On Fri, Jan 2, 2009 at 12:11 PM, Matthew Toseland <toad at amphibian.dyndns.org> wrote: >> What about the new privacy mode in the Firefox 3.1 betas, or in the >> current version of Safari? > > How would we reliably detect this? Does it change the User-Agent string?
I doubt it. > I disagree, Freenet should be secure by default. Easier said than done, Freenet also shouldn't screw with the configs of third-party software in ways that we *know* are destructive, yet it does. > If it's insecure it should at > least have the decency to tell the user that it is insecure. And the more > things that the user has to be warned about, the more mental overhead Freenet > takes up, IMHO pointlessly in most cases: this is the opposite of > user-friendly! Do you think screwing with user's firefox profiles causing them, at least in some cases, to lose data is user friendly?! Given the choice, I would far prefer that Freenet made it my responsibility to ensure the security of third party software rather than destructively screwing with that third party software as we do with Firefox. > What do you think of the solutions I proposed most recently? That is, to > add ?security=<long key dependant string> to freenet URIs (in the content > filter and the fetch a key form), and to solve the connections problem as > we've discussed, with a page loading screen and some rather more heavyweight > javascript solution for loading image-heavy pages? (Admittedly some pages > will have the inlines in the same container...) We should start with the simplest of these and work our way up, but we should ditch the Firefox fubarring stuff *NOW* no-matter what else we do. Ian. -- Ian Clarke CEO, Uprizer Labs Email: ian at uprizer.com Ph: +1 512 422 3588 Fax: +1 512 276 6674
