No matter what is decided about MediaEnforcer-style attacks, it seems
unfair not to have a prominent notice about this on the Freenet site.
I don't think any of us would think twice about criticizing a software
company or project that had a known security risk, even if it was
unproven and/or theoretical, and failed to inform users about
it. (I use the term "security risk" under the broadest possible
definition here, which might be, "Unplanned and unauthorized use of
the software that causes the user a major pain in the ass." B-)
It would be nice to say what we plan to do about the risk, even if we
choose not to do anything and bank on the integrity and courage of
ISPs and universities. But even if we haven't decided what we're going
to do, we should point out the potential hazard.
~Mr. Bad
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/\____/\ Mr. Bad <[EMAIL PROTECTED]>
\ / Pigdog Journal | http://pigdog.org/ | *Stay*Real*Bad*
| (X \x)
( ((**) "If it's not bad, don't do it.
\ <vvv> If it's not crazy, don't say it." - Ben Franklin
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
_______________________________________________
Freenet-dev mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/mailman/listinfo/freenet-dev
