Re: Adding Passim as a Fedora 40 feature?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On Fri, 25 Aug 2023 at 16:27, Stephen Smoogen <ssmoogen@xxxxxxxxxx> wrote:
> It depends on the scanning from ports open to unknown shared files to 'why did our network costs go up so much?'

Surely if you're on a local network with bandwidth costs you'd turn
off avahi or lock down the firewall? Lots of stuff blasts out mDNS
traffic these days.

> Going from other things it has been a way to inject bad packages, bad metadata, mass system slowdowns across a fleet, using the service on N systems as a DDOS against third parties (which they then charge fees for), etc.

All good things to document in the README, thanks. I think it helps
that if you're on a LAN with 25 machines all offering the same file we
choose one *at random* so if there's one bad actor we don't degrade
things for everybody all at the same time. And the fallback for
"someone on my LAN has given me garbage" is "fall back to the CDN"

> chained flaw in say a compression routine which 'should never happen with legitimate data'.)

Agree. I'm less worried about this one as the first thing we do is
compare the SHA-256 checksum, and the next is check the signature
using GnuTLS.

I'll update the README with some of those points next week, thanks.

devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct:
List Guidelines:
List Archives:
Do not reply to spam, report it:

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux