[FFmpeg-user] Resolve (was Re: key frame)

Rob Hallam ffmpeg at roberthallam.com
Sun Jun 30 03:58:19 EEST 2024 

On Sat, 29 Jun 2024 at 23:37, Mark Filipak <markfilipak.imdb at gmail.com> wrote:
>
> On 29/06/2024 18.19, Rob Hallam wrote:
> > On Sat, 29 Jun 2024 at 22:35, Mark Filipak <markfilipak.imdb at gmail.com> wrote:
> >>> Only if your router is misconfigured to let all ports through to your
> >>> internal network by default.  If it does, then a relatively uncommon
> >>> piece of MPEG software will be the least of your problems.
> >>
> >> That is not true, and if Oliver used his head, he'd know it's not true.
> >> 1 - Blackmagic is not reprogramming routers to allow ports into LANs. Ports are allowed in by default.
> >
> > Thought experiment for you:
> >
> > Suppose that is true, and I install Resolve on two of my PCs, and one
> > of BMD clients who has had access sold to them -- as you put it --
> > tries to connect to my address over IPv4 to one of those ports. Which
> > PC would answer the connection? Same question, different phrasing: to
> > which device's port would it go?
>
> To the port of the IP that the remote system supplies. If there are two systems, A and B, and the
> remote user addresses A over that port, then A is accessed. If on the other hand, the remote user
> addresses B over that port, then B is accessed. A and B have differing IP addresses. They are on the
> same LAN, but they have 2 differing IPs. For example, a class C LAN can have up to 255 computers on
> the LAN, but each computer has a different IP address.

Therein lies the rub: neither A or B are publicly addressable[1]. So
as Oliver correctly mentioned, it's down to what your router does,
assuming you have one.

That being the case, it was unkind of you to say (' ') he should use his head.

You mention in another message to z! that you would need >1 IP or
NAT/port for mapping and you knew about non-routable addresses, so why
pretend what he was saying was incorrect?

> >> Don't listen to Oliver or Phil or Jim or others. They are far too permissive and ignorant. Use your
> >> own head.
> >
> > Lots of programs listen on inbound ports:
> >
> > $ lsof -i -n | grep vlc
> > vlc       1657953   rob  11u  IPv4 40096648      0t0  TCP *:8080 (LISTEN)
> > vlc       1657953   rob  12u  IPv6 40096649      0t0  TCP *:8080 (LISTEN)
>
> Not on my system.

Your choice. I quite like being able to access systems via ssh,
websites over http[s]...

> > The sky is not falling.
>
> Even a good program, if it opens a port, opens a vulnerability. You are risking the life of your
> computer on the strength of the listener they put on that port. The truth is: There's no good reason
> a computer should ever open inbound ports.

See above.

> > You are free not to use the software and grumble about open ports if
> > you like, no big deal. However, it is poor form to accuse them of
> > enabling viruses ...

> I didn't 'say' that. That's what you think I 'said'.
> >... and worse to accuse them of selling malicious access.
> I didn't 'say' that, either.

Yeah okay, very cute. Don't be churlish- I saw that you technically
stopped short of saying (' ') that would make your phrasing actionably
defamatory; but your implication was clear. It was a dog whistle.

As a general heads-up: you have had a number of detractors on this
mailing list for quite a while, which I think has been a bit unfair
and could have been quite demoralising (I'd say 'must' but I don't
want to assume anything about the thickness of your skin); though
you've also had people who listen to you and want to help you get to
the bottom of the longstanding cutting/joining issue. But it seems to
me that you're going in the direction of, "screw 'em all, good or bad,
helpful or otherwise- I'll argue with each and every one of them!".
You didn't say or 'say' this, but it's the impression I'm getting, at
least. Maybe you don't care anymore, but maybe you don't realise this
is how you are coming across now, intentions notwithstanding.

That was intended as a friendly heads-up but I appreciate it may not
seem like that. How you use that information and respond is, like the
way you administer your computer and the software you use, your call.

Cheers,
Rob

[1] unless your ISP has their act together and has IPv6 set up and
configured and is handing out allocations which your machines actually
use... which is why I kept things to v4

More information about the ffmpeg-user mailing list