On Mon, May 22, 2006 at 09:22:18PM +0100, Wayne Stallwood wrote:
On Mon, 2006-05-22 at 07:39 -0500, chrisisbd@leary.csoft.net wrote:
It strikes me as unlikely that anyone will 'sniff' my communication with my home server - why would they? There's no way that they could determine that the data I'm transferring is useful. It's not at all the same as if I was using a web browser to access an internet banking site where there is a very large chance of signifcant data being transferred.
It's kind of hard to guess the most likely attack vector, but sniffing the network is a common one. For example any machine on the (presumably shared) network you are accessing the data from could have been compromised and may be being used to sniff traffic. Without SSL you have to consider the security of both your own system and the system you are accessing the data from as well as the security of the (public in this case) network the data is transmitted across.
In fact the machines at both 'ends' are pretty secure, I'm not doing this from any old machine, it'll nearly always be either from home (where it's going to be hosted anyway) or from work which is behind a pretty strong firewall. Thus it's only the bit 'out in the internet' where the data is going to be visible if it's unencrypted.
For the moment I've gone for a rather simple solution using an ssh connection to my home system and using vi (well vile actually) to view the files with the confidential data in them. I use the vi 'crypt' facility to encrypt the files, not *very* strong encryption but fairly OK.
I've written a little wrapper script that allows me to pop this vi session up in a 'sidebar shaped' window adjacent to my browser so it's very convenient to use.
It's not perfect or very beautiful to look at but I think it'll serve my needs.