Discords Security sucks
Hi there,
I guess normal users will need some time to understand the point of this post so I try to explain it as "normie" friendly as possible. Normally you have a firewall running on your system, you can imagine your firewall as a big big wall keeping enemies outside and letting friends inside so you can play with them <3
However, Discord wraps a big big hole into your firewall. Discord uses 15 000 ports but not entirely and at the same time because then discord would use way to much traffic at once but discord uses it randomly may in order to archive a better usage of infrastructure or something like that. So now imagine someone takes some explosives and destructs your wall partly and enemies can come trough. I know that there is no bad intention from discords side by doing so, that being said but if you have to deal with company data and stuff you don't want your boss to ask you why the heck your dealing with company data in an environment that has randomly 15000 ports open? So you may ask yourself why is this user bringing up this point at this time suggesting to change a part of discords core infrastructure? Well, there is something new in this world ( To be honest since 1998 but now it is getting used in Europe everywhere ) it is called IPv6 and IPv6 prefix delegation, both could be used to wrap stuff up, "to do some cable management " and lower the size of open ports. Would be better for security in general and may also speeding up the service because you could directly assign ip's to sessions and don't go trough a load ballancer with every request.
-
+1
I'd really like to use Discord's voice chat and video features, But there is no way I'm opening 15000 ports.In comparison, Skype uses 3 UDP ports.
1 -
Better compatibility with the browser version (no download/in-browser) for all browsers currently in use would be the more likely approach to eliminating issues / increasing features on any platform while minimizing coding needed. Right now, on the Xbox (Xbox Edge Browser), the in-browser client fails to load the website properly. This causes the website to just spin the loading icon forever... Wished this would get fixed. UWP would the BEST way to include it on Xbox - While we are talking about compatibility and inclusion to Discord across platforms.
-1 -
Hey Endorakai this thread is about discords security,
I know you want to help / improve my suggestion but open ports being a potential security threat has nothing to do with Microsoft developing shitty products. This is about network security and UWP would be the worst possible way to go since discord desktop clients are based on electronjs ( https://www.electronjs.org/ ) so it would be the highest amount of work combined with the smallest possible benefit followed by throwing thousands of dollars out of the window to hire a entire team of UWP folks, not to mention, devops, devsecops and management. Just learn how to use linux, macos, freebsd or some more stable OS. For beginners I recommend Ubuntu.0 -
LiamSmith69 Discord ALREADY has a browser-based answer... so you don't need to do all that extra crap if Micro(soft)wallet would just fix how Xbox one edge handles the website. A UWP app could be made by anyone with enought time to spend on it. Claiming it would take x amount of people and x amount of $$$ is ludicrous when so many people are coming out of the woodwork with Xbox apps. My suggestion is to Either (a) Microsoft fix edge bug, or (b) someone, ANYONE, create a UWP of the browser-based ALREADY existing website inside a frame... The container is pretty much all anyone would need to make. Sadly I do not have a dev license to make apps and I do not have expertise in making the correct frame needed - or I would like to have done it my damn self.
0 -
Stop being a douchebag and stop crossposting/spamming all day long. I tried to tell you in a polite manner that this post is about NETWORK SECURITY and NOT about MICROSOFT DOING BAD at the moment so back off now.
0 -
After all, is there a prospect of improvement in the sense of not using so many doors? In my company, I can't approve the opening of so many doors ... it's crazy.
0 -
Yes, Discord should enable IPv6. They use Cloudflare, which has excellent IPv6 support. Not sure why Discord is dragging its feet.
1 -
People are able to steal ur token in discord through literally a voice call so its ridiculous its terrible this is my alt account my main got hacked as my token was stolen
0 -
People are able to steal ur token in discord through literally a voice call so its ridiculous its terrible this is my alt account my main got hacked as my token was stolen
0
Por favor, entrar para comentar.
Comentários
9 comentários