The resident non-coding freenet pontif said recently: " As this freesite is designed for a general audience I am unable to properly describe my feelings regarding the 'Internet Explorer Sucks' warning that presented itself when I upgraded my node today ... If you must warn people about IE, then put a discreet warning in a readme somewhere, or find a more mature way of stating your feelings. Better yet, rewrite fproxy so that it can't pass through anything that'll cause IE to do bad things to users."
OK, firstly, the README file that ships with freenet will never be read
by 99% of freenet users, unless the installation process goes wrong
(which is obviously bad). We can however put some docs on the node
homepage (the infolets), in a prominent position labelled "Protecting
Your Privacy" or some such shit, explaining how to configure your
browser for improved safety. This is a good idea. Now lets think about
the last sentance. Anyone have any ideas? We have to scan all files, of
any MIME type, for any content that might be harmful to M$ Internet
Explorer or M$ Media Player. This means, since we can't be sure of the
content type, that we must build a blacklist of binary code (and this
isn't just byte sequences either, it'd be procedural because these
things vary... maybe binary regexes are possible?) that might cause IE
or Media Player to fuck up. Among the things involved are virtually all
"media" types (ie the things most people are looking for in a p2p
network), because Windows XP Media Player looks them up in a central
database unless configured not to (please contradict me if I'm wrong, I
haven't used the software myself), even if they don't contain any evil
content themselves. Even if we limit our scope to HTML etc, since we
cannot have a definitive MIME type, we firstly must scan any (or at
least text/plain) files for malicious HTML, meaning that a tutorial on
malicious HTML, or an example of malicious HTML, as a harmless plaintext
file, would be blocked, and secondly we cannot possibly do anything
better than the current situation with the anonymity filter - we must
continue to regexes for anything potentially malicious. If we don't
have to worry about IE, there is a much safer (although quite a lot
of work) alternative - writing parsers for all the text/html, text/css,
text/xml etc formats we want to support, and only allowing what the
parser will understand. We would still have to update it for new browser
standards, but nobody would be put at risk by new browser features, it
would simply block them until they are implemented. A final possibility
which is looking more attractive by the second is to put some
documentation on the homepage saying "this is how you secure your
browser", for any common browsers, if it is possible. For example, for
mozilla, you can turn off javascript etc, and set it to only accept
images from the originating server. There are probably issues with
plugins etc too. We might have to hack mozilla slightly since it has a
habit of feeding queries that time out into google. Konqueror (as of
version 2.2.2) doesn't have the functionality we would need, but it
could be implemented maybe if we had a volunteer. It's quite possible
that IE has such options too. We might force the point by disabling the
content filter altogether once there exists a cross platform browser
that can be configured to be safe. One way to make this slightly less
user hostile would be a freenet plugin for whatever browser,
implementing the scheme freenet:[/]{CHK,SSK,KSK}@... . Comments?
--
Matthew Toseland
[EMAIL PROTECTED]
[EMAIL PROTECTED]
Freenet/Coldstore open source hacker.
Looking for $coding (I'm cheap)
msg03881/pgp00000.pgp
Description: PGP signature
