On 09/11/2016 08:36 AM, Per Jessen wrote:
Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
El 2016-09-11 a las 16:45 +0200, Per Jessen escribió:
Carlos E. R. wrote:
Which presumably means an authorized, but incompetent Windows user? Yep. As james says, decent corporate sites have an admin that does not allow normal staff to access. But many small sites do not have a Windows server or a full admin to do it. Then they're asking for it. No RFC or mitigating features can prevent an incompetent idiot from shooting himself in the foot. It is unfortunate, but any tool can become a hazard if operated by an incompetent or unskilled individual. But they don't shoot their own foot, but the foot of others. in this case, Linux users in the same network. In a business setting, whoever it was that allowed common users admin access to Windows is an incompetent idiot.
Well, this was in a research environment where a scientist's desktop was in reality a laboratory instrument. User admin access was required in many cases. This organization has also been on the forefront of IPv6 deployment, I believe it's been dual-stacked for more than ten years. They were operating v6 before dhcpv6 was available. But the fact remains you can't excuse IPv6's default router insecurity by criticizing user's methods and processes. Rogue router advertisements are an issue, and that is a fact. IPv6's complexity is another issue. Security is inversely proportional to complexity, right? I guess my question has been indirectly answered. Regards, Lew -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org