Aldershot spin-off for "Translating RO" topic in General

Plus I’ve put it behind a default deny pf firewall and that’s the stuff I’m willing to tell you! It is overkill.

Okay, okay, you can take off the aluminium foil hat now. ;-)

My Pi is behind the firewall built into the ADSL router. It exposes port 80 to the world (weather server). There are other services available, but not available to the world, only to people on the LAN. It isn’t overkill, it’s sensible.

Additionally, one needs to press the WiFi button on the router to pair a device. It’s probably a simple MAC test, but it makes it a little harder, as if WPA2/AES with a string of hex digits wasn’t hard enough. WPS is disabled (with prejudice), and UPnP is also disabled. Only specific authorised ports to specific devices, nothing else. Again, not overkill, just sensible.

Here’s a test for anybody bored. Write a simple telnet server that looks like Unix, gets a name and password, then drops the connection. Log the name/password combinations. Expose it to the world. Sit back and see how frequently it gets hit. All of them bots, all of them malicious. That’s reality, folks. Don’t expose any more than you specifically intend. Sensible, default deny.

RIPA was passed in 2000, so it’s one of Tony’s actually. Jack Straw was Home Sec at the time.

That is true, but let me ask you – who amended it to require a person to self-incriminate (the infamous section 49)? Who then revised it to be a new piece of legislation, but in such a way that the unofficial title of “snooper’s charter” doesn’t quite do justice to how bad it is (and this is the same woman claiming to protect people’s personal data in the Queen’s speech!)?

We know Tony Blair was paranoid (probably the voices of his conscience), May just took it up to eleven, and now she’s running the country.
She destroyed privacy, she destroyed the police, she destroyed her own party, and she’s heading towards destroying the country.

It isn’t overkill, it’s sensible.

I personally agree it is sensible, as a network admin. Everything is default deny. All inbound ports are blocked, no exceptions, and outbound ports are also blocked by default. I have to specifically open a port for things to work. For example, TCP 80 & 443 for basic web services (UDP 53 is open outbound on WAN side to the router only, but network doesn’t have access thereby forcing use of the local DNS server on LAN or no DNS services.) This is just the start.

The network is tailor made for me and my wife, and guests often find some of their games or phone apps don’t work when connecting to my wifi. This is because I haven’t whitelisted the required services and I have no intention of doing it for guests.

I have also refused to buy software of games if I think the required ports are unreasonably broad, like Blizzard’s Overwatch game.

She

Each morning, evening, I look at/listen to/ the news to see if she’s resigned!

No luck so far!

I blame David Cameron (have I said that before?), whoever he was!