|
|
|
|
|
|
by saywatnow
3069 days ago
|
|
|
> developers often write software that trusts the local network Yes, this is still a source of problems - DNS rebinding allowing websites to attack random sockets on LAN and localhost makes my skin crawl. That the protections are being implemented in the browser makes me sad. > I'd like to see servers that utilize encryption and authentication Me, I'd prefer architectural solutions further down the stack than /every single service/ that happens to benefit from a TCP control socket having to duplicate the work of encryption + authentication, with the attendant myriad opportunities for it to go horribly wrong. I already mentioned IoT and we know exactly what that's like when it comes to protecting itself. Yes, I know, pipe dream .. and going off topic .. but I can wish. |
|
|