Marcus Hutchins :verified: on Nostr: A hill I’ll die on every time: NAT is a security feature. It wasn’t intended as ...
A hill I’ll die on every time: NAT is a security feature. It wasn’t intended as one, it shouldn’t be used as one, but it IS one. If I go into my router and disable the firewall, then do the same on every device I own, not a single extra device on my network becomes publicly exposed. That is security. It makes it hard for users with poor cybersecurity awareness to accidentally expose devices to the entire internet. If we disabled uPNP by default, we’d see a huge drop in automated exploitation.
Published at
2024-12-07 01:04:21Event JSON
{
"id": "3bbee6a331aa7548644556bb35b588082fde87aaa42c6f798a3d44cd563fc959",
"pubkey": "5d0910049da6eacaad9e891d5afb88fa613f4ab514d8a6c4fb51a03edeb60ede",
"created_at": 1733533461,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/users/malwaretech/statuses/113608848911820923",
"activitypub"
]
],
"content": "A hill I’ll die on every time: NAT is a security feature. It wasn’t intended as one, it shouldn’t be used as one, but it IS one. If I go into my router and disable the firewall, then do the same on every device I own, not a single extra device on my network becomes publicly exposed. That is security. It makes it hard for users with poor cybersecurity awareness to accidentally expose devices to the entire internet. If we disabled uPNP by default, we’d see a huge drop in automated exploitation.",
"sig": "43906fa03471f3e76fcb9f0a2a71c43512a31892ff27fb3c0543ef807a10540c0a48910b1b9460375127b997ba341b8d6872b83f0d745ea592533401693e54ca"
}
