Quote:
Originally posted by Vinnie
There is nothing obscure about the techniques that BearShare uses to digitally sign query hits or require challenge/response authentication in host connections - they are all built from sound, proven cryptographic primitives that are published and well documented. |
that's an obvious lie. Vinnie, we are not all unskilled users. Your encryption sheme is proprietray and undocumented, no other GDF member does use it. Commonly known as security through obscurity.
Quote:
| So when you hear someone say "security through obscurity" in the context of BearShare, this is clear sign that they don't know what they are talking about. |
you need a little bit more then insulting or badmouthing open source software. Please read the thread on
Zeropaid (link above). It explains why so called secure channels can not work, why it's a pure marketing gag.
I know Vinnie tries to give himself an übercoder attitude. He likes to talk about multithreading, completition ports and encryption. All sounds great for unskilled users but after a closer look it's marketing most times. The so called secure channels provide no security in real world, they split Gnutella.
Quote:
| supported by a private anchor server which accepts no incoming connections and cannot be attacked. |
LOL Vinnie, I'm sure any server without internet connection can get a great NSCA firewall certification. Oh wait I have a even better idea, switch off the server, it's totally secure then and can not be attacked.