[linux-elitists] Pompous Top 10 List
Fri Jun 15 00:47:10 PDT 2001
> > > and the VPN is doing crypto as well as NAT, it might be slower, because
> > > you're getting double-encrypted.
> > >
> > That's true. I wonder if a crypted VPN could detect encrypted traffic
> > and just flag it to leave it alone. Or would this not be desirable?
> Two points:
> 1) Computers are so fast now that you'd hardly notice the difference
> except in really high-bandwidth applications.
I use tunneled X sometimes, and believe me - you notice! Recognize any
"Noone will ever use 640 k, much less a megabyte"
"There's a total world market for 5, maybe 10 computers"
Established technology tends to persist in the face of new technology.
-- G. Blaauw, one of the designers of System 360
There are two kinds of fool. One says, "This is old, and therefore good."
And one says, "This is new, and therefore better"
-- John Brunner, "The Shockwave Rider"
Just because *your* computers are fast - even if you own both ends - doesn't
mean all the hops in between are.
> 2) Just telling the outside world what you're running through your
> tunnel (by exposing the contents, encrypted or not) is a bad idea
> for the same reason that allowing your internal namespace to
> resolve from the outside is a bad idea: Even though it doesn't
> directly compromise a machine, it does leak potentially dangerous
Another matter is if there's some "flag me as okay to expose" -- then sure
as caffeine is addictive then some script kiddie will find a way to abuse it.
* Heather * The best way to keep a secret is for it not to be known that
there is a secret.
More information about the linux-elitists