I’ve been experimenting with The Dude v7.15.3 on CHR. I note that The Dude client no longer has a “secure” radio button. It seems unlikely that connection security has been removed and more likely that the insecure option is no longer available. I have not been able to locate any conclusive information regarding the security of the client/server communication among MikroTik wikis or manuals. Is this communication secure and if so, what protocol is used?
Dude uses the same winbox protocol to communicate between the windows client and dude server package. So it’s as safe as winbox protocol, which docs suggest:
DH-1984 for key exchange and modified and hardened RC4-drop3072 encryption to secure the session.
There is no choice on Dude login for Secure Mode since the dude client, unlike winbox, will re-download itself to get the client version to match the connected server. Since recent RouterOS all use secure mode, that’s what you get. The “Secure” choose on a Dude device on map is same as winbox’s login menu, since those could be older RouterOS devices. But winbox has used “secure” mode for a long time, so unless you had non-upgrade older V6 devices, you should be able to use secure.
Or, at least this is my understanding.
(right)
I did read that bit about the DH-1984 key exchange, which implies there is some sort or encryption being used, but didn’t find any info regarding the actual encryption protocol. Now that I know what to search for I can find the documentation that states the RC4-drop3072 protocol. So, thanks for the response 
In the mean time, I did a packet capture of The Dude client connecting and can clearly read the user name (but not the password) in the captured packets.
FWIW, docs on winbox suggest: “WinBox uses AES128-CBC-SHA as an encryption algorithm (requires WinBox version 3.14 or above).” So hard to know…
But IMO dude/winbox protocol should NEVER run over internet (outside a VPN). The dude/winbox/routeros login password should be encrypted… but I’m not sure everything is… so items in config like ipsec secrets, SNMP communities, etc. might be visible from a sniffer.