RT @tqbf: Google takes an affirmative step towards finally killing off DNSSEC, deploys MTA-STS. https://security.googleblog.com/2019/04/gmail-making-email-more-secure-with-mta.html …
-
-
I did not think they were *that* closely related. DNSSEC makes sure you're receiving an authentic DNS record, and MTA-STS forces TLS connections in email delivery. So SMTP is safer without the need for DNSSEC. What about all the other protocols?
1 reply 0 retweets 0 likes -
Replying to @Scott_Dayman @jedisct1
What other protocols are you thinking about?
1 reply 0 retweets 0 likes -
SSH, NTP, FTP (eek!)…
1 reply 0 retweets 0 likes -
Replying to @Scott_Dayman @jedisct1
SSH doesn’t depend on the DNS for security; in fact, not depending on the DNS is the entire purpose of SSH (it replaces the DNS-dependent r-commands).
3 replies 0 retweets 0 likes -
Surely the /main/ purpose of SSH over r-commands is that it encrypts the session? it's not like I go use rlogin or rsh when I bypass DNS and go directly to an IP address.
2 replies 0 retweets 0 likes -
The encryption is good and important but at the time (it’s hard to get your head around it today) the big concern was spoofing and that people had “+ +” rhosts files.
2 replies 0 retweets 0 likes -
I dunno, I remember helping with the transition and telnet way outnumbered r-*, and regardless of which tools you used the main concern I heard was "your password and your data can be sniffed" and that's how we sold it.
1 reply 0 retweets 0 likes
I also remember lots of people renting machines in 10 minute increments in net cafés, downloading PuTTy, and TOFU basically being a joke. Still used ssh though.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.