On Sunday 12 February 2006 01:28, Christian Mueller wrote:
> >
> > There's this gem, too : "any time you SSH to another machine, that
> > machine's administrators could attack you".
> >
> > Thanks for the laugh, anyway.

>
> Why do you think this is funny?


Because this article claims to explain a fairly subtle problem that would
arise in circumstances where a much more obvious problem is already present.
It's like explaining you shouldn't fire up a Tesla coil in an explosive
atmosphere.

When you ssh to a machine which sysadmin is not trustworthy, then *anything*
on that machine is suspect. Including all the programs you will execute there
remotely, be it X clients or plain shell commands, and even the sshd you're
logging in through.

I agree the overall conclusion is still a good thing to know, but it's hardly
worth a whole article.

--
Guillaume.
http://www.telegraph-road.org

>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<