[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: bittorrent in core? what frontend?



On Sat, December 17, 2005 2:39 pm, Jesse Keating said:
>
> yes and no.  Those that open their own ports to be forwarded are rather
> insiduous.  They don't rely on an established/related communication, so
> any data can come down that forward into the client, not just that which
> is expected.

This is no different than if the ports are opened manually though.  
Anyone who has to open them manually is likely to leave them open when
they shut down their bit torrent client as well.   So really UPnP is more
secure because the ports are only forwarded while the application is
active.
>
> And the folks that don't understand the evils of upnp are the folks that
> are going to leave it open.  Secure by default, let users hang
> themselves w/ the rope that is provided in options.

The risk seems very minimal and the reward rather large.

> Every bit of little risk adds up into a platform that is risky by
> default, and folks have to spend effort to 'secure' it after
> installation.  This is a path I would _not_ like to see Fedora go down.

Well almost everything adds a bit of risk; letting a user log into the
machine is risky, yet we want our computers to be usable, not just locked
in a box with no power cord attached.   And in this case using the UPnP
facility actually can mitigate some risk as well since the ports are
properly closed when not in use.   On top of that it makes life easier for
users.

Sean


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]