To LUGNET HomepageTo LUGNET News HomepageTo LUGNET Guide Homepage
 Help on Searching
 
Post new message to lugnet.admin.generalOpen lugnet.admin.general in your NNTP NewsreaderTo LUGNET News Traffic PageSign In (Members)
 Administrative / General / 3756
3755  |  3757
Subject: 
 Re: Policy clarification regarding catalogs
Newsgroups: 
 lugnet.admin.general
Date: 
 Sat, 18 Dec 1999 01:21:32 GMT
Reply-To: 
 MATTDM@stopspammersMATTDM.ORG
Viewed: 
 955 times
  
Todd Lehman <lehman@javanet.com> wrote:
another.  (Again, maybe security through obscurity, but if a file isn't
linked to, then clearly the intention is for it not to be seen.)

I don't think that's clear at all! It may be simply a matter of poor index
design, or laziness. Luckily for my argument :) I have a great example of
this already.

<URL:http://www.mattdm.org/mindstorms/>

is an intended-to-be-public website. Check out <URL:http://www.mattdm.org/>:
you won't find it there at all.

But there's an even better example: the countless ~username web sites (or
/username, at some sites, like AOL) out there. There are very rarely
links from the main page to these web sites, let alone indexes. Often, the
best way to find the site of someone you think is at a given university is
to guess based on their username. (This is a pretty good analogy to guessing
the URL of an image at the Lego web site, wouldn't you say?)

For that matter, people guess that the web site of a given corporation is
"http://www.companyname.com/" all the time. What if that's not been
announced somewhere? Might it be illegal to mention that they've got a site
there?


Actually, I just realized as I was typing all this: I may actually agree
with you about attempts at security through obscurity expressing at least an
intent not to publish. But:

The URLs on the Lego site follow an easy-to-understand pattern. (As do most
of my examples above.) So there is not even a pathetic attempt at security.
Which I think renders that point moot.


--
Matthew Miller                      --->                  mattdm@mattdm.org
Quotes 'R' Us                       --->             http://quotes-r-us.org/



Message has 2 Replies:
  Re: Policy clarification regarding catalogs
 
(...) Another example of this: what about a link to <URL:(URL) or <URL:(URL) Is it a violation of copyright to give these links to someone? (25 years ago, 18-Dec-99, to lugnet.admin.general)
  Re: Policy clarification regarding catalogs
 
(...) I thought we were talking about links to images. (...) I think the fact that the images are *gone* now expresses an even stronger intent not to publish. :) (...) But if a web developer at some company makes an idiotic mistake like that (and (...) (25 years ago, 18-Dec-99, to lugnet.admin.general)

Message is in Reply To:
  Re: Policy clarification regarding catalogs
 
(...) I don't agree. (I see the point, but I don't think it's that simple.) What is security -- fundamentally? A file served from under the URL (URL) the /images/ directory is HTTP-password-protected with the username and password combo of (...) (25 years ago, 18-Dec-99, to lugnet.admin.general)

93 Messages in This Thread:
































Entire Thread on One Page:
Nested:  All | Brief | Compact | Dots
Linear:  All | Brief | Compact

This Message and its Replies on One Page:
Nested:  All | Brief | Compact | Dots
Linear:  All | Brief | Compact
    
Custom Search

©2005 LUGNET. All rights reserved. - hosted by steinbruch.info GbR