Re: RealVNC Viewer and X11VNC Encryption

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

  On 18-6-2010 19:58, John Kaufmann wrote:
> In a message dated 2010.06.18 04:16 -0500, Corne Beerse wrote:
>> For what its worth, I'd never trust application-based encryption. If 
>> I need encryption, I use a tunnel like VPN or SSH as they are build 
>> for that purpose. Then run the vnc-communication trough that tunnel.
> CBee, after years of reading your posts I respect your judgment, but 
> this is not clear to me: Why is application-based encryption inferior?
> John
That is my general idea: If I choose an application, I do it for the 
functionality. If I want security, I like to make a reasonable choice. 
In the past I have seen several implementations of a communication 
protocol that have added their own security. These appeared to be 
inferior after a while but I could not update or change as I still 
needed the tool itself.

With tunneling over an ssh connection or over a vpn tunnel, the security 
can be updated and altered without changing the communication tools.

On the other side, there are good examples of 'combined' security. And 
of course there is also the ease of use and ease of administration that 
comes to mind. In fact, ssh is the secure variant of rsh/telnet and 
such, effectively a combination. However, here I see it as reverse: the 
security is the base of ssh, the shell-connection is here the added 
protocol and it shows: the remote shell part of ssh works but there are 
better tools. And other protocols can use the same tunnel.

My 2 cents


VNC-List mailing list
To remove yourself from the list visit:

[Books]     [Home]     [Photo]     [Yosemite]     [Hot Springs]     [VNC Home]     [PDAs]     [Open Source Now]     [Epson Inkjet]

Add to Google Reader or Homepage Powered by Linux