On Thursday 24 July 2014 12:05:00 pm Jay Ashworth wrote: > PS: Who the hell runs broadcast automation *not* on a separate protected > network (preferably an air-gapped one)? (Yes, yes, I know: there are lots > of foolish people in the world...)
I do, for one ! OK, not exactly as wide open as you describe, but accessible if one has the proper credentials, which include things like only allowing ssh access from a particular user on a particular host with the proper "machine key" and no human accessible password. Even so, Fred's point remains valid. Even on an air-gapped protected network ( which is still vulnerable to those Chinese USB dongles which infected US government stuff not too long ago ) if one can not trust *all* of the users, then there are valid security reasons for V2.x. Note that my qualifier is a good reason. There can be good reasons. ( we have no disagreement about foolish people. Major broadcast networks seem to have an abundance these days ) -- Cowboy http://cowboy.cwf1.com A fool must now and then be right by chance. _______________________________________________ Rivendell-dev mailing list Rivendell-dev@lists.rivendellaudio.org http://caspian.paravelsystems.com/mailman/listinfo/rivendell-dev
