F21 System Wide Change: Workstation: Disable firewall

Andrew Lutomirski luto at mit.edu
Tue Apr 15 16:51:31 UTC 2014

On Tue, Apr 15, 2014 at 9:44 AM, Reindl Harald <h.reindl at thelounge.net> wrote:
> Am 15.04.2014 17:40, schrieb Andrew Lutomirski:
>> On Tue, Apr 15, 2014 at 7:42 AM, Reindl Harald <h.reindl at thelounge.net> wrote:
>> How about having an API where things like DLNA can simply
>> not run until you're connected to your home network?
> you can prove that this will always happen the right way?
> you can implement software *for sure* knowing the fact
> what my home network is? if you can do that you get rich!

Does the firewall really help?  Why should you trust your home network
anyway?  Your already-known-to-be-malicious television can mess with
ARP or DHCP, intercept an HTTP request, and CSRF the crap running on
your computer.

Note that there are two separate issues there.  Your home network is
*not* secure, and your firewall, even in fully locked-down mode, isn't
really protecting you.


More information about the devel mailing list