bitlord wrote:
This is about Fedora 21 which is still not released!!! Please read
carefully. And it is only default on Workstation image (that is what I
know)
Thank you for the warning! I have to read up on Captive Portal, but I'm willing
to bet that most people who run servers which are not specifically intended to
be such would rather not have a bunch of pings added to their network load. As
long as this behavior is something which applies only to those using it, bravo,
another new capability. But if it means that every server, or worse yet every
damn socket, is going to get pinged all the time, Hopefully this is not what it
seems, and will only apply to servers wishing to offer the feature, rather than
a ping attack on the network stack.
There is a new feature introduced in Gnome and NetworkManager which
allows 'Captive Portal'[1] services to work. This may be useful feature
for some users (that is why it is implemented), but most users won't use
it, and it pings fedora servers every '300seconds', it is enabled by
NetworkManager and 'NetworkManager-config-connectivity-fedora' <<
(package/config file) which is default installed in Workstation image
only (currently, unless someone explicitly pull it in for other live
images), 'gnome-shell' package only depends on it.
Because I'm not a security expert, I don't want to say this is security
issue, but privacy issue to some level (probably not critical), as I
understand it, no more information than request to get a file is being
sent (so only your 'IP' is exposed)), It currently uses HTTP to
communicate with fedora servers, but it is planed to use HTTPS [2],
without that you cannot verify who serves that file? (n00b here).
At the moment users aren't aware of this feature, and most users
probably never will find it working in the background, but I think it
shouldn't be enable by default silently, so I filed a 'fesco' ticket for
it [3] (PLEASE DON'T SPAM ON FESCO TICKET!, keep discussion here as much
as it is possible)
Please don't turn this thread to something which it shouldn't be. Be
constructive.
I don't want to insult anyone, just want this to be discussed, and
features like this to be discussed/announced with/to users and
developers in future.
(English is not my native language, I learned some basics from
reading/writing/listening, so, sorry for mistakes)
[1] - https://en.wikipedia.org/wiki/Captive_portal
[2] - https://bugzilla.redhat.com/show_bug.cgi?id=1135777
[3] - https://fedorahosted.org/fesco/ticket/1337
--
Bill Davidsen <davidsen@xxxxxxx>
"We have more to fear from the bungling of the incompetent than from
the machinations of the wicked." - from Slashdot
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
