This is what Bonjour (nee Rendezvous aka Zeroconf) does in life, and Windows machines do the same thing. Hostnames are not private otherwise why would you need a name in the first place?
This brings up an interesting question; since by default on iOS the hostname is based on the user's name, what will happen when two people with the same hostname (e.g., john-smith-iphone.local) both connect to a public WiFi network? Is there automatic conflict resolution?
From what I can see on my Macbook Pro, yes, there is. One of the hostnames (the one that connected after the original) is automatically changed (in my experience it either appends a number to your current hostname or it completely changes your hostname, to something based on the network).
PS: I'm guessing here that the iOS behaviour when it comes to hostnames is similar to Lion's.
To confirm it kicked in, open Applications -> Utilities -> Terminal and type 'hostname'. This is what anyone else on the same network sees you as. You'll also see your machine on other Macs in Finder under the 'Devices' sidebar.
(the whole story surrounding hostnames is moderately more complicated than this, but the Sharing panel on System Preferences is what informs the Bonjour local network name and that's good enough for 95% of user-facing things)
Edit: I misread, thought you were talking about OSX.
On a tangential note, apps like HandsOff and LittleSnitch aren't effective at sandboxing malicious software. (This should be obvious, but it apparently requires saying.)
The easiest way to bypass HandsOff/LittleSnitch is by temporarily replacing a trusted executable with another binary - there is no mechanism in place to verify that the binary itself hasn't changed since it was granted permissions.
That's why I prefer Hands Off! I agree that neither is fool proof but HO allows me to control disk access as well as network access.
If I've just downloaded a new app, I'll have it ask for permissions for every disk access it needs. After a few runs I'll start giving it permanent access to the dirs I'm OK with it using. No app gets to write to /Applications.
It's a little painful to deal with the pop-ups but I like to know what my apps are up to :-)
That's incorrect. Maybe you don't notice it if you're running as an admin, but the /Applications directory is admin-owned; since I'm running as a regular user, I need admin credentials to move items to that directory. I also get asked for admin credentials to perform any file operation in the /Applications directory, including those affecting apps I put there under my non-admin account (with admin credentials). You can make a ~/Applications directory for user-owned apps, and you won't need admin privileges to change that, but it would be less secure.
As non-admin, you have authenticate to create or delete items in /Applications/. However, all items you move to /Applications/ remain under the ownership of your user.
You can confirm this without even opening the terminal: move the directory Foo/ to /Applications/Foo and notice that /Applications/Foo/bar is user-writable.
(Furthermore, admin on OS X (and many modern Linuxes) isn't equivalent to the traditional root account. Using a non-admin account doesn't make the difference you think it does.)
OK, it seems to ask me to authenticate to move a folder to certain directories in /Applications, apparently those created by installers running with admin privileges, but I am able to move a folder to a folder that I've moved to the /Applications directory under my regular user account with authentication without needing to re-authenticate. But since the majority of my apps are not in their own directories, I am still asked for admin privileges to modify them. I am aware that the admin account is not in the root wheel, but the /Applications directory is owned solely by the 'admin' account; just not necessarily all sub-directories apparently.
It does work for Firefox, which I don't use on my Mac, but not for Safari, which I do. It seems first party apps and ones installed with a proper installer are not susceptible to this vulnerability, so you would have to rely on the presence of third party apps that don't get installed with installers. I would guess Mac App Store apps are also protected, but I am unable to test that. You are right that there is a vulnerability, though it's extent is questionable.
It's a great feature, isn't it? Apple's products automatically connect your devices to each other, and once they have authenticated, are allowed to easily sync and transfer files.
I think that people who give flirting advice should be forced to include a disclaimer like lawyers or stock tippers.
For example:
I am not a playboy. I do not offer personalized dating advice, or comment on the suitability of any individual statement to potential romantic partner. Remember, poor flirting can cause total loss of social credibility and you should always consult with your conscience before flirting or beginning a romantic relationship.
