2
from slides import Slide, Bullet, SubBullet, URL
3
from twslides import Lecture
6
"Twisted.Conch: SSH in Python",
9
Slide("Other implementations (servers)",
11
SubBullet(URL("http://www.openssh.org")),
14
SubBullet(URL("http://www.f-secure.com/products/ssh/")),
17
SubBullet(URL("http://www.lysator.liu.se/~nisse/lsh/")),
20
Slide("Other implementations (clients)",
22
SubBullet(URL("http://www.chiark.greenend.org.uk/~sgtatham/putty/")),
25
SubBullet(URL("http://www.ayera.com/teraterm/")),
28
SubBullet(URL("http://www.appgate.com/mindterm/")),
32
Bullet("Asynchronous"),
36
Slide("No Forking or Threads",
37
Bullet("Forking is expensive"),
38
Bullet("Threads are complicated/expensive, esp. in Python"),
39
Bullet("Asynch means no worrying about any of that"),
40
Bullet("Makes running a session 2x as fast in Conch as in OpenSSH"),
42
Slide("Security - No Pointers",
43
SubBullet("No buffer overflows"),
44
SubBullet("No off-by-1 errors"),
45
SubBullet("No malloc/free bugs"),
46
SubBullet("No arbitrary code execution"),
48
Slide("Security - High Level",
49
Bullet("Strong built-in library"),
52
Slide("Security - Not Root",
53
Bullet("Limits vulnerablity in a compromise"),
54
Bullet("Allows use of process limits/etc."),
56
Slide("Interfacing with other software",
57
Bullet("OpenSSH interacts only through separate processes",
58
SubBullet("Expensive"),
59
SubBullet("Complicated"),
61
Bullet("Conch can interact in-process",
63
SubBullet("Easy integration to other Twisted and Python libraries"),
67
Bullet("C is faster than Python"),
68
Bullet("Interpreter cost is high for the client"),
69
Bullet("FSH-style connection caching helps a bit"),
70
Bullet("Psyco helps as well"),
73
Bullet("Conch is new",
74
SubBullet("First commit was July 15, 2002"),
76
Bullet("Hasn't had a security aduit"),
77
Bullet("Shouldn't be used in security-critical systems"),
79
Slide("Applications with Conch",
80
Bullet("Reality: MUD framework"),
81
Bullet("Insults: async. replacement for curses in Conch apps"),
83
Slide("Future Directions",
84
Bullet("Generic authentication forwarding"),
85
Bullet("Work on applications"),
86
Bullet("Auditing of the code"),
87
Bullet("Increase speed"),
93
Bullet("Working implementation in Python"),
94
Bullet("Much room for improvement"),
98
lecture.renderHTML(".", "conch-%d.html", css="main.css")