Opportunistic Security: some protection most of the time

  • Two Factor Authentication is now available on BeyondUnreal Forums. To configure it, visit your Profile and look for the "Two Step Verification" option on the left side. We can send codes via email (may be slower) or you can set up any TOTP Authenticator app on your phone (Authy, Google Authenticator, etc) to deliver codes. It is highly recommended that you configure this to keep your account safe.

Wormbo

Administrator
Staff member
Jun 4, 2001
5,913
36
48
Germany
www.koehler-homepage.de
Opportunistic Security: some protection most of the time
This memo defines the term "opportunistic security". In contrast to
the established approach of delivering strong protection some of the
time, opportunistic security strives to deliver at least some
protection most of the time. The primary goal is therefore broad
interoperability, with security policy tailored to the capabilities
of peer systems.

About time. There has been too few encryption so far because they always wanted to get it right instead of at least providing some basic security first. That's the reason why there's still to much unencrypted internet traffic today.

Hopefully we will soon see a basic encryption layer in most places that can be improved by an authentication layer in a second step.
 

Hadmar

Queen Bitch of the Universe
Jan 29, 2001
5,557
42
48
Nerdpole
Opportunistic Security: some protection most of the time


About time. There has been too few encryption so far because they always wanted to get it right instead of at least providing some basic security first. That's the reason why there's still to much unencrypted internet traffic today.

Hopefully we will soon see a basic encryption layer in most places that can be improved by an authentication layer in a second step.
I'm pretty damn torn between "it's a step in the right direction" and "did organized crime* put that idea up to make us waste our resources instead of doing it right?"

But the reason we don't replace the ancient unencrypted protocols with new shiny encrypted protocols is not simply because we can't get it right. The problem is that replacing protocols of services that are widely deployed around the globe is not that easy. Breaking compatibility is nothing that many people like to do.

* Commonly called secret services. I have no idea why.