On Mon, Apr 02, 2001 at 12:51:12PM -0400, Gianni Johansson wrote: > On Monday 02 April 2001 09:42, Tavin wrote: > > This has been argued over before. I don't think it should, the reason > > being that it's not 100% effective, and it will lull people into a false > > sense of security. Sure it blocks that <img> tag, but I'll bet you if > > I spent a half hour I could figure out something that would slip past the > > filter. A while ago it was as simple as a meta tag refresh, but I think > > that one got fixed ;') > > > > The only thing that could be 100% effective would be to set your browser > > to use a real proxy for all protocols which would perform http->freenet > > relaying like fproxy but would block any outgoing non-freenet traffic. > > > > After I finish some of the stuff I'm working on, if no one else steps up, > > I will write one of these, maybe as a service to be run with the node, > > maybe external.. dunno. > > > > Anyway, with FCP in the node now we're in a good position to create this > > beast. > > I disagree. How are you going to trap all protocols? You will have to filter > the HTML..
Um, pretty easy.. set the proxy for all protocols to the freenet proxy program.. > Just because the current security filter isn't perfect doesn't mean you > should do absolutely nothing. Analogy: It is almost impossible to make a house > 100% secure --> You shouldn't lock your door because that gives you false > sense of security. Nonsense. > > The real reason the filter is currently disabled is because fproxy was > leaking one thread per anonymity warnings as of the .3.7.1 release I didn't > fully characterize this bug, but I am pretty sure that it is in fproxy -- not > the filtering code. Could someone else take a look at this? Does this > problem still exist? > > --gj -- # tavin cole # if code is law, then Freenet is a crowded theater _______________________________________________ Devl mailing list Devl at freenetproject.org http://lists.freenetproject.org/mailman/listinfo/devl
