MobileRead Forums - View Single Post

wguru · 04-14-2010, 05:27 PM

In that I've decided that SE's the greatest thing since sliced bread (in it's performance), unless I'm ill-informed, I find it suprizing that nowhere am I finding objections to the apparent security risk that it's default setup seems to present.

Only in SE's help feature (help on everything), all I can glean from it about ETP/FTP/HTTP server security, is that apparently SE has some functions that enable it to run on the internet.

Perhaps those functions are clear enough for advanced users, but they aren't all that clear for novices, and again, so potentially unclear is SE's help feature.

All I can grasp (for now) is that the only thing 'clear' in the help feature, with respect to 'server security' and/or uses of SE (with our browser running), is that 'help' states...

"All files that are visible with Everything can be accessed via FTP Browser with read and list access." (also mentions accessed with Windows share names). "Starting an ETP/FTP/HTTP server could result in undesired access to folders and files."

As for what accessing a server means in that context, it's not elaborated on in simple terms. As for elsewhere in SE's help feature, references to SE's default setup and the user's reconfiguring the setup (with respect to volumes), is again not clearly explained in simple terms.

As such, I feel that the common SE user is unknowingly exposed to security risks, for what I understand amounts to anyone with internet access and a little savoy, can basically access all folder and file names, maybe even their locations and many more details about 'our' operating systems (and do so without our permission and/or knowledge).

Again from what little I understand about computing, even though I consider myself an 'advanced novice', the glaring truth is that not only does Miscrosoft neglect the users by affording only the most rudimentary of help features, but software producers are doing it too.

I see that sort of UI as inherently supporting the unknowing use of these 'infernal' machines and moreover, also doing nearly nothing about rampant security issues that ultimately stem from software and platform designers.

I for one, at least for this wonderful search utility, would sure appreciate a reasonably detailed explanation of how to setup SE so at least I don't have to worry about using the internet while SE is installed.

And while I love how fast SE searches (something like 20 times faster than Windows default search utility), I wouldn't mind that search time being degraded even by 100%, so long as I was confident that my folder and files were not rather easily accessed (read and listed) by anyone capable of and wanting to do so.

So I'm left wondering when and where (if this's even possible) that someone will post SE's settings that disclose how to set it up so that anyone cannot at their will, read and list what amounts to my directory (including how to avoid indexing drives I don't want or need to be indexed).

04-14-2010, 05:27 PM	#4
wguru Junior Member Posts: 1 Karma: 10 Join Date: Apr 2010 Device: none	but what about the underlying security risks? In that I've decided that SE's the greatest thing since sliced bread (in it's performance), unless I'm ill-informed, I find it suprizing that nowhere am I finding objections to the apparent security risk that it's default setup seems to present. Only in SE's help feature (help on everything), all I can glean from it about ETP/FTP/HTTP server security, is that apparently SE has some functions that enable it to run on the internet. Perhaps those functions are clear enough for advanced users, but they aren't all that clear for novices, and again, so potentially unclear is SE's help feature. All I can grasp (for now) is that the only thing 'clear' in the help feature, with respect to 'server security' and/or uses of SE (with our browser running), is that 'help' states... "All files that are visible with Everything can be accessed via FTP Browser with read and list access." (also mentions accessed with Windows share names). "Starting an ETP/FTP/HTTP server could result in undesired access to folders and files." As for what accessing a server means in that context, it's not elaborated on in simple terms. As for elsewhere in SE's help feature, references to SE's default setup and the user's reconfiguring the setup (with respect to volumes), is again not clearly explained in simple terms. As such, I feel that the common SE user is unknowingly exposed to security risks, for what I understand amounts to anyone with internet access and a little savoy, can basically access all folder and file names, maybe even their locations and many more details about 'our' operating systems (and do so without our permission and/or knowledge). Again from what little I understand about computing, even though I consider myself an 'advanced novice', the glaring truth is that not only does Miscrosoft neglect the users by affording only the most rudimentary of help features, but software producers are doing it too. I see that sort of UI as inherently supporting the unknowing use of these 'infernal' machines and moreover, also doing nearly nothing about rampant security issues that ultimately stem from software and platform designers. I for one, at least for this wonderful search utility, would sure appreciate a reasonably detailed explanation of how to setup SE so at least I don't have to worry about using the internet while SE is installed. And while I love how fast SE searches (something like 20 times faster than Windows default search utility), I wouldn't mind that search time being degraded even by 100%, so long as I was confident that my folder and files were not rather easily accessed (read and listed) by anyone capable of and wanting to do so. So I'm left wondering when and where (if this's even possible) that someone will post SE's settings that disclose how to set it up so that anyone cannot at their will, read and list what amounts to my directory (including how to avoid indexing drives I don't want or need to be indexed). Last edited by wguru; 04-14-2010 at 05:30 PM.