[Development] Contributing to the Qt Project behind a hefty firewall and proxy server

[Sven Anderson]

On 13.07.2012 17:10, Laszlo Papp wrote:
>> He also says that you should at the same time have a discussion with
>> Corporate Security to make them understand that the current situation is
>> hurting the organization, and try to get it changed so you _don't_ have
>> to circumvent Corporate Security. (Normally it's grounds for getting the
>> "pink slip" immediately.)
>
> Why open the port up globally with its own drawbacks just because of
> one project? If this can get fixed, and the "circumventing"
> (communicating with patches good for a company over 443) is accepted
> in a network (let it corporate or personal), I do not see the problem
> and the reason to change the existing practicies.

Closing down ports for security reasons can only be a short term 
emergency measure. Doing it in general does not increase security in the 
medium term, since the Bad Guys are now using 443 anyway (like everybody 
else). This whole blocking of ports caused a "port-80-fication" of net 
services which almost killed for what ports where invented in the first 
place: service discrimination. Now we have to use whole IPs for that 
discrimination (like the workaround proposed in this case) or put 
another addressing-layer into the HTTP content. Complete waste of time 
and energy in my opinion, because in the end security has not been 
increased.

So, although I fully understand the need for a workaround to keep work 
going, I fully support Thiagos recommendation to put pressure on the IT 
departments and managers in parallel.

Sven