alt Hacker NewsI think scoffing at plaintext protocols is silly. Contemporary security architecture is a nightmare. It’s like scoffing at keyboards for sending key codes in the open to the HID controller because you’ve failed to secure your machine so badly you have adversaries in your HID controller.
If you have a well secured LAN where trust is social SSH gets you nothing. SMTP telnet http being plain were from days when users were able to actually reason about what was happening within their OS. If there’s anything that should be scoffed at its us now with our bloated opaque corporate controlled OSes.
Replies
> If you have a well secured LAN where trust is social SSH gets you nothing.
Unless you're doing automatic and mandatory SSH key rotation (which almost nobody ever does) then SSH is just "password on a sticker next to the monitor" with a long password.
Tangentially, I saw an ad the other day for software which purports to encrypt your keystrokes: https://www.keystrokelock.com/ I have no idea what that means.