Subject:
|
Re: Email Authentication - Why not make it optional?
|
Newsgroups:
|
lugnet.admin.nntp, lugnet.general
|
Date:
|
Tue, 19 Jun 2001 23:40:16 GMT
|
Viewed:
|
61 times
|
| |
| |
In lugnet.admin.nntp, Kyle D. Jackson writes:
> In lugnet.admin.nntp, Brad Hamilton writes:
> >
> > Since this has happened, I've seen one reply of the nature "Great - I'm so
> > happy you did this!" post and a huge number of "This is such a hassle, why
> > are we doing this" posts. Presumably, the one positive post is from the one
> > person (or maybe there were two) that had this problem.
>
> Well allow me to say that I am glad that Todd implemented this
> measure. Mostly because since it has been implemented, we have
> gotten rid of the annoying clone. And it will continue to
> help LUGNET remain a very nice friendly place that I actually
> enjoy coming to. To me that is worth the small hassle people have
> to go through to post. I still think the easiest way to post is
> via the web while logged in to LUGNET, so it hasn't affected me
> at all. I know there are people can't use the web to post, and that
> is unfortunate.
Likewise. I'm happy to see the authentication system implemented.
It's been one of my longest-standing concerns about LUGNET's
security, and frankly, I'm surprised we've gone as long as we
have without it.
> > Why are we punishing the whole community for a problem that only one or two
> > people had? This is even more annoying given that this is the first time
> > I've heard about this happening (so presumably, the likilihood of this
> > happening again is low as well).
>
> We had been getting attacked by that same troll/flamer for about
> a year. And that was one person. In my opinion we've been
> extremely lucky that we haven't had more.
Yeah, that. I'm not sure what the full story was, but it's
been going on for quite some time.
> > Why can't this authentication be an optional feature? Why not let the one
> > or two people who are actually worried about being spoofed turn it on and
> > let everyone else post without authorization???
>
> Because it still allows an unauthorized person to post to LUGNET.
> The point wasn't to protect people who didn't want to be cloned. It
> was to keep out people who weren't authorized to post. In our most
> famous case, we have a person who had been banned from LUGNET, but
> continued to post here, disrupting things, attacking other users,
> and making outright threats. If authentication were optional that
> person could continue to post.
Right. And it's not isolated--ask any of the few people who
actually frequent the entire server, and they'll tell you.
Best not to wait for a full-blown hurricane before installing
seawalls.
> > I personally believe that the spoofing that went on was probably an isolated
> > case by one individual. Are we going to let that one attack stifle the life
> > out of LUGNET???
>
> I believe it will help preserve LUGNET's life, not stifle it. Compare
> the "quality of life" here on LUGNET with that of Usenet.
Even given that, compare the "quality of life" here to *any*
online community of this size. I've been around for a long
time in a lot of places, and this is still the best of the bunch.
The equation of security with stifling isn't necessarily true.
Anyways, I'm happy about the development. The circumstances
of its implementation are less than pleasant, but it's no big
hassle and a welcome sense of security. (And another reason to
register--log in and authentication isn't necessary!)
best
LFB (#120)
|
|
Message has 1 Reply:
Message is in Reply To:
42 Messages in This Thread:
- Entire Thread on One Page:
- Nested:
All | Brief | Compact | Dots
Linear:
All | Brief | Compact
This Message and its Replies on One Page:
- Nested:
All | Brief | Compact | Dots
Linear:
All | Brief | Compact
|
|
|
|