-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >>> There are 2.5 current independent forum systems in the wild. FMS, >>> Freetalk and Frost. They work well. (FMS the best. /me ducks/ :). >> >> I looked at it but I find it a little tricky: it seems it not only >> downloads the headers of the postings but the content as well. That way it >> also downloads all kinds of kiddy porn which, of course, I don't want to >> have. > > Not true. At worst it downloads messages containing links to all kinds of > evil content - if said messages are posted by people who are visible on your > WoT. (I.e. have positive message trust). > > HOWEVER, Frost DOES at least potentially download actual evil content: an > anonymous spammer can force all Frost users subscribed to a board to download > any CHKs he wants. Frost is seriously broken.
Not strictly true. If we are talking about US/Britain then text story can be classified as 'child pornography' (or 'kiddy porn' as it was called above). As such any software that is used to communicate can be forced to download child pornography without your knowledge. In fact the very e-mail client you are using can be abused in such a way. Imagine the scenario where somebody signs up to this e-mail list and posts pornographic story involving somebody who can be argued to be under the age of 18, your client will download this (it has no way to contact a lawyer before downloading each message). Frost currently uses an old system (that is going to change) which does allow an attacker to post small bits of any files as a message. Theoretically you will be downloading, although frost won't recognise such file as a valid message in the end. That was one of the ways that attacks were done on Frost. The intention currently seems to be to allow frost to communicate via Freetalk mechanisms. - Volodya - -- http://freedom.libsyn.com/ Echo of Freedom, Radical Podcast "None of us are free until all of us are free." ~ Mihail Bakunin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJNYhYQAAoJENW9VI+wmYasJicH/0l46+5e7F2Ai1aHkVqDIycp lC9pfGW1/JaGoGikkXQ+IeCLuQgmfwKl27JSlUOd2Wyxp8V9hSmd+ndEr136Jgbt nQ0/7UVYx0NK3sK8M6xj12fXsH4GZYqNggzo0CtNdrhq5SK8G/y/xBC2mY1WcueR +GtO55yQc4tYEaiX9oAPHrb2x9M3/lKZSDqXb3KqS15sxYHE5ALwgfLx70Enq9A2 Tflb1NJxifuDr9aAlGKZi9HqpeEV6CBA5gtX9YlY6Z1xc5XByrYvDNmqvsYYIo7m 2I0XgxcpVIFgcW6xYoCiOXcq5G579t2wzTk2ysLjBMuWrM/+VFOQXgNETJIf2Cc= =n/Dt -----END PGP SIGNATURE----- _______________________________________________ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe