MT Server-Client Communication encrypted ?

User avatar
LMD
Member
Posts: 1386
Joined: Sat Apr 08, 2017 08:16
GitHub: appgurueu
IRC: appguru[eu]
In-game: LMD
Location: Germany
Contact:

MT Server-Client Communication encrypted ?

by LMD » Post

Title says it all.
My stuff: Projects - Mods - Website

User avatar
Krock
Developer
Posts: 4649
Joined: Thu Oct 03, 2013 07:48
GitHub: SmallJoker
Location: Switzerland
Contact:

Re: MT Server-Client Communication encrypted ?

by Krock » Post

Why? Do you plan to share your credit card details on a server?
Look, I programmed a bug for you. >> Mod Search Engine << - Mods by Krock - DuckDuckGo mod search bang: !mtmod <keyword here>

User avatar
LMD
Member
Posts: 1386
Joined: Sat Apr 08, 2017 08:16
GitHub: appgurueu
IRC: appguru[eu]
In-game: LMD
Location: Germany
Contact:

Re: MT Server-Client Communication encrypted ?

by LMD » Post

Google it if you want to know why. I am sure there are plenty of reasons.
My stuff: Projects - Mods - Website

User avatar
Linuxdirk
Member
Posts: 3217
Joined: Wed Sep 17, 2014 11:21
In-game: Linuxdirk
Location: Germany
Contact:

Re: MT Server-Client Communication encrypted ?

by Linuxdirk » Post

Krock wrote:Why?
CSM security.

Reedych
Member
Posts: 58
Joined: Wed Aug 03, 2016 08:09
GitHub: SlackCoyote
In-game: SlackCoyote

Re: MT Server-Client Communication encrypted ?

by Reedych » Post

Krock wrote:Why? Do you plan to share your credit card details on a server?
Probably one wants to send government's super secret documents through minetest. Or he is probably a terrorist.
Slackware64 14.2, MT 0.4.16. My best mod.

User avatar
Linuxdirk
Member
Posts: 3217
Joined: Wed Sep 17, 2014 11:21
In-game: Linuxdirk
Location: Germany
Contact:

Re: MT Server-Client Communication encrypted ?

by Linuxdirk » Post

Reedych wrote:Probably one wants to send government's super secret documents through minetest. Or he is probably a terrorist.
Or simply because one does not want to have arbitrary code to be injected and then be executed within the Lua environment of Minetest mods?

Or just because it is 2018 and no-one in the right mind wants unencrypted connections to servers of any kind?

User avatar
LMD
Member
Posts: 1386
Joined: Sat Apr 08, 2017 08:16
GitHub: appgurueu
IRC: appguru[eu]
In-game: LMD
Location: Germany
Contact:

Re: MT Server-Client Communication encrypted ?

by LMD » Post

I am pretty sure I'm not a terrorist...
Boom !
BTW, such a connection would probably allow 3rds to (a) just insert junk/malicious stuff into connection or (b) identify clients + monitor their activity
My stuff: Projects - Mods - Website

User avatar
Linuxdirk
Member
Posts: 3217
Joined: Wed Sep 17, 2014 11:21
In-game: Linuxdirk
Location: Germany
Contact:

Re: MT Server-Client Communication encrypted ?

by Linuxdirk » Post

LMD wrote:BTW, such a connection would probably allow 3rds to (a) just insert junk/malicious stuff into connection or (b) identify clients + monitor their activity
Both is true when not encrypting the traffic.

Reedych
Member
Posts: 58
Joined: Wed Aug 03, 2016 08:09
GitHub: SlackCoyote
In-game: SlackCoyote

Re: MT Server-Client Communication encrypted ?

by Reedych » Post

LMD wrote:I am pretty sure I'm not a terrorist...
Boom !
BTW, such a connection would probably allow 3rds to (a) just insert junk/malicious stuff into connection or (b) identify clients + monitor their activity
I can suggest also certificates.
Slackware64 14.2, MT 0.4.16. My best mod.

