Yeah, you're right. I got myself spun off on a tangent and lost the point. Your original point was that SSH wasn't sufficient to protect the data in transit - my point is that it is, but I articulated that very poorly. As a result, while mocking your incorrect use of "MD5 Checksum" (sorry, I don't accept that a majority use of an inaccurate term means that it's somehow accurate) I did something very similar.

To reiterate - you're right. Encryption by itself does not protect the data from modification. Actually, nothing short of physical control protects the data from modification - that's also a bad turn of phrase. But with encryption alone you can only tell that the data's been modified by the fact that an application using it no longer recognizes the data format, since you now have essentially random data. This is almost always noticeable, but it's not adequate for data protection, and I shouldn't have implied that it was.

However, the thing that got me started in the first place is the fact that SSH2 also provides a MAC over each data packet, and if the MAC doesn't match, requests that the packet be re-sent. Thus, it provides both data confidentiality via encryption, and data integrity via MAC. When I said that you're guaranteed that the garbage out is the same as the garbage that went in, I was referring to the integrity provided by SSH as a whole, not encryption per se. Then instead of clarifying that, I wandered off and started babbling nonsense.

SSH also claims to provide non-repudiation, since the original handshake involves private/public key pairs, but the whole question of non-repudiation is better left to the lawyers. I believe that SSH2 provides either a SHA1 or MD5 hash over the data packet, which only makes it suitable for non-classified work (I'm assuming the poster's data is unclassified, or his customer would have insisted on encryption already).

[[shrug]] You said checksum - perhaps I made an error in assuming that you meant what you said. I've been building client/server apps that use crypto for 8 years, and I've never once referred to an MD5 hash as a checksum, though I recognize that some might. Of course, MD5 also falls into that category of "useless for assuring data integrity", so that's a moot point.

Sorry, I'm not going to do your homework for you. Yes, if data is encrypted, and that data is munged, the encryption breaks, and the decryption fails. That is the nature of encryption. Whether you notice that the decryption fails is another issue, but when decryption fails, it tends to fail spectacularly, and the data that results is truly garbage and recognizable as such, since your application no longer knows what to do with it. I'm curious as to which of the algorithms used by SSH would not result in this behaviour. AES? 3DES? Blowfish? If so, then the Internet is horribly broken, and you should never bank online again.

Poster isn't concerned about whether the data has errors. That's a problem for the data creators. He's worried about it getting screwed up in transmission, either accidentally or maliciously, and encryption absolutely solves that issue. Yes, garbage in returns garbage out, but you're guaranteed (within collision space boundaries) that the garbage that comes out is exactly the same as the garbage that went in. And that's the point here.

Starting a comment off by explaining that you're not familiar enough with the subject matter to intelligently comment is a very handy flag, and I appreciate your warning the rest of us that what you were saying was going to be wrong ;)

BTW, checksum hasn't been considered a trustworthy means of ensuring data integrity for more than a decade. I invite you to have a discussion with Google regarding checksum collisions.

>>"What I explicitly meant to say is that the Bible is a difficult book to understand and requires a scholarly approach to parse appropriately."

Respectfully, I disagree. I've read it, cover to cover, several times, and it's very straightforward. To me, it seems that those who tell me that it's more complex are simply trying to build a reason for it to be something more than it is.

Still, we're speaking around the original question. The bible was presented, by those who started the various churches, as being the true, unadulterated word of god. That includes Genesis, Leviticus, and Deuteronomy. I've been told by new Christians that this is not so, that the stories told in those books are merely parables, fables, fictions told to represent a greater truth. It can't be both ways - and why is your opinion more correct than the men who created the tome? You both can't be right, and you're re-interpreting the work long after it was originally put together.

>>"Homosexuality is the same as any other sexual sin in the bible, like adultery."

I'm not supposed to hate those who sin? By the way, here's the King James version of an appropriate passage - "If a man also lie with mankind, as he lieth with a woman, both of them have committed an abomination: they shall surely be put to death. Their blood shall be upon them." That doesn't sound like hate to you?

>>"The bible does not advocate killing people of other religions."

