|
|
Please do consider using an alternative
I must confess that the Himachi looks quite nice from the outside, but (and this is one big ugly "but") it has one grave flaw: nobody can verify that the software actually does what the developers claim it does. The technology described on the Hamachi web site seems sound, and--if implemented properly--will keep your communication secure from third party eavesdroppers, but you have to trust the developers that they will not listen in on your connection. They probably do not, but nobody can tell for sure. (for a discussion on this see also [1]) Bruce Schneier mentions this problem in the first paragraph of his essay "Snakeoil" [2]: The problem with bad security is that it looks just like good security. You can't tell the difference by looking at the finished product. Both make the same security claims; both have the same functionality. Both might even use the same algorithms: triple-DES, 1024-bit RSA, etc. Both might use the same protocols, implement the same standards, and have been endorsed by the same industry groups. Yet one is secure and the other is insecure. Many cryptographers have likened this situation to the pharmaceutical industry before regulation. The parallels are many: vendors can make any claims they want, consumers don't have the expertise to judge the accuracy of those claims, and there's no real liability on the part of the vendors (read the license you agree to when you buy a software security product). This is not to say that there are no good cryptography products on the market. There are. There are vendors that try to create good products and to be honest in their advertising. And there are vendors that believe they have good products when they don't, but they're just not skilled enough to tell the difference. And there are vendors that are just out to make a quick buck, and honestly don't care if their product is good or not. Again: the problem is not that Himachi is bad software, the problem is that you have to trust the developers implicitly. I would not recommend Himachi to my clients. Instead I would recommend OpenVPN [3]. It might not be as easy to set up as Himachi, but it is fairly simple, has an extensive HOWTO, and most of all: it is open source.
Seems pretty secure to me...
The mediation server is in place only to link the connections, that's it. Other than that, an encrypted network exists between the two, or however many points on the network.
Seems pretty secure to me...
Seems pretty secure to me...You have completely missed the point I was trying to make.
Seems pretty secure to me...
Steve Gibson of GRC research is a big fan. I don't know if you've ever used his Shields Up web site to test your firewalls and security, but he did an entire podcast (called Security Now) with Leo Laporte on how great Hamachi is. |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysNo new commentsLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.09 seconds |
|