Ya I see your point, I guess my reply to that would have to be that the hacker can browse the host already as it is.
And while, I agree, it is not currently as obvious that a user is mistakenly sharing his entire c:\ as it would be with the proposed feature, any hacker (or anyone with half a brain) should be able to tell by the number and the type of files (extensions) being shared, that the user is probably sharing more than they should be.
There are other p2p clients that use this directory structure on browse client and it is very handy for grabbing complete cds or desktop wallpapers or whatever (there are 1000's of folders out there labeled 'Wallpaper', of which the files it contains do not have wallpaper in the name).
I guess to conclude, if a hacker is going to pick which computers to 'hack' based on whether or not the person is sharing his entire c:\ or not, they can do it easily enough with bearshare in its current state. I don't see adding this functionality as giving the hackers any more of an advantage. However, it could be a great help for the average guy just looking for files. |