[mythtv] Proposed change to Network Communications
gary.buhrmaster at gmail.com
Wed Mar 8 16:46:16 UTC 2017
On Wed, Mar 8, 2017 at 12:36 PM, Brian J. Murrell <brian at interlinx.bc.ca> wrote:
> You are right that the security implications of globally routing all-
> the-thingz is going to have to be realized and properly dealt with.
> But this applies to just about every device in a person's network. Is
> making MythTV more difficult to use to try to mitigate just this one
> occurrence of (many of) this problem really the right choice?
The big difference between the myth protocol and (say)
ssh is that the later uses authentication, and the former
allows any person (who determines your IPv6 address)
to delete all your content (among other things) without
anything other than your public IP address.
If your Nest thermostat allowed unauthenticated access
to turn off your heat, would you consider that a security
vulnerability or not?
Do not get me wrong, I think IPv6 is the now, and
IPv4 is legacy/dead. But the myth protocol has been
regularly stated by the MythTV elders as not being
public Internet ready, and only with stateful protection
(or someone who knows how to configure firewall rules)
should one consider running the device on the public
Internet. Changing the defaults to run IPv6 publicly
will require stepping up the other parts of the protocol
(one mitigation short of authentication might be to set
the TTL for the myth protocol to something like 3,
(just like DTCP-IP), which is more or less "in the
residence" for 98% of the users).
Anyway, I have had my say, if the devs want to
default to a bind of :: it works for me (since I have
had appropriate IPv6 protections in place for nearly
a decade now).
More information about the mythtv-dev