New ZeroConf Spec

Patrick McFarland diablod3 at
Fri Jul 14 00:57:26 BST 2006

On Thursday 13 July 2006 08:44, Scott James Remnant wrote:
> On Thu, 2006-07-13 at 11:50 +0100, Ian Jackson wrote:
> > Scott James Remnant writes ("Re: New ZeroConf Spec"):
> > > ... ah, I believe we have reached the middle of this conversation ...
> >
> > I should have known better than to get into a discussion about
> > `security'.  The very word seems to blank people's brains.
> What do you mean?
> That almost sounds like it was intended to be insulting.

It probably was meant to be, but he's right. You have people clinging on to 
old outdated ways of thought (such as the no port open policy, which effects 
the development of the Linux desktop in negative ways), and you have people 
putting insane security policies before basic and required usability.

If a computer is to be used in a secure environment, the /user and owner of 
the machine/ has to understand security, we cannot force security on them. 
This has been tried before, and users just turn everything off because it 
gets in their way.

mDNS on most machines is not a security hazard. If you're worried about 
various daemons and programs having security flaws, then audit them. If 
you're just paranoid about other computers maliciously hacking you, then 
build a firewall app that has a prominent feature: "Click here to disable 

Otherwise, I'm going to go with what Apple currently does, who has invested 
far more much money in research into such issues than we have... Apple allows 
incoming mDNS and doesn't share files/information by default. Until they 
change their policy, I think we should do what they do.

Patrick McFarland ||
"Computer games don't affect kids; I mean if Pac-Man affected us as kids,
we'd all be running around in darkened rooms, munching magic pills and
listening to repetitive electronic music." -- Kristian Wilson, Nintendo,
Inc, 1989

More information about the ubuntu-devel mailing list