[Cryptography] recommending ChaCha20 instead of RC4 (RC4 again)

[Bear]

On Fri, 2014-03-14 at 10:10 -0400, Theodore Ts'o wrote:

> For certain high security applications, you might also want a third
> choice, which is a local management interface which is guaranteed to
> always be able to reset the firmware to the uploaded state (which
> means that the firmware loader must not be modifiable).


+1.  If something has a local management interface (ie, there's 
an rs232 port on the side of it that says "Management interface"
and is visible (visibly unconnected except when actively updating
the system) behind a keyed panel, but no remote interface (ie, 
someplace out on the net, if somebody has the right keys, they 
can make changes to the device invisibly and without me knowing 
about it), I feel that I can keep something secure -- or at least 
that if I fail to it's my fault. That makes it all about physical
security and my ability to keep unauthorized people away from 
my physical devices and to know exactly which people have had 
access to them.  Which, bluntly speaking, is a smaller attack 
surface than networked software security at this time.  

Bonus if the local management interface still requires you to have
the right key, and you can reset the key.  That gives me some 
degree of software security as well as physical security.  

Remote management interfaces look to me like a security flaw 
that can be easily exploited from a central location and without 
the knowledge of the people whose security is being compromised. 

Bear