encrypted file transfer protocols compared

I like putting up some explanatory “this versus that” documents on stuff I know a little about. I’ve done things like curl vs wget, ftp vs http and http vs bittorrent in the past.

This time, I decided it was about time to do a technical comparison of the four major encrypted file transfer protocols SCP, SFTP, FTPS and HTTPS and explain how they differ in as many aspects and viewpoints as possible. I quite often get questions about how some of these compare against some of the others and why you’d use one instead of another etc. I hope this document will help people to find such answers themselves.

Of course I do mistakes and sometimes express myself in muddy ways, so your feedback and help is important. You can help me make this comparison become better!

http://daniel.haxx.se/docs/encrypted-transfer-protocols-compared.html

It’s still rough and all, but what question and comparisons between them do you miss? What mistakes have I done? What parts aren’t spelled out clear enough?

Rockbox Devcon 2009 Summary

Rockbox Team Devcon in Ghent Belgium 2009

The Rockbox team that gathered in Ghent for this weekend of talk, hacking and socializing (drinking beer) is caught on this group picture. Click the image for a slightly larger version. Photo by Petur.

The people on the photo

The top line from the left: amiconn, markun, bertrik, gevaerts, GodEater, AlexP, Zagor, domonoky, Bagder (me!)

The lower line from the left: kugel, pixelma, scorche, petur

We did have a 2-hour discussion session on the saturday, and I expect to post an mp3 of it later on. The short and compressed outcome in plain text is found here. Petur was a great host. The facilities were nice, the hotel was great, the food arrangements worked out perfectly. A swell weekend!

As our tradition demands, we did bring out all our targets (portable music devices that can run Rockbox or at least have some code in the Rockbox repo) to be used as building bricks to create a Tower of Rockbox.

This first picture shows that we have a pretty wide selection of players in this room:

Rockbox Tower 2009 Device Overview

With all those “bricks” put in an imaginative order on top of each other, the result could look something like this:

Rockbox Rower 2009

you may enjoy comparing this building with last year’s creation.

More pictures from this year can be found in Petur’s collection and gevaerts’ collection.

libssh2 vs libssh

There are only two open source libraries for SSH that I am aware of. At least that are at the fundamental layer, written in C.

I researched the SSH library market years ago when I stuck with libssh2 as the one I thought was most promising, and since then I and others have taken it much further. The lib that I didn’t go with at that time, confusingly enough named libssh, recently came out with a new release.

Since there is now clearly two active open source SSH libraries it feels like we should help our users and potential newcomers by explaining how our projects and libraries differ. As a little teaser: one of the libraries turned out more than twice as fast as the other in my test…

While I admit to not having actually used libssh for real, I’ve read the docs and I’ve tried it a little bit. My take at a comparison is now online at:

http://www.libssh2.org/libssh2-vs-libssh.html

I will highly appreciate your feedback and additional things that differ between the two! The list isn’t really much to boast about as it currently looks!

HTTPbis at IETF75

Mark, one of the editors of the ongoing HTTPbis efforts, first mentioned that there wasn’t going to be any HTTPbis meeting on the upcoming IETF75 meeting in Stockholm July 26-31, 2009. I felt a bit sorry for that since I live in Stockholm, I’m a bit involved in the HTTPbis work and I’ve never been to a IETF meeting.

It simply must have been due to my almighty powers, but apparently two of the editors are going here anyway and there has now been a request for a HTTPbis session during the meeting.

I’m looking forward to this! Hopefully it’ll bring some fun talks on tech we care about, but also meeting cool people in real life that I never met before.

Stockholm

Oh, and am I the only one who can’t find the dates anywhere on ietf75.se?

Kernels on those phones

So Google says there could be 18 phones running Android by the end of this year. In Sweden we just days ago got HTC Magic, the first ever Android phone showing up here (tied to a ridiculous operator deal that makes me and lots of my friends not go that route). Then Palm shipped their Palm Pre just days ago, also based on Linux.

This has brought the interesting questions: how is the state of these kernel HTC Magicports in regards to the mainline Linux tree? They’re both using ARM cores (of course).

The ARM kernel maintainer Russell King himself is not impressed. Apparently Google hasn’t even tried to push their work upstream to the kernel in a long while. The tone in that discussion did make it sound as if they might be starting to work on this again now.

The Palm guys apparently haven’t even yet shown any code at all, but is said to be releasing their code within two weeks to opensource.palm.com.  They have not even tried to push their work upstream, so I figure they’re either not even going to bother or they are facing a rather steep uphill battle in the future.

