Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Privacy & speed vs security

Reply
Thread Tools

Privacy & speed vs security

 
 
Marco Maier
Guest
Posts: n/a
 
      07-26-2004
Hi! Sorry for my English.
I'm using a firewall that uses intrusion detection systems. I can filter
any packet (in or out ) that I want but, if the communication is encrypted
or compressed it is virtually impossible. A simple example:
I can't filter google pages based on content unless I disable http 1.1 because
the outgoing http 1.1 header accepts gzip.
Is it possible that privacy (encrypted communication) and speed (gzipped
content or compressed content) is against security? In the future
I think that many clients will use encrypted communication.
Is this a security risk?
 
Reply With Quote
 
 
 
 
Marco Maier
Guest
Posts: n/a
 
      07-26-2004

> I think you misunderstand: encryption should include an acceptance by *both*
> ends of the link that the other party is valid (e.g. SSL and certificates)


I have in mind p2p clients that support encryption.I can't filter what I want.
 
Reply With Quote
 
 
 
 
Hairy One Kenobi
Guest
Posts: n/a
 
      07-26-2004
"Marco Maier" <(E-Mail Removed)> wrote in message
news:QL3Nc.43211$(E-Mail Removed)...
> Hi! Sorry for my English.
> I'm using a firewall that uses intrusion detection systems. I can filter
> any packet (in or out ) that I want but, if the communication is

encrypted
> or compressed it is virtually impossible. A simple example:
> I can't filter google pages based on content unless I disable http 1.1

because
> the outgoing http 1.1 header accepts gzip.
> Is it possible that privacy (encrypted communication) and speed (gzipped
> content or compressed content) is against security? In the future
> I think that many clients will use encrypted communication.
> Is this a security risk?


I think you misunderstand: encryption should include an acceptance by *both*
ends of the link that the other party is valid (e.g. SSL and certificates)

Anything else is, well, pointless.

Don't worry too much about compression - IIRC (and stand to be corrected)
it's been there since at least HTTP 0.9 and is largely unsupported. I looked
at before I wrote NETcruncher..

--

Hairy One Kenobi

Disclaimer: the opinions expressed in this opinion do not necessarily
reflect the opinions of the highly-opinionated person expressing the opinion
in the first place. So there!


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
privacy/security violation at google NewB Computer Support 11 05-18-2005 10:06 PM
McAfee - Security Privacy Center - How get rid of this? Patty Amas Computer Support 5 11-05-2004 12:04 AM
Palindr?me <me8@privacy.net> Calling ,,,,,,,,,,,,,,,,,, Palindr?me <me8@privacy.net> Heeeelp. MjrTom Computer Support 3 05-01-2004 09:12 PM
speed speed speed a.metselaar Computer Support 14 12-30-2003 03:34 AM
Book Review - Wireless Security and Privacy Lord Shaolin Computer Security 0 10-10-2003 08:38 AM



Advertisments