I see it got unmarked as a security bug. If I may try to re-explain why I think it *is* a bug. Firstly, many VNC users set very weak passwords (e.g. 'password') because they are using it internally behind a firewall, and anyone with physical access to one machine has physical access to the other (or is a trusted family member, etc.).
Secondly, the phrasing "configure network automatically to accept connections" is *so* poor that a user could very easily take it to mean "configure this machine's network interface to accept connections automatically", i.e. a desired behaviour. Taken together, this could easily lead to users exposing a VNS interface with a weak password to the world, making them vulnerable to brute-force IP scanning attacks. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/608701 Title: vino establishes a HTTP connection to check connectivity To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/vino/+bug/608701/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
