[OS X TeX] [OT] All about P2P
Thomas Bohn
thomas at bohnomat.de
Thu Sep 4 16:59:12 CEST 2008
On 4 Sep 2008, at 16:41, Adam R. Maxwell wrote:
> Be that as it may, you are explicitly allowing traffic through your
> firewall in order for other persons to access some portion of your
> computer, right?
At one port. At one well defined file or directory. Defined not by the
software but by the BiTorrent file, misconfiguration is not really
possible. The file includes the hashes for the files in question and
only those can be downloaded or uploaded.
> I'd guess that most Mac users are running under an admin account all
> the time; I certainly run as admin at home. Many of us are probably
> conditioned to enter our password every time it's requested, also...
I don't. I don't even have my personal account in the sudoers file.
> My point is this: if it is possible to misconfigure the software /
> or/ it contains an exploitable bug, your risk increases.
This is true for every single software package on your Mac, including
MacTeX.
> Google [1] indicates that such vulnerabilities have been found in
> bittorrent software [2]. The user (or owner of the computer/data)
> needs to decide if that risk is acceptable.
In one client, well two. Software can have vulnerabilities, P2P
software is no exception. Important is the protocol, does the protocol
have vulnerabilities or not.
> Yes, it has some benefits, and can be a useful tool. If it's worth
> the risk to you, by all means use it; it may not be acceptable for
> everyone on this list, though.
I really don't think the risks are any higher than using an FTP client.
Thomas
More information about the macostex-archives
mailing list