On Tue, 25 May 2021 at 04:04, Björn Persson <Bjorn@rombobjörn.se> wrote:
Kevin Kofler via devel wrote:
> Zdenek Dohnal wrote:
> > CUPS discovery is designed to run on secure, private LAN, so it is
> > expected that you have a protection against somebody connecting to your
> > WIFI.
>
> That is (still) a reasonable assumption for a home WiFi WLAN on which a home
> printer is likely to be located. That is what WPA is for.
>
> Sure, you can connect a notebook or smartphone to untrusted public WiFi
> networks, but you normally do not print in such a network.
None of that answers the question: How can I tell whether the printer
I'm sending to is on an untrusted network, on an imaginary network
created for a USB printer, or on a 1980s-style isolated LAN? Will the
name of the network interface be displayed when I choose a printer?
Will there at least be a visible difference between a permanently
configured printer and an auto-found printer, so I can continue to have
my printer configured and know that I'm sending to that one?
Do I need to explain, detail by detail, the errors in the reasoning
"People don't print on untrusted networks. Therefore any network with a
printer on it is trusted.", or can people see the logical flaws on
their own?
The truth is that most people know about it, and have decided that they can go 'meh' and keep living. The same as knowing that you have a high cumulative chance you will get killed by a car/bus to any other danger in your life.. but we put more work on making sure lightning doesn't hit us than driving safe.
It comes down to the definition of 'untrusted' to most people. You (and me 20 years ago) are using the computer security definition while everyone else uses the 'if I didn't trust it I wouldn't print on it' gut level definition.
Very very very few people really care about the logical flaws. If even the people who dictate policies that require secure printing did then there would have been a printing protocol written with the assumption that the network, printer and computers are hostile. Instead IPP, LPD and other print protocols have always been written with the assumption that the local network is some level of secure. You can force higher levels of security in some cases with a lot of work (if you choose the right printer, if you choose the right network configuration, if you set up additional authentications, etc) but you can also break out of those security levels in various ways because the underlying principles were not designed to this.
--
Stephen J Smoogen.
I've seen things you people wouldn't believe. Flame wars in sci.astro.orion. I have seen SPAM filters overload because of Godwin's Law. All those moments will be lost in time... like posts on BBS... time to reboot.
I've seen things you people wouldn't believe. Flame wars in sci.astro.orion. I have seen SPAM filters overload because of Godwin's Law. All those moments will be lost in time... like posts on BBS... time to reboot.
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
