funsec mailing list archives
Re: This sounds like a security disaster just, waiting to happen...
From: Susan Bradley <susan () msmvps com>
Date: Wed, 29 Apr 2009 18:07:51 -0700
After I got up off the floor laughing at the who's on first beauty of the above logic chart, it hit me that this probably would not be limited to "internet" cached data, but possibly all internal web data as Rich says. Right away I thought of ACL content (auth/auth) that is web based within a company tagged "your eyes only" that could be cached. Quick, how many apps do _not_ use windows domain based auth/auth to determine who is allowed to see content. Ick. This would be bad where I work. "read the entire blurb steve..." -steve
One thing that counters the use of this: 1. Requires Windows 7 enterprise or Ultimate, Brache cache is not available in Win7 Professional and needs Win2k8 R2 on the server side. So first off there are licensing barriers for corporations. 2. My understanding is that it requires ipv6 on the edge (I may be confusing the requirements with Direct Access which is also an enterprise only offering). Honestly how long will it be before Win7 is deployed? How long before Win2k8 R2 is deployed in real world enterprises? How many of you guys have material amounts of Vista deployed now in your networks? Uh huh. Gonna be a few years before this is truly seen in the real world and Win7 SP2 will be out by that time. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: This sounds like a security disaster just, waiting to happen... Susan Bradley (Apr 29)