User avatar
Vapalus
Member
Posts: 112
Joined: Wed Nov 15, 2017 17:16

Re: MT Server-Client Communication encrypted ?

by Vapalus » Post

Without google:
1) Not encrypting the connection would make the server vulnerable to Denial Of Service attacks. If anybody asks "why", the short answer is "IP spoofing" and the long answer is very long. Yes, IP spoofing is still possible on the internet.
2) Encryption also makes it less feasable to disconnect other players by sending wrong pakets in their name. That means encryption stabilizes the connection between client and server.

Last but not least, what's happening between you and any server is nobody's business. Period.
A man much wiser than me once said: "go away, you are bothering me"

Reedych
Member
Posts: 58
Joined: Wed Aug 03, 2016 08:09
GitHub: SlackCoyote
In-game: SlackCoyote

Re: MT Server-Client Communication encrypted ?

by Reedych » Post

Vapalus wrote:Without google:
1) Not encrypting the connection would make the server vulnerable to Denial Of Service attacks. If anybody asks "why", the short answer is "IP spoofing" and the long answer is very long. Yes, IP spoofing is still possible on the internet.
2) Encryption also makes it less feasable to disconnect other players by sending wrong pakets in their name. That means encryption stabilizes the connection between client and server.

Last but not least, what's happening between you and any server is nobody's business. Period.
Good arguments!
Slackware64 14.2, MT 0.4.16. My best mod.

Astrobe
Member
Posts: 570
Joined: Sun Apr 01, 2018 10:46

Re: MT Server-Client Communication encrypted ?

by Astrobe » Post

Reedych wrote:
Vapalus wrote:Without google:
1) Not encrypting the connection would make the server vulnerable to Denial Of Service attacks. If anybody asks "why", the short answer is "IP spoofing" and the long answer is very long. Yes, IP spoofing is still possible on the internet.
2) Encryption also makes it less feasable to disconnect other players by sending wrong pakets in their name. That means encryption stabilizes the connection between client and server.

Last but not least, what's happening between you and any server is nobody's business. Period.
Good arguments!
Not really. Saying "what's happening between you and any server is nobody's business" so we should encrypt is like saying that all building in Europe should resist magnitude 8 earthquakes. That's not really helpful.

Let me tell a little tale: for years, the package manager of the Emacs text editor was fetching the source of some packages from a wiki that was publicly editable. Anyone could have modified those packages without even having to sign in on the wiki. For those who don't know it, Emacs is feature-rich and relatively popular editor. By modifying a package, one could have easily wiped whole hard disks, or sent its contents to a server, or encrypted those files and asked for a ransom. But it never happened, as far as I know. It's only because of the recent misfortunes of package managers for really popular software that Emacs users became worried about this issue.

User avatar
LMD
Member
Posts: 1386
Joined: Sat Apr 08, 2017 08:16
GitHub: appgurueu
IRC: appguru[eu]
In-game: LMD
Location: Germany
Contact:

Re: MT Server-Client Communication encrypted ?

by LMD » Post

Security is more relevant today than it was years ago ! BTW, you wouldnt know if some hackers made some bad stuff, for example, copying all data...
SECURITY BY OBSCURITY IS NEVER A GOOD IDEA ! AND ENCRYPTION REALLY ISNT HARD !
My stuff: Projects - Mods - Website

User avatar
Linuxdirk
Member
Posts: 3217
Joined: Wed Sep 17, 2014 11:21
In-game: Linuxdirk
Location: Germany
Contact:

Re: MT Server-Client Communication encrypted ?

by Linuxdirk » Post

Astrobe wrote:Saying "what's happening between you and any server is nobody's business" so we should encrypt is like saying that all building in Europe should resist magnitude 8 earthquakes. That's not really helpful.
Bad analogy. A better one is: “… is like saying ‘I’m not locking my door because there weren’t any burglars in my neighborhood so far’.”

