Re: misunderstanding scale

[Mark Andrews <marka () isc org>]

In message <532F60DD.3030302 () foobar org>, Nick Hilliard writes:
> On 23/03/2014 21:02, Mark Andrews wrote:
> > Actually all you have stated in that printer vendors need to clean
> > up their act and not that one shouldn't expect to be able to expose
> > a printer to the world.  It isn't hard to do this correctly.
>
> perish the thought - and I look forward to the day that vendors write
> secure software which is impregnable to all vulnerabilities past and
> present.  When that happens, I'll cast away my default deny configurations
> and advise other people to do the same.

And there you go putting stricter requirements on printers that you
don't put on laptop, servers.  None of us would put any machines on
the net if they had to meet your printer's requirements.

> Until then, though, I hope you understand why I suggest that default deny
> is no less sensible a precaution than locking the front door in a busy city.
>
> Nick
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka () isc org