch oakley outlet store ralph lauren outlet coach outlet air max 2014 dallas
Re: [Trisquel-users] What you think of LibreSSL?
UNIX philosophy = KISS
Re: [Trisquel-users] What you think of LibreSSL?
Thanks for those links. It seems to me that this is all a big mess, and only time will solve anything... people are trying to do things in one way and another, but computers are so complicated that you always end up fucking up somehow... Maybe the LibreSSL is a good approach, but it does seem like a alpha project.
Re: [Trisquel-users] What you think of LibreSSL?
I know this has been subject of many debates since the news came out, and while the situation might not be as bad as it seems, I do remember without a doubt that Jacob Applebaum (one of the journalists that is helping releasing the NSA documents and therefore has access to most information) said in a speech that yes, SSH has been made insecure. Still, I am more interested in the LibreSSL project right now.
Re: [Trisquel-users] What you think of LibreSSL?
Being stripped down could be a good thing... since that would make the code easier to maintain and audit when necessary. Not that I think the GNU/Linux distros out there will start using it, BSD distros might. I like the idea of KISS software :)
Re: [Trisquel-users] What you think of LibreSSL?
Only a few days old, OpenSSL fork LibreSSL is declared “unsafe for Linux” I'm not an expert but testing a software program, before is release is essential in my books. Openssl nor libressl has not been tested sufficiently to me. So Ill stay away from it! Follow the links and read the articles. http://arstechnica.com/security/2014/07/only-a-few-days-old-openssl-fork-libressl-is-declared-unsafe-for-linux OpenSSL code beyond repair, claims creator of “LibreSSL” fork http://arstechnica.com/information-technology/2014/04/openssl-code-beyond-repair-claims-creator-of-libressl-fork/
Re: [Trisquel-users] What you think of LibreSSL?
You're thinking about this I reckon: https://media.ccc.de/browse/congress/2014/31c3_-_6258_-_en_-_saal_1_-_201412282030_-_reconstructing_narratives_-_jacob_-_laura_poitras/download.html He does say that there have been SSH sessions cracked, but that doesn't mean SSH in itself is insecure every time you use it. It still could've been mitm, or just insecure settings (SSH has different protocol versions, many different ciphers that can be used etc. of course some of them aren't secure). I think you can use SSH in a secure way, but you have to make sure you're using the latest version on both of your machines and that you configure it in a secure fashion, for example this guide seems to give reasonable advice from what I can tell: https://stribika.github.io/2015/01/04/secure-secure-shell.html
Re: [Trisquel-users] What you think of LibreSSL?
gnuser: What are your thoughts on this, should we start using LibreSSL, after all the s*** that has been going on with OpenSSL? I don't know if the APIs for LibreSSL are the same for OpenSSL but modifying programs to use the former could be a big job and ideally would be done by upstream maintainers. From what I've heard LibreSSL is a much more stripped down version of OpenSSL. The OpenSSL project has received more contributions and resources to continue since the event so the reason for LibreSSL isn't as much as it was before. I think it sounds like a good project though. Andrew
Re: [Trisquel-users] What you think of LibreSSL?
I am in a hurry right now, sorry for the short reply. A quick websearch revealed these links: https://www.techdirt.com/articles/20141229/06331329532/how-nsa-works-hard-to-break-encryption-any-way-it-can.shtml http://www.spiegel.de/international/germany/inside-the-nsa-s-war-on-internet-security-a-1010361.html https://hamish.gate.ac.uk/posts/2015/01/14/has-nsa-cracked-ssh/ Like I said, those comments are from memory (stuff I have read and heard online over the last couple months). I will try to document it better later. I will try to find the OpenBSD references too.
[Trisquel-users] What you think of LibreSSL?
I didn't know of this, but apparently OpenSSL has been forked by the OpenBSD team into LibreSSL. Has been so for some time now, I just didn't know of it yet. Their goal is apparently to make it more secure by making the code easier to review by everyone. Modernizing the code, they say. What are your thoughts on this, should we start using LibreSSL, after all the s*** that has been going on with OpenSSL?
Re: [Trisquel-users] What you think of LibreSSL?
Also, found this link http://www.openbsd.org/papers/eurobsdcon2014-libressl.html
Re: [Trisquel-users] What you think of LibreSSL?
Well, you're asking some very good Questions ! Although I don't know answers to them...I wasn't aware that OpenSSH keys may be broken, but then Jacob Applebaum is somebody I would trust. As to Theo de Raadt not providing the results of an independent review - that really does surprise me and makes me curious as to why ? I will see what I can find... LibertyBSD is still moving forward: http://www.libertybsd.net/ and 'alimiracle' from the Trisquel Forums seems to be doing a lot of work on the ports tree ! Haven't tried it though, however they give some very interesting reasons as to why OpenBSD may not be as transparent:(quote) OpenBSD ships with several pieces of non-free, binary only firmware in the base system, and depending on the hardware detected, by default a script will download more at first boot, without informing the user of this.(end quote). Also just found this concerning OpenSSL: http://www.theregister.co.uk/2015/07/06/awoogah_get_ready_to_patch_severe_bug_in_openssl_this_thursday/ Someone has already complained that this severe Bug does not have a name or logo like heartbleed :)
Re: [Trisquel-users] What you think of LibreSSL?
most definately ! The OpenBSD team are well known for transparent auditing of their source code, also for the way they integrate security into an Operating System. I'd say LibreSSL would be as welcome as OpenSSH (also by the OpenBSD team).
Re: [Trisquel-users] What you think of LibreSSL?
I am speaking from memory here but I think Jacob Appelbaum said in a speech that SSH keys were broken and the NSA had made it not secure... Does that apply to OpenSSH? As for the transparent audit, I think (again from memory) that Theo de Radt (the main guy behind OpenBSD) had refused to provide the results of an independent review of OpenBSD code... Do you think it would apply to all the guys behind OpenBSD? I think it is a really good project, don't get me wrong, it's just that OpenBSD has rubbed me off in some strange ways in the past... So I'm asking around for other people's thoughts on this :) Though I would really love to use OpenBSD if it was made of free software only (I think someone posted here about a LIberty BSD or something, don't know what really came off that).
Re: [Trisquel-users] What you think of LibreSSL?
sounds like a rely good project