-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----- Arambic at ufFdEhqep5KSVscrBVz5Cm1AtL0 ----- 2011.02.17 - 13:29:02GMT -----
Matthew Toseland on the freenet-support mailing list: 'Frost DOES at least potentially download actual evil content: an anonymous spammer can force all Frost users subscribed to a board to download any CHKs he wants. Frost is seriously broken.' What do you think, Artur? I haven't noticed it's actually done, and even if it is indeed possible, that would be a bad thing but not disastrous since it's easy to circumvent. Except for it as a way to seriously hamper Frost for uninformed users. - -- Arambic FAQ in the works, plz tell how you feel about it: http://127.0.0.1:8888/freenet:USK at 5rxKg0rbksjJ2P7xoctiRdBzX7XYEnnw4ovaV6mBgoo,Ms6IiZxbGYQryYHYKBePIjUqf80LqsUkOdV6HAMFz1c,AQACAAE/6f/-1/ - ----- artur at K7dLGJvoXF_QQeUhZq9bNp0lFx4 ----- 2011.02.19 - 14:22:27GMT ----- Hi, I know about Toads attitude about Frost regarding the spam... That he considers Frost to be broken because it is SPAMable. Give me the benefit of a developer of Frost, to say that this is true for a lot of systems. (E-Mail, IRC, Usenet...), and I would not say that Frost is "seriously broken", but sadly not SPAM resistant. This distinction may sound a little bit academic, because the result is the same. The messaging system has nearly gotten to the point where it is unusable because of all the SPAM attacks, but saying otherwise is an insult to the people who originally developed Frost. And it has been the major product for communication on freenet for many years. I would even say that freenet would have much less users today, if Frost hasn?t been there. I want to use this post to say something about the SPAM and all complains I receive about it. Yes, Frost is under serious SPAM attacks. For casual use it has become unusable on the public boards. I spend a lot of time each day deleting SPAM posts, to have a chance to see through all the posts done on this board, so I will not miss anything important, but I know that the normal user will not have the patience to do so... I constantly receive complains that the Frost developers (including me) are (to lame, bad, incompetent, lazy,..) to fix this problem and we are a bunch of maroons... Well, I can say that this does not really help my moral and motivation to continue working on Frost. Frost development is kind of a hobby to me. I do all of the work in my spare time. I do it, because it is fun to me and I belief in the Freenet project. But I do have to work, I have friends and family and other hobbies as well. So the time I spend on developing Frost is very limited. I do not have a fixed time plan when to work on Frost, so there will be times when I spend more time on Frost and times when I will spend less. Back to the topic of the SPAM. Stopping the SPAM is not as easy as you might think. I could implement some counter measures, but it would not be very effective in the long run. Look at your email SPAM. How many people have spent time to develop counter measures for email SPAM? And what happened? The spammers have adapted and upgraded and the number of SPAM is still the same... So implementing counter measures have shown to be pretty ineffective in the long run. So implementing countermeasures against SPAM would take a lot of the time. I doubt it would be effective for a very long time, since the spammers have shown to be very creative and persistent in their work. So I consider it a waste of time. For really getting rid of SPAM you need to change the system. One of the systems which will hopefully work is the Web of Trust system, currently being developed for freenet. The development of the WoT system has already been started some years ago, and the Frost developers decided to wait until it is finished and use it for Frost, to get rid of the SPAM and profit from the work of others and not having to do everything on their own. But the development has taken much much longer, than expected. But this just shows how complex it is to develop such a system in the right way. The work on integrating WoT into Frost has already started long ago. But WoT was constantly changing, so it took a lot of time in Frost development to just keep track on the changes, not counting the time to push the development future. So the developer stopped the work on it, and waited until WoT was finished. As already mentioned, it took much longer than everyone expected, but finally we WoT is in a RC state, and now is the time continue the work. But it is still a lot of work to do, and bback and I can only do so much. It will still take some time, until we will finish the work and it can be used. The next problem with Frost is, that is has mostly been a one man show during the last years, with occasionally contributions from other people. Again, the work on Frost takes a lot of time. Not only the time spent on coding, but following the mailinglists, forums, bugtracker,.. for bug reports and other support requests. It always takes me hours to just create a new release. Creating the builds, packing the source, documenting the changes, inserting all, updating the Website, Freesite and Sourceforge, writing the announcement mail... And there is a lot of other stuff to o I have negated, like updating the help files, the FAQ, Wiki,.. So to summarize this post up: - - Development resources for Frost are very limited. - - Implementing counter measures for SPAM is time consuming and I don?t think it would be very effective, so I prefer to spend my time on other parts of Frost, where the benefits will be of a longer duration. - - The development of the holy grail (WoT) has taken much longer than everybody hoped, but finally it is coming. - - There is still a lot of work to be done, to implement WoT into Frost. - - There is more work to do than just the coding and evarybody is welcome to help. - -- artur _-Frost aCtIvE dEvElOpmEnt Crew-_ Frost Freesite: USK at QRZAI1nSm~dAY2hTdzVWXmEhkaI~dso0OadnppBR7kE,wq5rHGBI7kpChBe4yRmgBChIGDug7Xa5SG9vYGXdxR0,AQACAAE/frost/13/ - -- http://freedom.libsyn.com/ Echo of Freedom, Radical Podcast "None of us are free until all of us are free." ~ Mihail Bakunin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJNZf5cAAoJENW9VI+wmYasBUoH/i/4dHX0I5nl8cpJkCKcXaBL Y1gH/Iyb6+fNwUMHuYyFBeX6S5TpBj+pgvOz3SGeEmiFgEUgKMGSptKQYxeySdrc fwxFRLMPgaYehG6vkFo/gkQdVFRFueXMorN8HYeaDmT0ckjZJMiDKFQg5Ig2brlJ Om3X1yZv3ArOJdeixoNznGUzo2pYFS+R0Y4O9Jfm5wxdhEHen6Kp8+L38dmpfS1X odpH7m+kFk/TTD8R33Lt5xAEUkPNMISX3Koo1yTm7Ep7uM5Eb1LWYkRRjcoovZ76 MxHWAHnkp11YuTbi+p9xi1wc9miutImhDgFlQz17rfz8wDym4a9i++btVSaY7+M= =bfOT -----END PGP SIGNATURE-----
