if you mean http security this server will not execute any external code, nor can it read/wtite the disk, only reads and hashes stuff inside "shared folder".Originally posted by FTFakes@17 May 2004 - 17:19
Good job on dir2sig B)
But the hashserver...what about security?![]()
I'm sure organisations like RIAA will love it. Makes it pretty easy to find out what people have in their shared folder![]()
*cough scanning port 80 cough*![]()
And as the index files are placed in the My Shared Folder, everyone can search for them with Kazaa if people don't disable sharing of those files.
i didn't say users must choose the whole "my shared folder" nor port 80, only a subfolder which they feel beeing served.
im allready working to send 403 to ranges which the bad ip updater fetches, =sever will fetch itself from time to time. there IS a blocker allready working, only not so convinient.
but: my main idea here is not privacy: people fearing riaa and mpaa will never even download the server. my idea here is fastrack's illness for not supporting collections, ie: to see which song(s) are missing from the album.
what people did was shoot up a browser and do a search for the album's songs, & got many popups "BUY this" "BUY that" to find out what are they missing, /*not allways sucesfully*/, and finaly do a search inside kazaa for each and every missing song.
this goes to any other content which is shared in pieces, and is worth much more inside a collection.
and even is someone doesn't want to serve: he/she can take the dumped html files, customise them and upload them somewhere. i personaly think it's still more convinient to deal with hashes then using dir2sig or sig2dat or ksig.
for the index files: i have had kazaa running 24/7 for almost a year and not a single html file was ever uploaded from me, but they(files) can easily go somwhere else, i didn't plan to leave them there, this is a beta ok ?
i apreciate the comments, will work on it.
Bookmarks