"Suffer ye not..." Also, read Deuteronomy 13. True, this is more focused towards killing anyone (and their families, and the people around them) who tried to seduce you away from that god, but the point is still pretty clear.

Your last two paragraphs actually speak clearly to my point - the bible, as it exists today, is almost impossible to be taken literally, or as a godly truth. The problem is that many still do, and are willing to enact violence on those who do not. And you haven't spoken to my underlying point: If parts of the bible are not true, which are and which are not? And more to the point, why do you put any credence in this tome at all if you're convinced that it is at least partially inaccurate?

>>"Beating your wife is not recommended either." Okay, I'll give you that one. Sometimes, it's tough to remember which of the many violences that occurred in the name of god came directly from this bible, or were merely inspired by it.

>>"The Canaanites slaughtered their own children for sexual gratification during ceremonies designed to inspire ecstatic communion with their deity. Pederasty was a practice of their religion as well. They held human sacrifice of innocents as a sacred part of their worship orgies. They practiced a policy of genocide against other tribes weaker than themselves and practiced cultural subversion against those stronger to bring them down. Violence, debauchery, and lasciviousness were the norm for their culture and those that practiced them abundantly were rewarded."

Could you please provide history evidence for these statements?

I'm sorry, but your answer is simply too... simplistic. These stories have been presented as _fact_ for thousands of years. Long before they were bound together in a book, they were told to children and adults alike - yes, as a moral lesson, but as if they really, truly happened. That's the ongoing battle today; many, many, many people are being taught that those stories are the true, unadulterated word of a god. Suddenly, the new Christians are realizing that there's actually no way to pack 2 (or 7) of every type of creature into a boat? I'm sorry (truly), but I'm not buying it. The genocide of the Caananites isn't a parable, or an example of how you should act. The torture of Job is a very bad life lesson (remain loyal to your god even if he tortures you on a bet? That's messed up.) Most of the stories in the old testament were about showing what happens when you disobey god, or examples of those who obeyed god even under extreme circumstances. For that to have relevance, you have to know who that god is, and that is defined in the same tome. Which parts are true, and which are parables? Which parts should show us the right path for modern times, and which are examples of the horrors that were considered normal in that age (killing your child for disobeying?).

No, this viewpoint doesn't work for me. If the book is a work of truth, and I should be living my life by its words, I'm going to have to do things and think things that are repugnant to me as a human being. I don't hate the gays, I don't think people who belong to other religions should be killed, I don't want to beat my wife, regardless of the size of the rod. It seems to me that you're picking the truths that fit your view of modern humanity, when it seems to me that the laws created by a god who is omnipotent and omniscient should not change with the whims of human culture. I do not believe that you get to have it both ways.

"Do unto others as you would have them do unto you" and "Judge not, lest ye be not judged" are the only two things I've ever found in that book that seem relevant to reality; I already believed those before I opened the pages.

And there are others who are willing to kill you for believing that it's not meant to be taken literally.

Personally, I have to wonder what value you see in the bible as a religious document if you don't believe that what it says is the truth. That statement truly is not meant as a flame or an attack - as a lifelong student of religion, I simply do not understand the new line that's being take by those who seek to create this new, happier Christianity. The idea seems to be to believe in the idea of the god defined in the bible, while not believing stories that define that god's dogma and motivations, and which seek to explain its actions.

What truth do you glean from a document that is not the truth? And why believe in the (apparently arbitrary) values that you've decided that the bible REALLY means, rather than those that are explicitly stated?

Again - not a flame, though I expect many will take it as such. I simply do not understand the mindset.

That's not really a backup strategy, unless you have many, many hard drives. It's not just a matter of backing up today's data, but also of being able to access yesterday's data if something got accidentally deleted today. You also need to be able to access last week's data, in case something got trashed the day before yesterday and no one noticed until today. Swapping in new hard drives every day just isn't going to cut it.

Tape drives are cheap - tape cassettes are cheaper yet. Software to automate your backup scheme is a little more expensive, but it's a one-time expense that you can use for a very long time. Over time, a tape backup system is a lot cheaper than swapping in new drives every so often, and as a bonus, it's also more reliable.