Comments by "Chaos Corner" (@chaos.corner) on "The "9.9" Linux Vulnerability Revealed: It's The Printers" video.

  1. Blocking the port is only a band-aid what with all the IOT devices these days (unless you're handling them in a sophisticated manner)
    8
  2.  @squidware  Not sure what they're using it for but udp is handy for a fair bit of lightweight stuff that doesn't require a reliable connection like 'I'm alive' notifications.
    5
  3. It's a 9.9 if you're running CUPS but I'm not sure that rates a 9.9 overall. I'd think that would be for kernel-level, always vulnerable stuff. Maybe a one-dimensional numeric rating is not an ideal methodology. I was getting ready to just close down all incoming connections just before this was announced (isn't it like 4 days early?), CUPS off by default on Slackware FWIW.
    4
  4.  @Zamsky39  Anyone exposing private services to the public internet should be standing in the parking lot waiting for their box of personal belongings.
    2
  5.  @treelineresearch3387  I think calling it a Linux vulnerability was a bit disingenuous too (though granted it did mention it affected other systems too).
    1
  6.  @edwardcullen1739  Deal. CVSS is flawed.
    1
  7.  @edwardcullen1739  The deal with calling it a 9.9 (out of 10. I assume it doesn't go to 11) is that that doesn't allow much escalation for anything that would be much more dangerous. Additionally, I note that you're already talking about desktops and laptops which is fine if you're discussing security issues for desktops and laptops. But Linux is much bigger and there are many devices for which a CUPS vulnerability is not even relevant like Android devices, my old Tivo and my document scanner. So again, yes, CVSS is flawed (or at least, something is).
    1
  8.  @projectsspecial9224  Certainly, if a distro install printing by default, it should be bound to localhost and not be available to all-and-sundry by default. When I think of all the times I ragged on Microsoft for prioritizing convenience over security...
    1