[Feature Request] Disable Showing IP and Locale by Default about fastfetch HOT 21 CLOSED

This is my localip: 192.168.1.5/24

Please attack me if you can.

from fastfetch.

Anyway, you generate the config file with --gen-config, and remove "localip" in the config file.

from fastfetch.

You can't persuade me. That's all.

from fastfetch.

This is my localip: 192.168.1.5/24

Please attack me if you can.

I get your point, but if a hacker or group of hackers ever try to target you, it's best for them to not have your local IP. It'd be nice to have this info hidden. I think many people would feel more comfortable switching to fastfetch if it was hidden by default as well.

from fastfetch.

If you don't like it, you disable it in the config file.

from fastfetch.

If you want to argue the LOCAL IP can affect security, please prove it.

from fastfetch.

If you don't like it, you disable it in the config file.

I'm still pretty new to Linux, I don't know where that is or how to edit that. Could you please tell me? Many other users are in the same boat as me on that, since the Linux OS's percent share is rising and there are more beginners. It would be better to have the option disabled by default.

If you want to argue the LOCAL IP can affect security, please prove it.

To my understanding, it would give them immediate knowledge of which device on your network is your computer, instead of them having to figure that out. Plus, again, it just makes people feel better to not have any kind of IP showing by default. Perhaps it doesn't matter to some, but it matters to many other users who would rather not risk it. I think it'd be a better default behavior to hide the information, with an easier shorthand to display it like -ip

from fastfetch.

To my understanding, it would give them immediate knowledge of which device on your network is your computer, instead of them having to figure that out.

Seems you have zero knowledge about what a LOCAL IP is. 192.168.1.5 gives others absolutely zero knowledge about your computer.

A local IP make sense only if someone's device and yours are in the same LAN. That is to say, if you are in your home, an attacker MUST connect to your wi-fi to find your device by local IP. And even if the attacker somehow find your home, got your wi-fi password, connected to your wi-fi, got your local IP, he still need to find a vulnerable port to attack you.

from fastfetch.

I promise, the Local IP module gives absolutely less knowledge than the Host module.

from fastfetch.

I understand your points, but at the end of the day it'd still be better to hide this information by default. You acknowledged through your previous comment that if a hacker breached your local network through a vulnerable port, they could use the information against you. It would be better to hide sensitive system information by default (especially any related to user location, like locale) and only display hardware/distro info. The golden rule in situations like this is to have the feature be opt-in, not opt-out.

from fastfetch.

Anyway, you generate the config file with --gen-config, and remove "localip" in the config file.

Thank you, this would be helpful info to have in a more accessible place for beginners.

from fastfetch.

So is the kernel version sensitive? If you use an old kernel that is known to be vulnerable, and show it to attackers, isn't it much more dangerous?

from fastfetch.

So is the kernel version sensetive? If you use a old kernel that is known to be vulnerable, and show it to attackers, isn't it much more dangerous?

Not really, because if they have no idea what machine it's on, then they can't do anything. Similar to your argument about local IP. But I'd argue the IP is more sensitive because that's what would allow them to potentially access the kernel in the first place.

from fastfetch.

But I'd argue the IP is more sensitive because that's what would allow them to potentially access the kernel in the first place.

False. If I want to attack you, I would better send you a malware somehow (by sending malicious twitter messages or something, since you show your twitter account in the profile), rather than get your country / city / home and try to hack your wi-fi.

from fastfetch.

But I'd argue the IP is more sensitive because that's what would allow them to potentially access the kernel in the first place.

False. If I want to attack you, I would better send you a malware somehow (by sending malicious twitter messages or something, since you show your twitter account in the profile), rather than get your country / city / home and try to hack your wi-fi.

That doesn't make it false, that just means it's a more difficult method of attack.

from fastfetch.

Curious about @LinusDierheimer's thoughts on this

from fastfetch.

#611 (comment)

from fastfetch.

Curious about @LinusDierheimer's thoughts on this

I am with @CarterLi on this.

from fastfetch.

Thanks @LinusDierheimer . I am glad you are back.

from fastfetch.

I don't have the time to work on fastfetch atm, but i am always there when someone mentions me. I am glad that you continue this project so great.

from fastfetch.

Just leave it to me.

from fastfetch.