Hi, After my previous posts blasting FProxy's quirks, and advocating native implementations of http access to Freenet, I am forced to recant somewhat.
Why? Because FProxy offers the only real anonymity protection. While native http portals to Freenet, such as FwProxy, may have performance advantages, plus watertight http anonymity security, there is a security hole - web bugs can be planted which hit https, ftp, gopher or socks, or some other protocol which some goddam browser will allow, and it would require proxies for all these protocols, plus compulsory browser proxy configuration, to protect anonymity. One slip on user's part could be fatal. So, back to FProxy. FProxy's 'paranoid' filtering is the only way to go. Block anything that even remotely smells like an out-of-band hit. Give an inventory of all potentially compromising content. I now appreciate the wisdom of this approach. So I'm taking the position now to ask, PLEASE, for FProxy to get fixed up. One bug to report is that periodically, FProxy 'loses the plot' returns 404's on all freenet requests. Restarting the node fixes this. Hmm, I'm tempted to attempt a port of FProxy to platform-independent C++. Have the cake and eat it too :) Cheers David _______________________________________________ Devl mailing list Devl at freenetproject.org http://lists.freenetproject.org/mailman/listinfo/devl
