|
|
reply to jonasyorg
jonasyorg, when I said that Bonjour does not give out user names, I was referring to the Bonjour protocol (mDNS-SD). No where in the Multicast DNS Service Discovery spec does it say to give out user names. The mDNS spec assigns your machine a dot-local name. That dot-local name does not need to be a user name. It can be anything you want. Just because in Mac OS X it defaults to your first and last name doesn't mean it must stay that way. Each application that uses Bonjour can do whatever it wants. If an individual application such as iChat decides to advertise a Bonjour service using your user name, then it can do that. However, it's also in your power to choose not to use that individual application. And guess what, disabling mDNSResponder doesn't prevent an application from revealing information about you. An application could embed the mDNSResponder code from Darwin directly into the application. Many Java applications that run on Mac OS X use an open source library called JmDNS to advertise services, and this library is embeded in the application and it doesn't use mDNSResponder. An application could also simply bypass mDNS and broadcast your information on its own using a custom protocol. Turning off mDNSResponder does not magically make your computer safe. On a default Tiger machine with no additional applications installed, if you don't want your name advertised by Bonjour, then change your Computer Name to something generic, and don't use Bonjour iChat. There, problem solved, and you can even use Bonjour Browser to prove it to yourself, however, the minute you install an application, there's a potential for it to advertise information about you. I'm not saying having this "disabling Bonjour" information out there isn't valuable. For example, it's valuable for application developers who want to verify that their application still works with mDNSResponder disabled. I was only recommending that most average customers will do more harm than good if they disable Bonjour. Many of these customers only use their Macs from home behind their own NAT, and so mDNS traffic isn't even leaving their private network. You have every right to turn off mDNSResponder. I just thought you were overstating the security issues.
reply to jonasyorg
Many of these customers only use their Macs from home behind their own NAT, and so mDNS traffic isn't even leaving their private network. ... and as mentioned, Bonjour (or, to use its generic name, Zeroconf) is a non-routable service... and so will never leave (or accept requests from beyond) your private network anyway (assuming I'm interpreting the specs correctly) |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.11 seconds |
|