Back to Top

Tuesday, August 07, 2007

Hack the Gibson #92

Read the reason for these posts. Read Steve Gibson's response.

The podcast kicks off again with a SpinRite story with no mention about the importance of backups and changing the failing drives, but I digress.

Steve says:

Now, you could be running through multiple layers onion routing, or any other kind of proxy server. So that’s an issue. Although, if it’s a secure connection, as we assume it would be, an SSL connection, that cannot be routed through onions because you need to have a matching certificate from the far end.

which is not entirely true if you use something like Tor. Tor acts actually a SOCKS proxy, not a HTTP proxy, which means that it doesn't try to interpret / modify the contents of the IP packets, aside from the source and destination address. Because SSL/TLS is one layer up in the connectivity chain, it has absolute no influence on it, aside from the fact that the remote host will see a different source IP address.

They again talk about software/hardware firewalls and and actually bring up some valid points, however Steve's comment I’m taking the gamble of being really careful that nothing evil gets in because my whole theory is, once that happens, it’s over anyway. I mean, it’s too late. fails to realize the need for layered security and assumes that there is something like a perfectly safe computer system or a behavior which ensures perfect safety. This is very dangerous, because how can he assure for example that there is no remotely exploitable vulnerability in the firewalls of the systems he directly connects to the Internet? Remember, that all the remote code executions vulnerabilities which became public in Windows XP were probably there for 6 years or so (since its launch), no one can guarantee that they were not independently discovered and exploited. So, again you can't have perfect security and probably most people would prefer to at least know if they got compromised.


Post a Comment

You can use some HTML tags, such as <b>, <i>, <a>. Comments are moderated, so there will be a delay until the comment appears. However if you comment, I follow.