Embedding or "hard-coding" IP addresses within a host's configuration
often means that a host-based trust model is being employed, and that
the Internet host with the given address is trusted in some way. Due
to the ephemeral roles of globally-routable IP addresses, the
practice of embedding them within products' firmware or default
configurations presents a security risk in which unknown parties may
be trusted inadvertently.
Internet host designers may be tempted to implement some sort of
remote control mechanism within a product, by which its Internet host
configuration can be changed without reliance on, interaction with,
or even the knowledge of, its operator or user. This raises security
issues of its own. If such a scheme is implemented, its presence
should be fully disclosed to the customer, operator, and user, so
that an informed decision can be made, perhaps in accordance with
local security or privacy policy. Furthermore, the significant
possibility of malicious parties exploiting such a remote control
mechanism may completely negate any potential benefit of the remote
control scheme. Therefore, remote control mechanisms should be
disabled by default, to be subsequently enabled and disabled by the
user.
