 | | Re: Email Authentication - Why not make it optional?
|
|
"Eric Kingsley" <kingsley@nelug.org> wrote in message news:GF8KyH.H8w@lugnet.com... (...) not (...) area) (...) sign (...) are (...) area so (...) I would love this. I am a paid up Lugnet member (no pack yet, guess there's a backlog), and I love (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
(...) Now I like this idea. There should be some real benefits to membership and this could be one if it can be worked out. I realize Todd might not like this because it could be considered exclusionary but I also think $10 is a pretty low price to (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
I just thought of something. Todd, do you have any stats on NNTP usage? Can you tell how many members vs non-members use NNTP? If the number of non-members using NNTP is low, maybe just make NNTP a "privilege" of membership. I'm against the (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
I agree that it is time consumeing, as someone else wrote - I too write them offline and then dail in and send them. It is cheaper and gives one time to think about the answer. I also saves money. Now, there is a simple way around this - in Outlook (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
I just thought I would throw in my 2 cents in support of the changes even though most of my thoughts have been covered. I will try and keep this to what hasn't been said (or at least I havn't seen posted yet). (...) First let me begin by saying I am (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | A possible enhancement idea
|
|
One idea I had that may or may not be a good one is this: What about having subsequent authentication emails put multiple authentication numbers into the URL if other posts from the same user are awaiting authentication? This way it would be (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp)
|
| |
| | Enhancement for us web-posters
|
|
OK, it's not really NNTP, but I couldn't find anywhere better to ask. Todd, any chance us web-posters could get a cancel button? Like you know, if I wanna obliterate that post I didn't read before I hit the dreaded "Post" button? I was thinking (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp)
|
| |
| | OK maybe there's a plus to this authentication...
|
|
...it forces people to think at least a couple of seconds before they post - that's gotta be good! And Todd's even stuck a "let me think about it" button on the authentication page! Maybe it's not that bad after all! ROSCO (23 years ago, 20-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: E-mail authentication during posting
|
|
(...) If you automate the reponse to the authentication e-mail, all I have to do is spoof your identity as Mad Hatter has done several times. Because the authentication gets sent to your email regardless of where I post from, and your response is (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
Brad you rasie some good points, my take is that if you are being Spoofed you might not know it untill it's too late and someone has either ruined your reputaion or you seem to be held in low regard when you post and you don't know why because some (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | Re: E-mail authentication during posting
|
|
Hello Ross, hello everybody, (...) Can one of you set me straight: I assume the attacker has no access to my email account. How could he, then, automate an email reply I have to send in order to make my post valid? As for a minimum amount of (...) (23 years ago, 19-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
(...) Maybe we should take this offline to dig in further on cracking but I see this as really hard to crack. If you have some ideas on how to crack it, I suggest you send them directly to Todd so he can see if there's some angle he overlooked. I (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
(...) 8?) But life will be miserable if the earthquake hits with little or no warning. (...) So in other words, one annoying person has effectively forced many others to put up with an unnecessary (until now) inconvenience. I also use the web, and (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
(...) It was hurricane season so a seawall was what was needed. If and when there is an earthquake likely that would be the time to do things to earthquake proof. (...) They should consider switching to the web mechanism or putting up with the (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
(...) I hate to say it, but... me too. I was very happy to see Todd put the new security features in place. Obviously no change will please everyone, but I think some action had to be taken. Thanks, Todd! -Marc Nelson Jr. (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
(...) Shiri, This *doesn't* solve the problem for people who don't have access to a browser to authenticate their posts. It also doesn't solve the problem of people who compose a bunch of posts off-line, then dial-up to send them. These people now (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
Well, It sounds like the problem was a lot more widespread than I thought. Perhaps these "bad" people weren't posting in groups I frequented. Anyhow, it sounds like the security stuff is here to stay and will probably get more intrusive rather than (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
Brad, Please note that most people here don't like to post "me too" posts. Usually the people who agree to what a post says will remain silent, while the objecting parties will be a lot more vocal. I think that a great number of people are (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
(...) But a seawall's not gonna help you against an earthquake... (...) ...if you use the web to post. Most of the people complaining use email or a newsreader to post, for which there's no way to "log on". ROSCO (23 years ago, 20-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
(...) Until said clone (or someone else) finds another way around it. (...) I enjoyed my time on Lugnet even when the clone was having fun - I just ignored the posts (mostly). (...) I also use the web to post 99% of the time, but I'm still not (...) (23 years ago, 19-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
