[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Disable ZeroConf: how to ?

On 2011-03-03, Bastien ROUCARIES <roucaries.bastien@gmail.com> wrote:
> Giving information on my system without admin concent is an
> information leak, and thus tag security...

Information leaks are leaks of *sensitive* information.  If I want to know if
you run phpmyadmin at its default location I just poll that URL and your
webserver will tell me.  If you don't run it there but in another path you'll
likely not know where to change it in the Avahi broadcast data.

And next time we get bugs about Iceweasel leaking its version number in the
User-Agent header, which I consider more sensitive (cf. Panopticlick).  But
then my mileage varies, as yours does, too.

We don't like security by obscurity, as you might know.

Kind regards
Philipp Kern

Reply to: