Never mind. No client deployment problems with your approach its not a client just a proxy.
Only firewall issue is: it would be best if it worked across port 80 outbound. That way we need no corporate firewall changes! Would this not be a good use for a java based jabber server? > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On > Behalf Of mitchell balsam > Sent: Wednesday, January 09, 2002 2:17 AM > To: [EMAIL PROTECTED] > Subject: RE: [JDEV] The "OpenAIM" Project > > > I see. Thanks for the clarification. I was not thinking as > Machiavellian as Jeremie, or AOL. > > Each approach has its merits depending on the users who's > problems you want to solve. > > I want to bring Jabber to business users. All of them are > behind a firewall. Also an AOL engineer cant simply sign up > for an account to facilitate his/her IP blacklisting efforts. > Would these business users be entitled to use the public > redirector network. Not clear. Would they even need to, > likely not. Since I still don't believe that AOL could tell > the difference between the server behind the firewall and > users working over a port 80 proxy in the firewall DMZ. > Actually an AOL imitator working across port 80 would require > less corporate firewall configuration than jabber that needs > bidirectional firewall changes! > > Also, AOL is a company, who can not willing disobey the law > (We hope). To signup for an account a system engineer would > require their engineer, to accept our legal terms. Hence I > digress... > > For public jabber servers, > > Your null client idea is absolutely the cleanest but then you > must replace or augment all jabber clients. That's a total > mess for business users. It would not be a problem is this > occurred before deployment of the clients! Something to think > about soon. :-) > > Have not thorough thru all the issues of null client yet. A > question: How would null client work if the user is behind a > firewall? > > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On > > Behalf Of Michael F Lin > > Sent: Wednesday, January 09, 2002 1:27 AM > > To: [EMAIL PROTECTED] > > Subject: RE: [JDEV] The "OpenAIM" Project > > > > > > > > Basically, Jeremie pointed out that AOL's engineers can use > > our own opennes against us by using our client software to > > connect to their networks through our servers. In doing so, > > they can figure out exactly where our servers are. > > > > For example, say Alice is an AOL engineer. She makes an AIM > > account "jabbersux". Now, whenever she sees Jabber users > > happy, she downloads WinJab and creates an account on their > > Jabber server. She adds the AIM transport with "jabbersux" to > > her account. Then she uses her administrative tools to see > > where jabbersux is logged into AIM from; thus she determines > > where the AIM transport is, and blocks it. A diabolical laugh > > is in order here. > > > > So the idea of running the server behind a firewall is an > > interesting one that would help in this scenario, but in the > > short term it is really a hack because, as you point out, > > there needs to be some way to get this to the masses, not > > just to one organization. > > > > -Mike > > > > > > > > > > > > > > "mitchell balsam" > > > > > > <[EMAIL PROTECTED]> To: > > <[EMAIL PROTECTED]> > > > > Sent by: cc: > > > > > > jdev-admin@jabber Subject: RE: > > [JDEV] The "OpenAIM" Project > > > > .org > > > > > > > > > > > > > > > > > > 01/09/2002 01:00 > > > > > > AM > > > > > > Please respond to > > > > > > jdev > > > > > > > > > > > > > > > > > > > > > > > > > Either they just used a > > > normal client to do this or script with a jabber module. Once > > > aim.jabber.org logged into AOL w/ that dummy account, they would > > > examine the source IP for that client connection (I'm sure they > > > regularly block abusive users/IPs and this action is quite > > easy with > > > their administrative tools). > > How could AOL tell the difference beween a jabber server with > > an AIM module behind a firewall and 50 aim users working > > behind a firewall using aim's http proxy module? As far as I > > know they cant. Jeremie, I conceed you have a lot of > > experince with this but what am I missing > > here? Now if you said that we were not repsonding to a > > command in the > > protocol I would agree that AOL could detect that. > > > > For my work, jabber is very very important if I can > > communicate with users on all the IM networks. From a > > busness point of view, I don't have the luxuary of not > > talking to people on AOL.. It my believ that many jabber > > busness user share this point of view. (I could be wrong so > > comments are appreciated) > > > > Jeremie, jabber is your product and I truly respect you for > > bring it this far. But if you want me as your customer via > > jabber.com, this is a