View Single Post
  #14 (permalink)  
Old May 27th, 2001
Unregistered
Guest
 
Posts: n/a
Default You have to trust someone

>WE DON'T KNOW WHAT THESE PACKETS DO!

Actually, we do. Well, sort of. We know what Vinnie says the packets do. And his explaination seems perfectly reasonable. Tell me, how would YOU handle upate notifications without encryption? Better yet, how would you do so SECURELY?

>Now think what I could do with this information if I was a hacker
>and de-compiled the software so I could make up my own
>packets and send them out over the network! Not that hard to
>do.

The most you could do woud be to spoof a higher version number and maybe screw around with the horizon statistics. At least you would have to work to do it.

As for open source clients, would you examine every line of code before compiling the client yourself? Did you examine the compiler code to be sure that it's not introducing rogue instructions? Have you examined your processor's hardware to make sure that every machine instruction is executed as planned, and there isn't some "erase hard drive" instruction lurking in there somewhere? If not, you'd have to trust SOMEONE.

And really, any of the possibilies you mentioned would spell disaster for Vinnie. Would probably get him into a whole HEAP of legal trouble as well. Would also alienate his user base. None of these would be in his self interest. You may not like his attitude, but even you would have to admit that he's not THAT much of an idiot.
Reply With Quote