On Sunday 24 Jan 2016 11:40:04 Rich Freeman wrote: > On Sun, Jan 24, 2016 at 10:56 AM, Grant <emailgr...@gmail.com> wrote: > > So the user is safe if I send all internet requests from her remote > > laptop through the Zerotier connection (instead of only sending > > requests to my server through Zerotier)? > > It depends on what you mean by "safe." If you mean that there is no > possibility of malware stealing or messing with your data this is the > case if: > > As long as: > 1. You ensure that no malware enters through zerotier. > 2. No malware is present before you set up zerotier. > 3. No network connections are ever used other than zerotier. > > If you mean safe to mean that nothing bad happens to the user's system > that wouldn't have happened if they use their own internet connect, > there is no real harm in using yours, assuming you don't leak your own > malware onto their system.
As Rich alludes to if through Zerotier the user can only connect to your webserver and no connections of the user are forwarded (through your Zerotier- LAN, or your webserver) to the Internet, the XSS kind of threats will be contained. However, as I understand it the Zerotier provides a split tunnel arrangement. The user will be able to use their browser to connect through Zerotier to your LAN, while through another window on the same browser they will be able to connect to the Internet using their own network. -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.
