>1. NetMeeting application collaboration is dangerous
>
>First, you must realize that NetMeeting supports interactive conferencing.
>That means there are live people at each end of the line. A user has to take
>two very distinct steps (in _every_ conference) to enable remote control of
>an application. They first must share the app, then collaborate. This allows
>others in the conference to take control of the window by double-clicking.
>The owner of the window revoke control by hitting escape.
>
>This is far from the risk associated with, say ActiveX, where an
>unsuspecting victim might have turned controls off and suddenly has a rogue
>program running on their computer. A NetMeeting user has to go out of their
>way in _every conference_ to allow this risk to occur.
The rest of your note points out how you value functionality over security.
That's fine, there's nothing wrong with that, people do it all the time.
Just don't expect most folks on a firewall list to agree with you.
I think you miss some important details:
-T.120 exists (I believe) solely for application sharing. I haven't read the
spec,
I'm basing this on products I've seen.
-Nearly all windows aps have a potential to issue a system command,
download something, or something else dangerous
-NetMeeting's implementation of T.120 is unencrypted
-Unencrypted connection are suject to hijack
So, one could give control of Word to someone they trust completely,
and a hijacker could take over the connection and insert an
arbitrary command sequence before either party could react.
Without some very well designed encryption work, NetMeeting's T.120
implementation can't be secured across the Internet.
That's why *I* won't allow it.
Ryan
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
