At 07:28 -0500 01.31.2001, Morbus Iff wrote:
>>Morbus Iff wrote on 01.1.30 1:45 PM:
>>>Do you SSH through CVS on the Mac? How? I've been requesting pserver for my
>>>perl projects on SourceForge, and up until last month, things were happy
>>>and they responded quickly. But a request for pserver from last December
>>>still hasn't been pushed through.
>>
>>I wish if SourceForge could support IE for Mac.
>>Is it going to?
>
>You know, I always kinda laugh at that warning - it doesn't support IE? I
>*always* use IE 5 to get to the site, and can always log in with no
>problems (merely getting redirected to a non-SSL page).
>
>I still haven't exactly figured out why they have such mad desires to
>encrypt and secure opensource traffic (SSH through http and CVS), but hey...
I think it is quite simple: someone can intercept your cookie (since your
actual password is sent encrypted when you log in, that is not an issue,
but your cookie still is) and actually become you and, say, delete all your
bug reports. That would be Bad. Same thing goes with using pserver
instead of ssh for CVS. Someone could put a bug or trojan in your code, or
just delete things.
You're right, the data itself is not sensitive, but the passwords and
cookies, if intercepted, can be a big problem. It is more abou access than
data.
--
Chris Nandor [EMAIL PROTECTED] http://pudge.net/
Open Source Development Network [EMAIL PROTECTED] http://osdn.com/
