Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'reply to snoop' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
reply to snoop
Authored by: displaced on Jul 19, '05 02:36:18AM

Your points are all valid of course.

However, for those who perhaps would like to tighten security (or at least gain a little awareness) whilst keeping the usefulness of Bonjour, here's a little more info (which I believe to be correct... could have got the wrong end of the stick, of course!)


- Bonjour is non-routable.

You are not broadcasting Bonjour info over the Internet, nor will your machine catch Bonjour requests from the Internet. It will only work over the local network. Which, to be honest, should only really have machines on it that you know and trust (in an ideal world!)


- Use application preferences.

I was a little surprised to see iChat using the local account name as an identifier. Not really a problem as far as I'm concerned, but I can see how it could spook others. Just jump into iChat's preferences and turn off Bonjour Chat. If you use Bonjour Browser, you'll see iChat then disappears. Basically, pay attention to what apps have Bonjour support, and turn it off on a per-app basis if you want.

Cheers,
Chris



[ Reply to This | # ]
reply to snoop
Authored by: uchuugaka on Jul 19, '05 03:32:33AM

what's the big deal?
truth is, if you really have so much stuff to hide, don't use any networking at all.
no wireless.
no internet.
also while you're at it, register yourself as dead so nobody can get your information.
face it, if SOCIAL ENGIEERS are scary, then you had better become a hermit, or move to a country where your information doesn't really exist in many forms.
the irony is, Big Brother style ID systems are at once the answer and a problem.
complete anonymity is also useless.
only the most persistent and sophisticated hacker will figure out what to do with anything they find.
if you're poor like me, there's nothing to gain by getting my information.



[ Reply to This | # ]
reply to snoop
Authored by: displaced on Jul 19, '05 05:15:27AM

*grin*

I know what you mean, but at the same time it does give a certain amount of peace of mind to be aware of exactly what info is available from your machine to unknown others.

Which is why this hint's good in that it shows that, on principle, Bonjour (I keep wanting to type Rendezvous!) does allow other unauthenticated machines to view info on your machine.

However, all the documentation I've read shows that Bonjour only works on link-local, NOT over an internet connection (be it dial-up, cable modem ADSL, ethernet or whatever). So really the submitter's concern should only be directed at the security of their local network. If it's a wired LAN then obviously you're pretty worry-free. If it's a wireless LAN, you'll do much better addressing the fundamentals of WLAN security rather than pulling the whole Bonjour capability from your Mac.

Regards,

Chris



[ Reply to This | # ]
reply to snoop
Authored by: displaced on Jul 19, '05 07:10:48AM

Incidentally, if you read my signature on every single on-line post I've made, you'll find my forename. And if I then tell you that my Mac's name is clementine (in homage to the film Eternal Sunshine of the Spotless Mind), then you'll already know what iChat exposes over Rendez... I mean, Bonjour.

Do what you wish with that information :)


Regards,

Chris



[ Reply to This | # ]