very imporant issue. I cant simply > > ignore communicating with 100 Million AOL users. > > > > > > > > > > > -----Original Message----- > > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > > On Behalf > > > Of Jeremie > > > Sent: Tuesday, January 08, 2002 11:44 PM > > > To: [EMAIL PROTECTED] > > > Subject: Re: [JDEV] The "OpenAIM" Project > > > > > > > > > There is a very simple reason why any approach like this is > > doomed to > > > failure. > > > > > > As far as I can tell, the technique AOL is/was using to > > track the IPs > > > being used by aim.jabber.org was that they had a dummy AIM > > account and > > > registered the transport to use it via jabber like any normal user > > > does. > > > > > Either they just used a > > > normal client to do this or script with a jabber module. Once > > > aim.jabber.org logged into AOL w/ that dummy account, they would > > > examine the source IP for that client connection (I'm sure they > > > regularly block abusive users/IPs and this action is quite > > easy with > > > their administrative tools). > > > > > > The entire thing could be automated on their side, and it > > would only > > > take a very short amount of time to obliterate any network of aim > > > transports or socket redirectors. > > > > > > I fully agree, this battle isn't one for the technology, > > our technical > > > resources are better spent improving Jabber, and if anyone has > > > political resources those are probably best spent showing > the world > > > why a commons for communication platforms is so important > > over closed > > > commercial/corporate networks. > > > > > > Jer > > > > > > On 8 Jan 2002, Adam Theo wrote: > > > > > > > Hmm... A thought just occured to me when reading about > > these Socket > > > > Redirects. I am not familiar with them, so they may already > > > have this > > > > ability. > > > > > > > > The key would for any "permanent solution" to be completely > > > transport > > > > side. This is opposed to the client-side which would > > > require users to > > > > install new software (won't happen), or even server-side > > > which would > > > > require server admins to re-do their entire server installation. > > > > Here's a solution: > > > > > > > > Modify Temas's AIM-T to find other AIM-T's on the Jabber > > > network in a > > > > DNS-like propogation system (how DNS entries spread accross the > > > > internet). When someone connects to an AIM-T, any AIM-T, the > > > > collective AIM-T's "shuffle" the users connections around, > > > randomizing > > > > IPs and distributing load. Once a hundred or so IPs are on this > > > > "OpenAIM" network, it would be near impossible for AOL to > > > track down > > > > even a small percentage of the IPs... especially if the IPs are > > > > somehow transparent to the client (to stop an AOL employee > > > downloading > > > > and tracking AIM connections through Jabber). The only IP > > > the client > > > > would see is the AIM-T at their home server, but the IP > > > that actually > > > > is making the connection could be any one of dozens if not > > > hundreds. > > > > Alot of potential here, folks... And this OpenAIM network > > > would bring > > > > on alot of those "multi-protocol" clients that are not yet 100% > > > > Jabber... I would see Everybuddy and GAIM becoming full > > > Jabber clients > > > > if we could pull this off... > > > > > > > > And in actuality, I think alot of the technology to do this > > > is already > > > > out there, it just needs to be pulled together. > > > > > > > > Yes, I'm 100% behind this idea. I am a crappy programmer, > > > but I would > > > > be willing to dedicate some pocket money to help a > > > programmer or two > > > > get this up.... Whadda say? I know there are some problems, but > > > > instead of shooting this idea down, how about we put our > > > thinking caps > > > > on and figure out viable solutions? Wow, I think this > > could work... > > > > > > > > > > > > _______________________________________________ > > > > jdev mailing list > > > > [EMAIL PROTECTED] > > > > http://mailman.jabber.org/listinfo/jdev > > > > > > > > > > _______________________________________________ > > > jdev mailing list > > > [EMAIL PROTECTED] > > > http://mailman.jabber.org/listinfo/jdev > > > > > > > _______________________________________________ > > jdev mailing list > > [EMAIL PROTECTED] > > http://mailman.jabber.org/listinfo/jdev > > > > > > > > > > _______________________________________________ > > jdev mailing list > > [EMAIL PROTECTED] > > http://mailman.jabber.org/listinfo/jdev > > > > _______________________________________________ > jdev mailing list > [EMAIL PROTECTED] > http://mailman.jabber.org/listinfo/jdev > _______________________________________________ jdev mailing list [EMAIL PROTECTED] http://mailman.jabber.org/listinfo/jdev
