From 02ac1fb9cb98cab72676af3636fbdc7eee129b7e Mon Sep 17 00:00:00 2001
From: Tom Wilkie <tom.wilkie@gmail.com>
Date: Mon, 30 Nov 2015 09:51:24 +0000
Subject: [PATCH] Add basic security warning.

---
 README.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 0751fe197..b988d4728 100644
--- a/README.md
+++ b/README.md
@@ -28,8 +28,12 @@ boot2docker, replace localhost with the output of `boot2docker ip`.)
 ## <a name="requirements"></a>Requirements
 
 Scope does not need any configuration and does not require the Weave Network.
-But Scope does need to be running on every machine you want to monitor.
+Scope does need to be running on every machine you want to monitor.
 
+Scope allows anyone with access to the UI control over your containers: as
+such, the Scope app endpoint (port 4040) should not be made accessible on
+the Internet.  Whats more, probe <-> app traffic is currently insecure and
+should not traverse the internet.
 
 ## <a name="architecture"></a>Architecture