[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freenet-dev
Subject:    Re: [Freenet-dev] trojans
From:       Oskar Sandberg <md98-osa () nada ! kth ! se>
Date:       2000-07-30 8:40:51
[Download RAW message or body]

Yes, a Freenet client would have to be careful to warn the user before linking
off Freenet onto a normal Internet connection in any way (sort of like the warn
before leaving SSH as it is), but that is very much a client issue, and such an
attack is still a whole nother level above what it takes to reveal somebody in
Gnutella (ie, nothing).

On Sun, 30 Jul 2000, you wrote:
<> 
> That's not totally true and is why when I kick and scream about the people
> buiding clients _not_ putting it in a browser, why I get mad no one
> listens.
> 
> While Freenet itself may be free and clear of this kind of intrustion, if
> a client exists which can run abitrary code such as Java applets or
> whatnot, this defeats the entire point.
> 
> One could easily write a program which would send your IP address and some
> other information it could collect back "home".
> 
> This is not totally a Freenet issue, but the ability for a client to run
> arbitrary code (Java sandbox and all that other crap aside) is something
> which I've seen this group not take as seriously as it should.
> 
> I think a UI such as those things like Gnapster or Gnutella have is just
> fine for Freenet and that this, and not the Web browser addons, should be
> the focus of a client.
> 
> - Serge Wroclawski
> 
> 
> _______________________________________________
> Freenet-dev mailing list
> Freenet-dev@lists.sourceforge.net
> http://lists.sourceforge.net/mailman/listinfo/freenet-dev
-- 
\oskar

[prev in list] [next in list] [prev in thread] [next in thread]