Usability-oriented zero configuration (ZeroConf) designs, with automatic service discovery "plug-and-play" techniques, give rise to security risks. A study focusing on Apple-a major proponent of ZeroConf-brings to light a disturbing lack of security: major ZeroConf components are mostly unprotected, and popular apps and system services are vulnerable to man-in-the-middle attacks.

• 出版日期2017-4
• 单位清华大学; 北京大学