/security/2004-01-04.txt

SECURITY WARNING
================

HilbiX is not designed as an intrusion package.  However if you manage
to run HilbiX on any networked computer you can fully remote control
this computer from anywhere in the world.  In future this will become
possible even if there is a high level application firewall present.

HilbiX will be designed to tunnel through HTTP/s proxies.  It is easy
to extend HilbiX a way that it can open an DNS tunnel.  So if your
network allows any contact of machines to the Internet, your LAN is
open as hell if someone starts a properly configured HilbiX on a LAN
computer.

This is not the fault of HilbiX.  This is the fault of bad network
design.  Intranets must not have any gateway which can be used to
transparently access any service in the Internet.  This is especially
true for DNS.  If HilbiX is a security threat for you, your network
setup is broken and must be fixed.  Period.

However:

In the default HilbiX installation (see roadmap "security signing") I
will try to reach the highest degree of security ever possible.  I
want that HilbiX starts to use digital certificates right after boot
to make sure that nobody ever can tamper with data which is loaded
over the network.  So no type of threat, breakin in distribution
servers, man in the middle attacks nor network sniffing shall ever
threaten a secure setup.

But currently this type of security is not present.

CURRENTLY HILBIX CONTAINS NO SECURITY.  SO DON'T TRUST HILBIX TODAY.
Use it in your secure LAN, compile everything yourself and never let
it load extensions via Internet for now.

You should best treat my distribution as contaminated with trojans,
virii and backdoors, as there is currently no infrastructure to
protect *you* if a cracker tampers with one of my systems.