Deutsch   English   Français   Italiano  
<HsOdnbqYQq9BGJD6nZ2dnZfqn_udnZ2d@giganews.com>

View for Bookmarking (what is this?)
Look up another Usenet article

Path: ...!Xl.tags.giganews.com!local-1.nntp.ord.giganews.com!news.giganews.com.POSTED!not-for-mail
NNTP-Posting-Date: Mon, 14 Oct 2024 20:58:04 +0000
Subject: Re: Security? What "Security"?
Newsgroups: comp.misc,comp.os.linux.advocacy,misc.news.internet.discuss
References: <1r19ri6.xu1j411x9lob6N%snipeco.2@gmail.com>
 <ln3h70Fse54U1@mid.individual.net>
 <uR6cneotZp_6DJH6nZ2dnZfqn_qdnZ2d@giganews.com>
 <ln3ildFse54U2@mid.individual.net>
From: % <pursent100@gmail.com>
Date: Mon, 14 Oct 2024 13:58:04 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
 Firefox/91.0 SeaMonkey/2.53.19
MIME-Version: 1.0
In-Reply-To: <ln3ildFse54U2@mid.individual.net>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Antivirus: AVG (VPS 241014-4, 2024-10-14), Outbound message
X-Antivirus-Status: Clean
Message-ID: <HsOdnbqYQq9BGJD6nZ2dnZfqn_udnZ2d@giganews.com>
Lines: 46
X-Usenet-Provider: http://www.giganews.com
X-Trace: sv3-qkTN6dqSo+Iab/fQmDbRNI7I8Ip/+ZDYiymi3qXF+gPB0f/CqH5l3046IaPP27ePL9WLnpfcDqy7ybZ!vDWsHZJ/Uyb+7hOzlk9ZbU1Qsz94l8BVto23q2FubN6Ve8VYnGUkuzPXKd3zEl/5olEK1lMrXnpW
X-Complaints-To: abuse@giganews.com
X-DMCA-Notifications: http://www.giganews.com/info/dmca.html
X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly
X-Postfilter: 1.3.40
Bytes: 3501

Sylvia Else wrote:
> On 14-Oct-24 11:35 am, % wrote:
>> Sylvia Else wrote:
>>> On 11-Oct-24 10:17 pm, Sn!pe wrote:
>>>> My pet rock Gordon asserts that every networked device has a backdoor.
>>>> Therefore, anything viewable in clear on that device is insecure and 
>>>> the
>>>> quality of message encryption is moot.
>>>>
>>>
>>> An initial question is what exactly is meant by "backdoor". Any 
>>> networked device that is capable of remote update by the vendor can 
>>> presumably be updated by the vendor to do anything that any device on 
>>> your network can do. But this does not imply that anyone else can do 
>>> that. Of course it does mean that you security depends on the 
>>> security of the vendor, which is an unknown quantity. This is partly 
>>> why the few remotely updatable devices that I do own are fire-walled 
>>> off from the rest of my internal network.
>>>
>>> Few networked devices accept incoming connections, for the simple 
>>> reason that they're unlikely to get past a gateway router. Most work 
>>> by making outgoing connections to the vendor's server. The better 
>>> implementations require an authenticated server certificate, which 
>>> makes impersonation of the vendor pretty much impossible. Without a 
>>> certificate the intending intruder may engage in something like a DNS 
>>> cache poisoning attack, but they have become more difficult over the 
>>> years.
>>>
>>> If one is to worry about back-doors, the main vulnerability is the 
>>> router itself, and this has indeed been a problem in the past, 
>>> especially where the ISP has the ability to update firmware or change 
>>> settings, because now one is dependent on the security of the ISP, 
>>> which is not always been up to the task.
>>>
>>> Commercially supplied routers have a bad record of vulnerabilities. I 
>>> use a small single board computer as a gateway instead.
>>>
>>> Sylvia.
>>>
>> i have nothing to hide so i don't do anything
> 
> Not even information that could be used in identity theft?
> 
> Sylvia.

nothing