[billytetrud]

You mean without? Well you're wrong. It's not a security concern at all. Allowing anyone from the outside to connect to any port they want is a security concern, simply because there's a lot of insecure software people run that doesn't account for malicious connections. However, allowing a user to intentionally let a piece of software listen for outside connections is in no way insecure.

[oefrha]

> However, allowing a user to intentionally let a piece of software listen for outside connections is in no way insecure.

It is. Considering the kernel access often given to multiplayer games for anti cheat, and the abysmal attention to security and ability to write secure code by the average application developer, letting Internet randos send arbitrary instructions directly to your machine may not be the best idea.

[billytetrud]

If the software is executing "arbitrary instructions" from remote sources, then its a malicious piece of software, or so horribly negligent to amount to the same thing. So I don't agree that direct connections are the problem - the badly written software is the problem.

[kortilla]

> However, allowing a user to intentionally let a piece of software listen for outside connections is in no way insecure.

Unless you care about security of course. “A user” in your sentence can quite frequently be vulnerable or malicious software.

[billytetrud]

No, "a user" in my sentence is intended to mean a human. Its very possible to program software to require human approval for connections. Also, if malicious software is already running, then it will be able to make connections to remote servers that it wants, no need for it to passively listen. IPv6 does not make this problem worse.