Astrobe
Member
Posts: 570
Joined: Sun Apr 01, 2018 10:46

Re: MT Server-Client Communication encrypted ?

by Astrobe » Post

The example I gave isn't for years ago; the popular Emacs package repo began to take action a few months ago.

"You never know" is the typical FUD one finds when security is discussed online. Aside from script kiddies and other annoyances, real bad guys are looking for profits for their efforts in creating, dissimulating and spreading their malware.

There's very little to be gained from eavesdropping a Minetest connection. Even tampering with it is probably not worth it. There's certainly more to gain from setting up honeypot servers that would exploit some vulnerabilities of the clients to perform remote code execution.

Encryption isn't hard... For those who don't have to implement it. As a starting point, do you have suggestions about which multi-platform encryption library one could use?

But it's less about difficulty than about computer resources. Some people run Minetest on small devices, and encryption isn't free. Beyond CPU cycles, it's also more bytes exchanged on the wires and longer connection times because of key exchange.

Astrobe
Member
Posts: 570
Joined: Sun Apr 01, 2018 10:46

Re: MT Server-Client Communication encrypted ?

by Astrobe » Post

Linuxdirk wrote:
Astrobe wrote:Saying "what's happening between you and any server is nobody's business" so we should encrypt is like saying that all building in Europe should resist magnitude 8 earthquakes. That's not really helpful.
Bad analogy. A better one is: “… is like saying ‘I’m not locking my door because there weren’t any burglars in my neighborhood so far’.”
This analogy is pretty common but is actually terrible, because it doesn't balance risks and costs. Not locking your door is a risk you take, but you gain next to nothing from it.

User avatar
Linuxdirk
Member
Posts: 3217
Joined: Wed Sep 17, 2014 11:21
In-game: Linuxdirk
Location: Germany
Contact:

Re: MT Server-Client Communication encrypted ?

by Linuxdirk » Post

Astrobe wrote:This analogy is pretty common but is actually terrible, because it doesn't balance risks and costs. Not locking your door is a risk you take, but you gain next to nothing from it.
You mean nothing except random people who can walk in and stealing my stuff and don’t even need to break anything for that?

Astrobe
Member
Posts: 570
Joined: Sun Apr 01, 2018 10:46

Re: MT Server-Client Communication encrypted ?

by Astrobe » Post

No. I was talking about the gain associated with the risk taken, you are talking about the loss associated with the risk taken. Of course your analogy is designed in such a way that the hope of gain is 0 at best. It is terrible because it is often used in situations where this is not the case (see my previous post about what we gain from not encrypting our traffic and add to it the fact that when a dev works on it, they don't work on gameplay-related features). It is used to play on the aversion people naturally have against risk and uncertainty.

User avatar
LMD
Member
Posts: 1386
Joined: Sat Apr 08, 2017 08:16
GitHub: appgurueu
IRC: appguru[eu]
In-game: LMD
Location: Germany
Contact:

Re: MT Server-Client Communication encrypted ?

by LMD » Post

I am convinced our fellow devs would manage to switch to some network traffic encryption library in less than a week.
It's nothing new, therefore there are multiple good choices, such as SSL : http://info.ssl.com/article.aspx?id=10241
My stuff: Projects - Mods - Website

User avatar
Vapalus
Member
Posts: 112
Joined: Wed Nov 15, 2017 17:16

Re: MT Server-Client Communication encrypted ?

by Vapalus » Post

Astrobe wrote: Not really. Saying "what's happening between you and any server is nobody's business" so we should encrypt is like saying that all building in Europe should resist magnitude 8 earthquakes. That's not really helpful.
And the rest of the arguments?
You disapprove of something I didn't even use as an actual argument but as a booster, and try to counter the real arguments by talking about something off topic in a way that has not much to do with encryption.
So, what does an opensource concept of some editor have to do with the network security of a server? It sounds very far fetched up to now.

