faq  flatforty  contribute  subscribe  configure  search  rdf  main  parent  thread	Re: Guarddog is insecure by default! by c on Tuesday 02/Aug/2005, @17:59 then do 1 or more of the following: 1. warn that the icq protocol is not secure 2. use ralsina's proposal 3. don't advertise guarddog as secure by default	Related Links  ·   Articles on Applications  ·   Also by c  ·   Contact author Thread Threshold: 10 comments 20 comments 30 comments 40 comments 50 comments 60 comments 70 comments 80 comments 90 comments 100 comments 110 comments 120 comments 130 comments 140 comments 150 comments 160 comments 170 comments 180 comments 190 comments 200 comments 300 comments 400 comments 500 comments 1000 comments
	The Fine Print: The following comments are owned by whomever posted them. ( Reply ) Re: Guarddog is insecure by default! by Simon Edwards on Tuesday 02/Aug/2005, @22:16 > 1. warn that the icq protocol is not secure I'll have a good think about how best to communicate that to the user. (Suggestions are welcome. I'm gravitating towards any extra 'risk' column with a small rating symbol. Instead of little gold stars there will be scary little skull-and-crossbones symbols. :-) Seriously, that is exactly what I am thinking now.) > 2. use ralsina's proposal That is not likely to happen soon. It is, well, radically different than the current approach. > 3. don't advertise guarddog as secure by default ICQ is not on by default. -- Simon [ Reply To This | View ] Re: Guarddog is insecure by default! by dsaf on Thursday 04/Aug/2005, @03:29 > > 1. warn that the icq protocol is not secure > I'll have a good think about how best to communicate that to the user. > (Suggestions are welcome. I'm gravitating towards any extra 'risk' column > with a small rating symbol. Instead of little gold stars there will be scary > little skull-and-crossbones symbols. :-) Seriously, that is exactly what I am > thinking now.) In addition to that, how about a GRC-style set of coloured boxes that show what ports Guarddog has opened up. Additionally doubly warn of server ports that are opened up. > > 3. don't advertise guarddog as secure by default > ICQ is not on by default. Oh please. The real issue is this: No user can expect that allowing an ICQ client turns their computer into an open server! [ Reply To This | View ] Re: Guarddog is insecure by default! by Simon Edwards on Thursday 04/Aug/2005, @10:04 To be honest I don't think that warning the user is really going to help much. People don't read warnings. The best idea I can think of right now is to choose a range of ports and open only those for ICQ, and tell everyone to configure their ICQ client. That looks like the safest way to me. (Email me, or take this to the mailing list. Lets not take over the Dot. ;) ) -- Simon [ Reply To This | View ]   The Fine Print: The previous comments are owned by whomever posted them. ( Reply )

		"We've been wondering, are Andreas Pour and Navindra Umanee the same person?" -- Charles Samuels
KDE®, "K Desktop Environment", "KDE Dot News", "got the dot?" and the KDE Logo® are trademarks or registered trademarks of KDE e.V. in the European Union, the United States and other countries. All other trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the poster. The rest: Copyright © 2000-2008 KDE e.V. for The KDE Project. For further information or comments on this site, please contact the Webmaster.

[ home | post article | flat forty | subscribe | search | rdf ]