[GTALUG] security threats of Open Source
Lennart Sorensen
lsorense at csclub.uwaterloo.ca
Fri Nov 20 16:49:02 EST 2020
On Fri, Nov 20, 2020 at 03:21:23PM -0500, David Thornton via talk wrote:
> I can second the "noscript" thing. "Default deny" is good practice. No- one
> has to explain it for firewalls ( any more I hope), so why do we have to
> explain it in other places?
Have you seen what Apple did in MacOS 11 for the firewall interface?
Apparently Apple's own apps get to be excempt from firewalls. Didn't take
long for people to show how that could be abused to let anything you
want through.
--
Len Sorensen
More information about the talk
mailing list