And, to counter the only thing those two have in common:
Even if most people are nice people, I wouldn't give some stranger my car keys.
Even if I'm sure this piece of road is straight, I wouldn't drive blindfolded.
Even if nobody is driving that highway right now, I wouldn't let my children play on it.

Most people are actually nice people, who want to help, that is true. But if there is nothing to prevent people from breaking into systems, all those nice people will be terrorized by one stupid guy. That's definitely not worth the risk, because it gives those power who don't deserve it.
A man much wiser than me once said: "go away, you are bothering me"

User avatar
Linuxdirk
Member
Posts: 3217
Joined: Wed Sep 17, 2014 11:21
In-game: Linuxdirk
Location: Germany
Contact:

Re: MT Server-Client Communication encrypted ?

by Linuxdirk » Post

C'mon guys ... are we really discussing whether encryption is good or bad?

It is ALWAYS good. A connection that is not encrypted lacks an important security feature. No matter if the encryption is used to transfer positional data for an online game or checking the bank account.

Minecraft does not use encryption. The fact that is does not use it makes it less secure. There is nothing to discuss, that is a fact. The issue can only be solved by encrypting the connection.

User avatar
rubenwardy
Moderator
Posts: 6972
Joined: Tue Jun 12, 2012 18:11
GitHub: rubenwardy
IRC: rubenwardy
In-game: rubenwardy
Location: Bristol, United Kingdom
Contact:

Re: MT Server-Client Communication encrypted ?

by rubenwardy » Post

The communication should be encrypted as it avoids MITM attacks, but in real terms it's not going to be that big of an issue as Minetest isn't that common and becoming a MITM is hard without being on the same network. TL;DR: I'm in favour but it's not as bad as an issue as you say it is.
Linuxdirk wrote:It is ALWAYS good.
There is actually an exception to this - aptitude repositories are served over HTTP because it allows the creation of local mirrors, and is no less secure because packages are signed. Using HTTPs wouldn't be any more private as you could find out the package using the size.
Renewed Tab (my browser add-on) | Donate | Mods | Minetest Modding Book

Hello profile reader

Astrobe
Member
Posts: 570
Joined: Sun Apr 01, 2018 10:46

Re: MT Server-Client Communication encrypted ?

by Astrobe » Post

LMD wrote:I am convinced our fellow devs would manage to switch to some network traffic encryption library in less than a week.
It's nothing new, therefore there are multiple good choices, such as SSL : http://info.ssl.com/article.aspx?id=10241
This is a protocol, not a library. OpenSSL is a library. Furthermore, SSL is over TCP while Minetest, as far as I know, uses UDP.

User avatar
Linuxdirk
Member
Posts: 3217
Joined: Wed Sep 17, 2014 11:21
In-game: Linuxdirk
Location: Germany
Contact:

Re: MT Server-Client Communication encrypted ?

by Linuxdirk » Post

rubenwardy wrote:aptitude repositories are served over HTTP because it allows the creation of local mirrors,
Arch Linux allows creating local repositories, too. And it also supports HTTPS repositories. Your argument is invalid.

Astrobe
Member
Posts: 570
Joined: Sun Apr 01, 2018 10:46

Re: MT Server-Client Communication encrypted ?

by Astrobe » Post

Vapalus wrote:
Astrobe wrote: And, to counter the only thing those two have in common:
Even if most people are nice people, I wouldn't give some stranger my car keys.
Even if I'm sure this piece of road is straight, I wouldn't drive blindfolded.
Even if nobody is driving that highway right now, I wouldn't let my children play on it.
Of course nobody would take risks for nothing. If you refuse to go beyond this argument level, there's no point in talking. Please someone at least attack my argument on the overhead encryption introduces.

Post Reply

Who is online

Users browsing this forum: No registered users and 18 guests