| Deutsch English Français Italiano |
|
<HsOdnbqYQq9BGJD6nZ2dnZfqn_udnZ2d@giganews.com> View for Bookmarking (what is this?) Look up another Usenet article |
Path: ...!Xl.tags.giganews.com!local-1.nntp.ord.giganews.com!news.giganews.com.POSTED!not-for-mail NNTP-Posting-Date: Mon, 14 Oct 2024 20:58:04 +0000 Subject: Re: Security? What "Security"? Newsgroups: comp.misc,comp.os.linux.advocacy,misc.news.internet.discuss References: <1r19ri6.xu1j411x9lob6N%snipeco.2@gmail.com> <ln3h70Fse54U1@mid.individual.net> <uR6cneotZp_6DJH6nZ2dnZfqn_qdnZ2d@giganews.com> <ln3ildFse54U2@mid.individual.net> From: % <pursent100@gmail.com> Date: Mon, 14 Oct 2024 13:58:04 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0 SeaMonkey/2.53.19 MIME-Version: 1.0 In-Reply-To: <ln3ildFse54U2@mid.individual.net> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Antivirus: AVG (VPS 241014-4, 2024-10-14), Outbound message X-Antivirus-Status: Clean Message-ID: <HsOdnbqYQq9BGJD6nZ2dnZfqn_udnZ2d@giganews.com> Lines: 46 X-Usenet-Provider: http://www.giganews.com X-Trace: sv3-qkTN6dqSo+Iab/fQmDbRNI7I8Ip/+ZDYiymi3qXF+gPB0f/CqH5l3046IaPP27ePL9WLnpfcDqy7ybZ!vDWsHZJ/Uyb+7hOzlk9ZbU1Qsz94l8BVto23q2FubN6Ve8VYnGUkuzPXKd3zEl/5olEK1lMrXnpW X-Complaints-To: abuse@giganews.com X-DMCA-Notifications: http://www.giganews.com/info/dmca.html X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly X-Postfilter: 1.3.40 Bytes: 3501 Sylvia Else wrote: > On 14-Oct-24 11:35 am, % wrote: >> Sylvia Else wrote: >>> On 11-Oct-24 10:17 pm, Sn!pe wrote: >>>> My pet rock Gordon asserts that every networked device has a backdoor. >>>> Therefore, anything viewable in clear on that device is insecure and >>>> the >>>> quality of message encryption is moot. >>>> >>> >>> An initial question is what exactly is meant by "backdoor". Any >>> networked device that is capable of remote update by the vendor can >>> presumably be updated by the vendor to do anything that any device on >>> your network can do. But this does not imply that anyone else can do >>> that. Of course it does mean that you security depends on the >>> security of the vendor, which is an unknown quantity. This is partly >>> why the few remotely updatable devices that I do own are fire-walled >>> off from the rest of my internal network. >>> >>> Few networked devices accept incoming connections, for the simple >>> reason that they're unlikely to get past a gateway router. Most work >>> by making outgoing connections to the vendor's server. The better >>> implementations require an authenticated server certificate, which >>> makes impersonation of the vendor pretty much impossible. Without a >>> certificate the intending intruder may engage in something like a DNS >>> cache poisoning attack, but they have become more difficult over the >>> years. >>> >>> If one is to worry about back-doors, the main vulnerability is the >>> router itself, and this has indeed been a problem in the past, >>> especially where the ISP has the ability to update firmware or change >>> settings, because now one is dependent on the security of the ISP, >>> which is not always been up to the task. >>> >>> Commercially supplied routers have a bad record of vulnerabilities. I >>> use a small single board computer as a gateway instead. >>> >>> Sylvia. >>> >> i have nothing to hide so i don't do anything > > Not even information that could be used in identity theft? > > Sylvia. nothing