Quote:
Originally Posted by davidfor
What ports are actually open? Or have something listening on them. If you enable developers mode, it will enable telnet. I'm not sure if it enables anything else. I haven't checked. But, if anything can get to a spot that can attack my ereaders, I think they will be at the bottom of their list of things to do.
|
No idea; I've never run a port scan and keep forgetting to. I used to have dev mode on to get invert screen mode working before NickelMenu existed, but I always felt uncomfortable having Telnet on by default too, especially since it allowed for root access. Not a big deal now, but it's a personal preference because even if I'm only on networks that I control, I can't guarantee that every device on there hasn't been compromised.
This is just my opinion, but I feel that the whole "what's the worse that can happen?" and "why would anyone want to attack my device?" and such is such a 1990's mindset to IT security and a big contributing factor as to why IoT security in general is such garbage right now. A firewall that drops or rejects all unexpected inbound traffic by default is one of those simple things that can be easily implemented, and if netfilter support is already baked into the kernel for free, why not use it? If they were really concerned about disk space, they should have stripped it out of the kernel config.
Anyway, not looking to get into a debate. That's just how I feel and I do have the expertise to implement this, so I think I will. If it eats up too much RAM though, I might reconsider, but there's only one way to find out.