* Mark Newton (newton@internode.com.au) wrote:
On 15/12/2009, at 11:19 PM, Joakim Aronius wrote:
So what you are saying is that ease of use and service availability is priority one. Then what exactly are the responsibilities of the ISP and CPE manufacturer when it comes to security? CPEs with WiFi usually comes with the advice to change password etc. Is it ok to build an infrastructure relying on UPnP, write a disclaimer, and let the end user handle eventual problems? (I assume it is...)
Hasn't essentially every ISP on the planet been doing that for years, only without the disclaimer?
It's not like we're talking about creating UPnP from whole cloth. We're discussing a replacement of like-for-like, updating existing capabilities to support IPv6.
As was mentioned earlier the end-user is mostly clueless and 'just want things to work'(tm). They do not know/care enough to make wise decissions when it comes to security and they cant identify the absence of security features. Personally I only have rudimentary knowledge of UPnP and UPnP forum but there are real security issues with the protocol and no(?) effort to fix them, current security specs are from 2003. (and varying degree of implementation in products of the security features that actually are in the standard) In the last years the security problems in e.g. Microsoft products have gotten a lot of press and even Joe Sixpack has a hunch that he ought to get an anti-virus program. With the increasingly complex home network environment we will likely see more advanced attacks including UPnP. Then we have a situation with embedded devices with more and more functionality which are hard to patch, that run insecure protocols and it will end up in a real mess. I basically agree with you, adding IPv6 would be a like-for-like replacement. But one difference is that there is an increased attack vector with a higher degree of connectivity (no NAT) and more complex and less mature IP implementations in devices. UPnP might still be the the way to go as it is already there, 'it works' etc. But not working actively with the security issues in the standards is plain stupid. The standard and the functionality of the CPE is the responsibility of the CPE manufacturer. An I guess that the responsibility of the ISP is to provision its customers with as good and secure CPEs that the market provide (and if the s*** hits the fan, point at the CPE manufacturer). Regards, /Joakim