|
Title: Security concern Post by: robt on June 30, 2006, 11:56:05 AM Not sure if this is a support problem or a new feature request but I have a security concern.
Downloaded Collanos today and have it running on OSX 10.4.7. We have a small internal network with a router to the outside world. If you just clkick the Search button in the invite dialog you find all the online Collanos userrs in the world! Is this supposed to happen? Is there any way in which I can restrict access to my internal Lan without having to turn my router off? Rob Title: Re: Security concern Post by: Franco Dal Molin on July 03, 2006, 08:26:52 AM Hi Rob, thanks for pointing this out. At the moment, we are detecting ALL users. This is supposed to happen. This is currently done through a central service that "knows" who is online at any given moment. We don't store any data, but every peer that gets online tells the central service its status. This central "Rendezvous" service is needed for the core Presence Awareness feature as well as the invitation process.
In a future release, we might add the possibility to restrict the visibility of peers, i.e. closed user groups. This could be done in a number of ways, e.g. - as you are proposing - limiting visibility to users within a LAN or subnet, or by running a private Rendezvous service in your LAN, or through a group directory of pre-authenticated users. Again, this are only envisioned options at this moment. We don't currently have specific product plans or release dates for such a feature. While you see all users, and all users see you (when online), your security is always guaranteed. Nobody "sees" into your LAN and no resources whatsoever are shared. We use the concept of "by invitation only" secure shared spaces and we also encrypt all data transfers point to point. We want to improve. Can you tell us a bit more about your concerns and requirements? Is it that you simply don't want to be seen by others? Or are your concerns more LAN security/intrusion related? I'd appreciate your additional comments. Thanks. Title: Re: Security concern Post by: robt on July 03, 2006, 11:33:18 AM Hi Franco
Thanks for the response. I think it would be good to set up some sort of preference that would restrict your Rendevous service to local networks. As a Mac-based network I expect we are quite relaxed about being attacked. However, the guys in the next office run a PC network and their system manager is paranoid about opening any gateway to the world - for good reason. His network once contracted a virus. Following an agressive disinfection, he was immediately re-infected. The source was the PC/Windows system embedded in our network printer. We now make sure that is kept clean. A "local only" preference might help resolve his paranoia. Rob Title: Re: Security concern Post by: Catapault on August 27, 2008, 08:41:12 PM Hi
I'd like to request in our profile we can choose to Show Profile or Allow Open Invitation. It's not really acceptable to have any sort of information arising on central exchange, even if it is a list of names open to invitation. Thanks |