"Mike Powell" wrote:
> To me, this says
> that someone...


> ...planned for Google Talk to work around blocking, even if
> XMPP on port 5222 was filtered. I call that deliberate subversion (and
> it means that google lied on their google talk faq page about how the
> client works).


> You can't just block
> all communications to talk.google.com, because the addresses that
> talk.google.com points to are the same addresses that www.google.com
> points to. If you block talk.google.com by IP, you will also block
> www.google.com.


A suspicious individual might believe that Google did this all on
purpose. A suspicious person might believe that Google, knowing their
search engine is immensely popular, figured network policy
administrators wouldn't be able to take the heat for blocking Google's
web services entirely, "just" to stop the use of Google Talk.

That would probably be too paranoid and cynical, right? It's probably
just a typical case of sacrificing network security on the alter of
end-user convenience, right?

For some of us, however, Google might prove to be wrong in whatever
their thinking--or lack thereof. Unfortunately, probably not enough of
us to persuade operations like Google, etc. not to pull such stunts.

Note: My mail server employs *very* aggressive anti-spam
filtering. If you reply to this email and your email is
rejected, please accept my apologies and let me know via my
web form at .
firewall-wizards mailing list