Subj : Re: The Documentary... To : alt.bbs.synchronet From : Sinister x Date : Sun Aug 21 2005 09:08 pm From Newsgroup: alt.bbs.synchronet "Deuce" wrote in message news:43009A77.6294.sync@nix.synchro.net... > To: Frank Vest > Re: Re: The Documentary... > By: Frank Vest to alt.bbs.synchronet on Sat Aug 13 2005 12:41:00 > > > The point is that BBS servers are just more secure to begin with, imho. > > The programmers are more interested in security thinking than "get it on > > the market today!" thinking. > > I don't think I would agree with that. > > --- > þ Synchronet þ ``Penguins make tasty snacks'' > --- Synchronet 3.13a-Win32 NewsLink 1.83 > * Vertrauen - Anaheim Hills, California - telnet://vert.synchro.net > I don't necessarily agree with it either. Like I said, it's not the coding necessarily that makes it so secure (b/c I can assure you, even with Synchronet if you pass it through a typical buffer overflow checker for source code you can see that there are string functions used that allow non-terminating strings which is a bad bad thing... luckily though the program flow is linear as such that being able to exploit such things would be a considerable effort, if even possible thanks to input limiting and such... but a big caution to the web engine nonetheless which is something you guys actually doing the coding should be constantly looking at in my summation), it is the lack of people who would actually spend the time trying to exploit such software as opposed to much more widely used software such as apache itself or IIS. Regardless of that fact, particularly with the web engine coming in to play all of the various loopholes that could be potentially found should be plugged as they're seen which I'm sure you guys are doing anyway. --- Synchronet 3.13a-Win32 NewsLink 1.83 .