[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Freedombox-discuss] [James Vasile] tinc rollout and fbox

To: [email protected]
Subject: [Freedombox-discuss] [James Vasile] tinc rollout and fbox
From: [email protected] (Eugen Leitl)
Date: Sun, 11 Aug 2013 19:26:59 +0200

----- Forwarded message from Sandy Harris <[email protected]> -----

Date: Sat, 10 Aug 2013 15:37:06 -0400
From: Sandy Harris <[email protected]>
To: freedombox list <[email protected]>
Subject: Re: [Freedombox-discuss] [James Vasile] tinc rollout and fbox

Nick Daly <[email protected]> wrote:

> There's been some recent work on Tinc that I'm really excited about.
> ...

> Poke at it, let me know what you think.

Their docs include this paragraph:

" On the 15th of September 2003, Peter Gutmann posted a security
analysis of tinc 1.0.1. He argues that the 32 bit sequence number used
by tinc is not a good IV, that tincâ??s default length of 4 bytes for
the MAC is too short, and he doesnâ??t like tincâ??s use of RSA during
authentication. We do not know of a security hole in this version of
tinc, but tincâ??s security is not as strong as TLS or IPsec. We will
address these issues in tinc 2.0.

Gutmann is a well-known and respected expert. His best-known
paper was one back in the 90s on reading "erased" disk drives
and what bit patterns it took to block that. Most "secure erase"
utilities around use those suggestions (even though current
drives are quite different, so those may be inappropriate now).
He has done /a lot/ of other stuff as well.

The current Tinc release is 1.0.21

My reading of that is that Tinc has known problems and
they probably will not be fixed soon. To me, that means
it is not ready for serious consideration as a component
for FreedomBox.

_______________________________________________
Freedombox-discuss mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org";>leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5

Prev by Date: Moonlet
Next by Date: Moonlet
Previous by thread: DIY Spy Germicide
Next by thread: <nettime> Adam Curtis: BUGGER
Index(es):
- Date
- Thread