LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

network-ability Wayland should have: most of those are in xpra

network-ability Wayland should have: most of those are in xpra

Posted Oct 26, 2012 14:17 UTC (Fri) by njs (guest, #40338)
In reply to: network-ability Wayland should have: most of those are in xpra by amtota
Parent article: Wayland and Weston 0.99.0 snapshots released

> Please feel free to review the code once it is finished (it isn't), some already have already provided comments:

This is only useful if you can convince as many people to review your code as have reviewed SSH/TLS. Those protocols both contained bugs which survived dozens of man-years of review. You are not smarter than the entire cryptographic community. Have you read your Ferguson & Schneier (& Kohno)? What's your rekeying time? Do you know what that is and why it matters? Now that I've said that you can look it up and patch one obvious hole, but there will still be a dozen more.

> I think the authors of SPEKE would beg to differ...

WTF, do you not even understand the difference between a crypto primitive and a crypto protocol? SPEKE is a fine primitive (well, there are better ones, but that's actually besides the point). But it doesn't matter if you choose good primitives. If design your own protocol YOU WILL FUCK IT UP AND CHALLENGING PEOPLE TO REVIEW IT WILL NOT SAVE YOU.

Most snake oil vendors honestly believe that their code is great! And advertise them by boasting about using cool primitives (AES! SPEKE! XX-bits! never mind that they're used insecurely!). And then when someone point this out, the snake oil vendor always responds by challenging them to review the code and point out specific problems. Srsly you're exhibiting the classic symptoms. Stop and think about it. Spreading bad crypto is a sin.

> Please do consider the differences between the ssh/tls model and speke

Please read my fucking message. I said you should use TLS-SRP. That has the same model as the protocol you are ineptly trying to design. Yes, it requires you to deal with the gnutls api instead of playing around with fun maths, but on the other hand IT IS DESIGNED AND IMPLEMENTED BY PEOPLE WHO KNOW WHAT THEY ARE DOING AND IT WILL ACTUALLY FUCKING WORK.

(Just one example - SPEKE requires the server store passwords in plain text, which we've had *plenty* of evidence lately is a terrible idea. SRP avoids this problem.)

(Log in to post comments)

network-ability Wayland should have: most of those are in xpra

Posted Oct 27, 2012 1:45 UTC (Sat) by amtota (guest, #4012) [Link]

> Please read my fucking message
Sorry, after all the shouting and swearing, I stopped. Maybe some other time.

network-ability Wayland should have: most of those are in xpra

Posted Oct 27, 2012 10:11 UTC (Sat) by njs (guest, #40338) [Link]

Heh. I swear because I care... and because every time I've explained this before, you've just ignored the main points completely. So I was hoping that might get you to pay attention.

Obviously though if you are determined not to listen when people warn you that you are making a serious mistake, then that's ultimately your decision.

network-ability Wayland should have: most of those are in xpra

Posted Oct 28, 2012 17:31 UTC (Sun) by nix (subscriber, #2304) [Link]

Srsly, he's right. This way lies disaster, no matter how smart you are. Programming Satan's computer, and all that. It's ever so much better an idea to use someone else's code for this, and gnutls does work and does get review.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds