Mark Richards <[EMAIL PROTECTED]> wrote: > > Headers can always be forged as to browser and OS. Attackers will > eventually figure it out and then you're back to the drawing board > again.
Everybody seems to assume that the problem is an attack. I say that you should never attribute to malice what can be explained by simple stupidity. Sqlite.org is a (relatively) low-bandwidth site on an underpowered server. If somebody really wanted to attack it and take it down, they would not have much trouble. A botnet could bring sqlite.org to its knees very, very quickly. I think the problem here is bugs in archiac versions of Mozilla and/or windows that get stuck in a loop issuing the same HTTP request over and over again. The user is probably unaware of the problem if they aren't looking at the modem light flashing. I'm guessing that the browser doesn't like something in the reply header coming back from sqlite.org (perhaps it is looking for a chineses character set or something) and so it reissues the requesting hoping for a better result the next time. Something stupid like that. Maybe somebody can have a look at the HTTP reply headers that www.sqlite.org issues and point out any problems. (Www.sqlite.org is driven by custom software used nowhere else on the planet, as far as I am aware, so there could be some subtle compatibility bugs.) So my question is really more like this: Who will get upset if www.sqlite.org ceases to function for win98 users? -- D. Richard Hipp <[EMAIL PROTECTED]> ----------------------------------------------------------------------------- To unsubscribe, send email to [EMAIL PROTECTED] -----------------------------------------------------------------------------
