Hi Radai, This is a good point. At Confluent, we discussed this briefly a while back, but we never got around to working out a concrete proposal. It would be great if someone were interested in working out the details in a KIP.
Ismael On Mon, Jan 9, 2017 at 6:13 PM, radai <radai.rosenbl...@gmail.com> wrote: > in light of things like this - > https://www.bleepingcomputer.com/news/security/mongodb- > apocalypse-is-here-as-ransom-attacks-hit-10-000-servers/ > > and given that plenty of people/orgs have public facing kafka installations > that are wide open - https://www.shodan.io/search?query=kafka (yes, i > realize those arent brokers, but you could scan for those too). > > has anyone given any though to making brokers more secure by default? > > maybe something like making the default password be some function of the ZK > url? (which should be common to all brokers) or something .... >
