The main question is why use Telnet when ssh is available. Some people mentioned routers, maybe that is why. But I would think in this day and age routers would now use ssh.
I do remember reading a long time ago telnet does/can support encryption. But when I looked at the systems I have access to, the manuals have no mention of that.
Probably because ssh ciphers change, telnet doesn’t, and you’re not really supposed to be internet exposing those interfaces anyway.
SSH without proper key management offers marginal benefits compared to telnet.
However bad your key management is, unless you're on an older ssh that will let you choose to use the "None" cipher, you're still better off than telnet!
[dead]
Why use ssh when wireguard is available?
So I don't need root permission or kernel networking stuff setup.
(I do run Wireguard, it just feels like sometimes a VPN is a sledgehammer to solve a port forwarding problem)
I think scoffing at plaintext protocols is silly. Contemporary security architecture is a nightmare. It’s like scoffing at keyboards for sending key codes in the open to the HID controller because you’ve failed to secure your machine so badly you have adversaries in your HID controller.
If you have a well secured LAN where trust is social SSH gets
you nothing. SMTP telnet http being plain were from days when users were able to actually reason about what was happening within their OS. If there’s anything that should be scoffed at its us now with our bloated opaque corporate controlled OSes.
Tangentially, I saw an ad the other day for software which purports to encrypt your keystrokes: https://www.keystrokelock.com/ I have no idea what that means.
Me neither.
I looked into their Support documentation and it explains how to run the app, not how it works.
I read a 2-slide "Whitepaper" and it describes the many advantages and sort of tells you how it starts in "Ring 0" and the TPM and uses public-key cryptography, but not how it works.
They have trademarked KTLS™, but Kernel TLS is also an extension of actual TLS into the Linux kernel, so good luck differentiating that. Isn't it fun how you can trademark your trade secrets, but if you attempt to patent them, that means public disclosure.
If I had to hypothesize about it, I'd say that there is a Ring 0 hardware driver that takes the USB data, encrypts it, and the encrypted data is tunneled to each application, where it is somehow decrypted transparently without modifying any of the user's applications.
I would research this more in-depth but gnomes have already stolen my underpants. UUU~~U~~~U+++ATH0+++ NO CARRIER
"Award-winning journalist on Fox News" and the padlock with an American flag really sells it for me.
Maybe I should get in on this grift. Curl American Patriot Gold Marine Corps Never Forget 9/11 Edition for only $200. Loads _any_ URL.
Well, that certainly explains why no one in the US telnet BBS community seemed to be discussing having connectivity problems.
Glad this one didn’t open with a song parody.
Do you have to restart your computer to exit telnet?:)
Related: PTT BBS is a popular Telnet-based forum in Taiwan, still actively used these days.
https://en.wikipedia.org/wiki/PTT_Bulletin_Board_System
Related:
The Day the Telnet Died
https://news.ycombinator.com/item?id=46967772
The main question is why use Telnet when ssh is available. Some people mentioned routers, maybe that is why. But I would think in this day and age routers would now use ssh.
I do remember reading a long time ago telnet does/can support encryption. But when I looked at the systems I have access to, the manuals have no mention of that.
Probably because ssh ciphers change, telnet doesn’t, and you’re not really supposed to be internet exposing those interfaces anyway.
SSH without proper key management offers marginal benefits compared to telnet.
However bad your key management is, unless you're on an older ssh that will let you choose to use the "None" cipher, you're still better off than telnet!
[dead]
Why use ssh when wireguard is available?
So I don't need root permission or kernel networking stuff setup.
(I do run Wireguard, it just feels like sometimes a VPN is a sledgehammer to solve a port forwarding problem)
I think scoffing at plaintext protocols is silly. Contemporary security architecture is a nightmare. It’s like scoffing at keyboards for sending key codes in the open to the HID controller because you’ve failed to secure your machine so badly you have adversaries in your HID controller.
If you have a well secured LAN where trust is social SSH gets you nothing. SMTP telnet http being plain were from days when users were able to actually reason about what was happening within their OS. If there’s anything that should be scoffed at its us now with our bloated opaque corporate controlled OSes.
Tangentially, I saw an ad the other day for software which purports to encrypt your keystrokes: https://www.keystrokelock.com/ I have no idea what that means.
Me neither.
I looked into their Support documentation and it explains how to run the app, not how it works.
I read a 2-slide "Whitepaper" and it describes the many advantages and sort of tells you how it starts in "Ring 0" and the TPM and uses public-key cryptography, but not how it works.
They have trademarked KTLS™, but Kernel TLS is also an extension of actual TLS into the Linux kernel, so good luck differentiating that. Isn't it fun how you can trademark your trade secrets, but if you attempt to patent them, that means public disclosure.
If I had to hypothesize about it, I'd say that there is a Ring 0 hardware driver that takes the USB data, encrypts it, and the encrypted data is tunneled to each application, where it is somehow decrypted transparently without modifying any of the user's applications.
I would research this more in-depth but gnomes have already stolen my underpants. UUU~~U~~~U+++ATH0+++ NO CARRIER
"Award-winning journalist on Fox News" and the padlock with an American flag really sells it for me.
Maybe I should get in on this grift. Curl American Patriot Gold Marine Corps Never Forget 9/11 Edition for only $200. Loads _any_ URL.