[asterisk-dev] Security Request for discussion: Should sip.conf allowguest=yes be the default
Tzafrir Cohen
tzafrir.cohen at xorcom.com
Thu Nov 12 12:34:48 CST 2009
On Thu, Nov 12, 2009 at 05:11:41PM +0000, Alexander Harrowell wrote:
> On Thursday 12 November 2009 16:59:40 Alexandre Cavalcante Alencar wrote:
> >
> > It will be very welcome to change the default insecure behavior to a
> > more secure one. But it's not the solution for all the security
> > problems out there.
> >
>
> Look at the impact Microsoft's decisions to leave various things in an
> insecure state by default had on the global Internet community. How many major
> botnets would there be had XP shipped with WinFirewall set ON?
You mean: that stupid thing that annoys users so much and getting the
user to authorize access through it is a trivial exercise of human
engeneering?
Makeing life pointlessly difficult for the users also has similar
consequeces.
>
> Arguably, shipping software designed to be connected to the Internet at one
> end and possibly to a telecomms network which is both metered and considered
> safety critical at the other without leaving its defaults in a secure state is
> irresponsbile.
Please explain to me why exactly allowing guests is a bad thing. How can
I allow people to call me from the internet? Create a local account for
each and every one in my addressbook?
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.cohen at xorcom.com
+972-50-7952406 mailto:tzafrir.cohen at xorcom.com
http://www.xorcom.com iax:guest at local.xorcom.com/tzafrir
More information about the asterisk-dev
mailing list