Am 15.04.2014 18:51, schrieb Andrew Lutomirski: > On Tue, Apr 15, 2014 at 9:44 AM, Reindl Harald <h.reindl@xxxxxxxxxxxxx> wrote: >> >> >> Am 15.04.2014 17:40, schrieb Andrew Lutomirski: >>> On Tue, Apr 15, 2014 at 7:42 AM, Reindl Harald <h.reindl@xxxxxxxxxxxxx> wrote: >> >> >>> How about having an API where things like DLNA can simply >>> not run until you're connected to your home network? >> >> you can prove that this will always happen the right way? >> you can implement software *for sure* knowing the fact >> what my home network is? if you can do that you get rich! > > Does the firewall really help? yes, because there is no single port reachable after the installation and you can at least install security updates released after the GA of the current Fedora setup until you have a port open > Why should you trust your home network anyway? because i get paied for secure comapny networks? > Your already-known-to-be-malicious television can mess with > ARP or DHCP, intercept an HTTP request, and CSRF the crap > running on your computer. my television can do a CRSF? my television can send me a mail and click on a link there? don't talk about things which are *obviously* out of your business http://en.wikipedia.org/wiki/Cross-site_request_forgery and no my television can do nothing because my television is blocked on any incoming port on my computer - guess by what: the firewall > Note that there are two separate issues there. Your home network is > *not* secure, and your firewall, even in fully locked-down mode, isn't > really protecting you in other words: let us give up with security, disable any barrier and security layer because we can't win that fight - interesting attitude!
Attachment:
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
