[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Disable ZeroConf: how to ?

On Thu, Mar 03, 2011 at 11:02:47AM +0100, Klaus Ethgen wrote:
> Hi,
> Am Do den  3. Mär 2011 um  3:35 schrieb Chow Loong Jin:
> > > A system has not to listen for any unused and unneeded services ever. A
> > > firewall is to control services you _need_.
> > > 
> > > All that zeroconf stuff is absolutely not needed and wanted. (By the
> > > most users, I suppose.)
> [...]
> > Actually I absolutely love the <machine>.local resolution
> > functionality on a network (it works much better than the NetBIOS
> > crap that can never find another machine on a network when you want
> > it). That, and Pidgin's Bonjour support interfaces with iChat over
> > zeroconf, allowing you to chat with users (and exchange files,
> > perhaps?) across a network without needing to set up a centralized
> > chatting system.
> The thoughts of that makes me shiver!

Me too, but not in all cases.

There are two generic types of computing environments. For lack of a
better name, I'll call them the environment of the home user, and that
of the corporate user, though it's not entirely accurate. Unfortunately,
their requirements conflict somewhat.

For a corporate user, security is more important than convenience. When
an intruder breaks in to a corporate network, the repercussions could be
disastrous; in the worst case, corporate spies might bring down the
company. Since corporate environments are supposed to be having system
administrators who can administrate whatever services would be required
so as to avoid security issues that might result from convenience
services, it makes sense to disable those services there and have
manually-configured services instead.

For a generic home user -- someone who isn't very familiar with
computers -- convenience is more important than security. That's not to
say such people should have completely insecure systems, but the
trade-offs between security and convenience are slightly different. For
instance, I wouldn't expect my parents to understand what a DNS server
is, let alone how to administer it; but even if that is so, they still
expect to be able to reach eachothers' laptops by using names, rather
than IP addresses (if they would even know what an IP address is, which
I doubt). A break-in on a home network is bad, but beyond privacy
issues, the repercussions would be minimal, and therefore the security
measures can be less stringent if it helps increase convenience.

Of course the two overlap somewhat -- small companies' networks might
look more like home networks, and geeks' home networks might look more
like corporate networks -- but in general, I believe the above is true.

> Trusting untreatable sources on a network for configuring local stuff
> is worse ever. Either you have a trustable network then it gets
> configured in a clean way and by intend.  Or you have a untrusted
> network you do not want to use ever or only such fare that you can
> oversee it.

I agree with that, but only in the 'corporate' environment as described

> > I think those two functionalities are pretty useful to the end-user.
> Well, they might be for a mac or windows user that is not care about
> security at all. But it is horror for a debian user who care at least a
> bit about security.

Let's just say 'end users who are not very aware of computing
technology' rather than 'mac or windows user', shall we?

There are several Debian users who fall in that category, too. And while
I agree that disabling zeroconf should be easily possible, I think a
default of 'convenience for a home user' is not a bad thing for a
distribution that is used for both corporate and home environments. Such
a default would include 'enabling zeroconf'.

> And even worse, debian is often used on server platforms where you never
> ever want to have any such magically configured services.

Since avahi isn't a dependency of anything you'd want to install on a
server -- I personally have never installed gnome on a server, for
instance -- it usually isn't.

The biometric identification system at the gates of the CIA headquarters
works because there's a guard with a large gun making sure no one is
trying to fool the system.

Reply to: