mirror of https://gogs.blitter.com/RLabs/xs
Update page 'FAQs'
parent
857554d014
commit
06c010a268
7
FAQs.md
7
FAQs.md
|
@ -26,14 +26,15 @@ That said, I think it can be objectively said that using Go *greatly diminishes
|
|||
|
||||
### But forks of `openssh` exist with PQ (Post-Quantum) KEx/KEM support.
|
||||
|
||||
Sure, but again this was a learning project, openssh only added PQ algos after I had this project up and running, and again openssh is written in C, within the greater complexity of the `openssh` codebase. I see Go as being more inherently secure, and the source code easier to maintain, which also aids in security when making future changes.
|
||||
Openssh only added PQ algos after I had this project up and running, almost 3 years afterwards. Again, I see Go as being more inherently secure, and the source code easier to maintain, which also aids in security when making future changes.
|
||||
|
||||
A diversity in solutions for network shell access is also good.. we've all relied exclusively on `openssh` for a long time, and a monoculture is dangerous. (Recall the 'heartbleed' fiasco and the scramble to fix and/or find other SSL/TLS libraries to avoid a security monoculture).
|
||||
A diversity in solutions for network shell access is good.. we've all relied exclusively on `openssh` for a long time, and a monoculture is dangerous. (Recall the 'heartbleed' fiasco and the scramble to fix and/or find other SSL/TLS libraries to avoid a security monoculture).
|
||||
|
||||
|
||||
### But openssh has keystroke timing obfuscation.
|
||||
|
||||
Yeah, I did that early on with this project, almost three years before openssh announced; it could probably be improved, but I can say with some confidence that xs did keystroke timing obfuscation *before it was cool*. :P See the discussion on 'chaffing' in general elsewhere in these docs.
|
||||
Yeah, I did that early on with this project, almost three years before openssh announced; it could certainly be improved, but I can say with some confidence that xs did keystroke timing obfuscation *before it was cool*. :P See the discussion on 'chaffing' in general elsewhere in these docs.
|
||||
|
||||
|
||||
### You should have written it in Rust!
|
||||
|
||||
|
|
Loading…
Reference in New Issue