06-24-2019, 12:59 AM
When a host is directly connected to the Internet its like below. The host obviously has to be secure.
HOST <--> Public Internet
Prolly 99.9% of moOde hosts are not directly connected to the Internet. They are behind a home Router which provides an air gap between the Internet and the hosts behind it, like below.
HOST <--> Router | air gap | <--> Public Internet
The "air gap" performs what is called Network Address Translation (NAT) which maps the Routers public Internet address to the private addresses of the HOSTS behind it. These private addresses are non-routable and so even if it were known that a HOST behind a Router was assigned address 192.168.1.35 no one on the Public Internet could directly address it cos its a non-routable address.
Modern Routers also have Firewalls and other security measures in the "air gap" that protect the Router itself and provide other protections for the HOSTS behind it.
Given that stock moOde only accesses well known Internet radio stations, moodeaudio.org for updates, Internet time servers and other well known resources, it would be highly unlikely that any malicious code would be injected from these sites.
-Tim
HOST <--> Public Internet
Prolly 99.9% of moOde hosts are not directly connected to the Internet. They are behind a home Router which provides an air gap between the Internet and the hosts behind it, like below.
HOST <--> Router | air gap | <--> Public Internet
The "air gap" performs what is called Network Address Translation (NAT) which maps the Routers public Internet address to the private addresses of the HOSTS behind it. These private addresses are non-routable and so even if it were known that a HOST behind a Router was assigned address 192.168.1.35 no one on the Public Internet could directly address it cos its a non-routable address.
Modern Routers also have Firewalls and other security measures in the "air gap" that protect the Router itself and provide other protections for the HOSTS behind it.
Given that stock moOde only accesses well known Internet radio stations, moodeaudio.org for updates, Internet time servers and other well known resources, it would be highly unlikely that any malicious code would be injected from these sites.
-Tim
