gilpel@xxxxxxxxxx wrote: > Most people trust their ISP, and rightly so, I suppose. But what if an ISP > was a vilain? :) What kind of access would it have to its users' > computers? Isn't it the same as a client connected to a server? The server > being root, it has full access to the client. > > Of course, the ISP doesn't have the password of the client's computer, but > it transmits data back and forth to its users' computers all day long. > > If suppose this is a rather basic networking question, but given my > knowledge on the matter, I have a hard time figuring this out. > You are only a client to the ISP in a business sense, the same as with a lawyer, doctor, plumber or other professional. You do not operate in a client/server model, unless you use AOhelL and their modified browser. If you have adequate security, your ISP should have no better access to your system/data than any other nefarious twerp on de intertubes. Actually even if you don't have security, your ISP has no better (or worse) access than the twerp. Number one rule: Don't trust anyone, not even if you know he is your best buddy next door. Even if you are on the phone with him at the same time, it could be an alien who just ate him and is impersonating his voice ;p . Hell I don't even trust myself on the net. Basic practices: If you run Windoze, use antimalware (firewall, antivirus, antispyware, antirootkit, antiyomama, the whole kitchen sink). Even on a Linux, Mac, other box, use a firewall. iptables is good, there are some good configs and tutorials at iptablesrocks.org Encrypt everything you can. Set up a public key using OpenPGP and get the people you correspond with to install your public key so they can read your emails, and to use your public key to encrypt emails to you. Obviously this won't work with lists like this one. Never run as root except when you need to in order to install something or perform other administrative tasks. There are other measures you can take, just look around the web and haunt security sites/lists. Cheers, -- Paul -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
