[mythtv] Proposed change to Network Communications

Brian J. Murrell brian at interlinx.bc.ca
Sat Mar 11 03:18:11 UTC 2017

On Sat, 2017-03-11 at 15:27 +1300, Stephen Worthington wrote:
> such as installing ransmomware on your Windows PCs
> or making your TV spy on you with its microphone.

So, just to be clear, a firewall is not likely going to protect against
these types of attacks.

Ransomware on your PC is usually brought in through drive-by attacks or
plain old e-mail attachment attacks.  Your usually consumer-grade
firewall will not typically protect against those.

Your TV spying on you with it's microphone or even a hidden webcam will
also not likely be stopped by a typical consumer-grade firewall either
as those connections are typically created by the TV from inside the
network where connections are usually allowed.

The moral of this story is that you should be untrusting of even the
devices *inside* your network if you don't know what software is
actually running on them.  And by "know" I don't just mean know the
name of the software.  Everyone knows Windows and by now, everyone
realizes that it is evilly spying on your also and needs to be
firewalled from leaving your network, not getting in.

The future is likely firewalling every single IoT device in your
network away from every other device and only allowing it outbound to
where you know it is doing good things for you and not working against
you.  We are heading towards a very hostile network environment, even
inside your typically "crunchy exterior shell" perimeter protection. 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part
URL: <http://lists.mythtv.org/pipermail/mythtv-dev/attachments/20170310/e0e105df/attachment.sig>

More information about the mythtv-dev mailing list