Lyre

I’ve previously blogged about the initiative to build an own open hardware platform that can run Rockbox fine, and just today I noticed their new site is up and alive at:

http://lyre.sourceforge.net/

The hardware has changed quite significantly since the last blog entry of mine, and they’re now using a LPC3130 from NXP instead of the Atmel they had before, and I believe they’ve also changed codec/DAC etc. Me knowingly, Rockbox does not yet run on this newly produced board.

Lyre PCB

I should probably also add that this board is of course still quite far from being portable and there’s no news or info anywhere on how or if you can actually get one of these yourself yet.

Eeepc with Linux and Swedish 3g

This is a follow-up on my “getting the new toy” from a week or so ago. An Eee PC S101.

I didn’t like easypeasy on it. It seems that distro is more or less Ubuntu Netbook Remix (UNR) with a little EEE flavor applied. What’s not to like about it? They seem to think that because this is a netbook, normal UI guidelines no longer apply so therefore they’ve scrapped the ordinary main desktop (and its menu) concept and instead have a new full-screen “app launcher”. That’s not too shabby, but it comes with another idea that I can’t accept: they run all applications in full-screen mode by default.md400 And I couldn’t figure out how to alter that default.

Full-screen might be fine for some apps at some times, but then I’d like to explicitly ask for it instead of having to learn now to “unmaximize” each app (they’ve also removed/altered the window decorations so there are no standard three buttons on the upper right corner of the maximized windows). To top it off, it seemed that the latest easypeasy isn’t built with the latest ubuntu and thus it failed to connect with my 3g modem…

Instead I took the base version of eeebuntu for a spin and that is so much closer to what I want in a linux. It’s ‘base’ so it only comes with the bare minimum. It has no fancy alternative UI but relies on the traditional well-proven and by me liked X11 (gnome) desktop.

I inserted my Sony Ericsson MD400 USB 3g modem that I got from Telenor/Bredbandsbolaget and within a few seconds I was online. It couldn’t have been a much smoother ride.

I know people have expressed opinions that it’s a better idea to use laptops/netbooks with an internal 3g modem so that you don’t have to use any external devices so that it’ll be more slick and all. I think I was of that opinion as well until I got this usb thing in my hand. It’s basically just a tad larger than any ordinary USB memory stick (70 x 28 x 15 mm) so it’s really not much “in the way” or disturbing when inserted in a laptop and it comes with windows drivers on it (as it dual-serves as a usb mass-storage device as well). It makes it a perfect little device to move between different laptops. We have so far three laptops in our household and now I can get any of them onto 3g if I want to.

A little side-note on my eeebuntu install on the SD card: when I ran unetbootin I selected to install the “live/install” version on the hard drive (which of course is a SSD but anyway) to then install it on my SDHC card, but it simply wouldn’t work. I tried three times and every time it froze somewhere in the middle of the install. When I then re-ran unetbootin and made a boot usb stick, and then ran from there instead when I did the install, it worked perfectly…

More HD sound

Proving my point from before that everything wants to be “HD” these days, I read the Zune HD specs that come out recently and in that I found out that it claims to support HD radio. Amusingly enough, it does not claim mp3hd support which probably would’ve made the buzzword bingo crowds go wild. We can always hope for the next model! 🙂

So what is HD radio? The site says:

Instead of sending out one analog signal, stations send out a bundled signal – both analog and digital. Because it is digital, textual data such as traffic, stock info and song titles can be sent out, as well.

From what I understand, pretty much the same way RDS is already done.

The technology is not even new. The site lists news items from 2006 and yet I’ve never heard of it before. They claim FM stations get “CD-quality sound” and (as I find pretty funny) AM stations get “FM-quality sound”. What is “CD-quality” in this context I wonder? I find no mention or details on what exact codecs or bitrates etc they use. Wikipedia’s page to the rescue: it says you get approximately 100-150 kbps of a lossy “proprietary iBiquity HDC codec” which claims to be able to provide “CD quality as low as 64 kbit/s”. Somehow I think that sounds a little too good to be true. According to wikipedia HD radio beats DAB in audio quality.

And to top it all of, the FAQ describes what the HD means:

It does not mean either hybrid digital or high definition, it is simply the branding language for this new technology.

Personally I’ll just rather go IP all the way and stream my music/radio/video over that. I think media or content-specific transfer mediums/concepts of this kind are technologies of the past. For this reason, I don’t think DAB+ will have much of a future either.

curl, open source and networking