Re: the nothing to hide a
By: Boraxman to SYS64738 on Tue Feb 15 2022 08:12 pm

Indeed. But I too have been caught by that, thinking that what was posted on a BBS, was for the BBS, only to find it comes up in a Google search.

Yep.. Manye BBSes today have web interfaces where the public forum messages posted on a BBS can be read and searched on the web.

Nightfox

---
■ Synchronet ■ Digital Distortion: digitaldistortionbbs.com

Re: Re: the nothing to hide a
By: Boraxman to Moondog on Tue Feb 15 2022 08:15 pm

Re: Re: the nothing to hide a
By: Moondog to Boraxman on Mon Feb 14 2022 11:39 am

Re: Re: the nothing to hide a
By: Boraxman to Moondog on Mon Feb 14 2022 08:18 pm

Re: Re: the nothing to hide a
By: Moondog to MRO on Sun Feb 13 2022 11:31 am

There are videos on Youtube that show how to Un-Google an Android p it's funny to see how less useful they become. Even apps in the ap collect telemetry, so you have to install less mainstream open sour and put up with less polished function or ease of use.

Wifi triangulation still cannot be shut off, so keep that in mind. Pine64 linux phone contains dip switches under back case half to ph ut off wifi and cameras and mics and gps

I've seen some of Rob Braxman's videos. I'm OK with reduced functiona current phone is over 10 years old, it still has a keyboard, so I don' much. A web browser, phone, SMS and a telnet and/or SSH client will d fine. Play some music and I'm set.

Believe it or not I was happy with my personal phone being a flip phone w a pre-paid one year plan. If work required me to have a smart phone, the company would issue me one and i would noit install any non-business apps it.

Anyways, 3G is being dropped in my area and has been decreasing all aroun area. I was forced to upgrade. Tracfone had a special going on, and I g Samsung A11 for free after the discount.

Work sort of requires me to have one. More specifically, they expect me to apps that don't work on mine. I generally can get away with it, but have ha to borrow my wifes to get an program set up or two. Why I would have to giv
Chinese company my phone number and name, so that someone who lives in the same city (and in some cases, works in the same office) can message me is beyond me. These people just don't think of how silly this is. I get peopl complaining that I'm "uncontactable" despite having a phone, SMS, e-mail, MS teams, Zoom. But because I don't run this stupid other app which is probabl tool for Chinese spying and surveillance, it causes problems.

I agree. Companies I have done work for also have a layer of management on
the phone that allows for them to push apps tothe phone, and even wipe it remotely. I wouldn't want to get all comfy using my company cell for
personal use, then lose everything due to a staff reduction.

---
■ Synchronet ■ The Cave BBS - Since 1992 - cavebbs.homeip.net

Re: the nothing to hide a
By: Nightfox to Boraxman on Tue Feb 15 2022 08:33 am

Re: the nothing to hide a
By: Boraxman to SYS64738 on Tue Feb 15 2022 08:12 pm

Indeed. But I too have been caught by that, thinking that what was posted on a BBS, was for the BBS, only to find it comes up in a Google search.

Yep.. Manye BBSes today have web interfaces where the public forum messages posted on a BBS can be read and searched on the web.

Nightfox

that's why guest access to that shit should be turned off.
---
■ Synchronet ■ ::: BBSES.info - free BBS services :::

Re: the nothing to hide a
By: MRO to Nightfox on Tue Feb 15 2022 06:20 pm

that's why guest access to that shit should be turned off.

And miss out on all the insightful gems on FTN networks?


- Andre

---
■ Synchronet ■ Radio Mentor BBS - bbs.radiomentor.org

Re: the nothing to hide a
By: Andre to MRO on Tue Feb 15 2022 09:05 pm

Re: the nothing to hide a
By: MRO to Nightfox on Tue Feb 15 2022 06:20 pm

that's why guest access to that shit should be turned off.

And miss out on all the insightful gems on FTN networks?

- Andre

my twitlisting and ip blocking is so fortified that i only see 3-4 people on dovenet.
---
■ Synchronet ■ ::: BBSES.info - free BBS services :::

Re: Re: the nothing to hide a
By: Moondog to Boraxman on Tue Feb 15 2022 11:44 am

Work sort of requires me to have one. More specifically, they expect me apps that don't work on mine. I generally can get away with it, but have to borrow my wifes to get an program set up or two. Why I would have to
Chinese company my phone number and name, so that someone who lives in t same city (and in some cases, works in the same office) can message me is beyond me. These people just don't think of how silly this is. I get pe complaining that I'm "uncontactable" despite having a phone, SMS, e-mail, teams, Zoom. But because I don't run this stupid other app which is prob tool for Chinese spying and surveillance, it causes problems.

I agree. Companies I have done work for also have a layer of management on the phone that allows for them to push apps tothe phone, and even wipe it remotely. I wouldn't want to get all comfy using my company cell for personal use, then lose everything due to a staff reduction.

I don't care if it is a work phone, I'd want them to give me one. They want me to install this on my own personal phone.

---
■ Synchronet ■ MS & RD BBs - bbs.mozysswamp.org

Re: the nothing to hide a
By: MRO to Nightfox on Tue Feb 15 2022 06:20 pm

Re: the nothing to hide a
By: Nightfox to Boraxman on Tue Feb 15 2022 08:33 am

Re: the nothing to hide a
By: Boraxman to SYS64738 on Tue Feb 15 2022 08:12 pm

Indeed. But I too have been caught by that, thinking that what was posted on a BBS, was for the BBS, only to find it comes up in a Goog search.

Yep.. Manye BBSes today have web interfaces where the public forum messa posted on a BBS can be read and searched on the web.

Nightfox

that's why guest access to that shit should be turned off.

Agreed. Guest access when you had to dial in made sense, but now, it opens yourself up for abuse.

---
■ Synchronet ■ MS & RD BBs - bbs.mozysswamp.org

Re: the nothing to hide a
By: Boraxman to MRO on Wed Feb 16 2022 06:34 pm

that's why guest access to that shit should be turned off.

Agreed. Guest access when you had to dial in made sense, but now, it opens yourself up for abuse.

i would never allow guest access. sign up real quick and look around and dont call back. you'll be auto deleted in x amount of days.
---
■ Synchronet ■ ::: BBSES.info - free BBS services :::

What perplexes me, is that there are people I know (admittedly few), who share these concerns, greatly, but still buy these items. One I know
will talk about Big Tech censorship, how Google skews its searches and manipulates us, but you can "Hey Google" in his house and Google
responds!

I think in part people arguing that privacy isn't important is a cope. They feel powerless, unwilling to fight or make the harder consumer choices to maintain freedom, so they just reorganise their values to
suit the situation pushed upon then.

No doubt. That is probably where the "I have nothing to hide" refrain comes from.

Re: Re: the nothing to hide a
By: Boraxman to Moondog on Wed Feb 16 2022 06:32 pm

Re: Re: the nothing to hide a
By: Moondog to Boraxman on Tue Feb 15 2022 11:44 am

Work sort of requires me to have one. More specifically, they expect apps that don't work on mine. I generally can get away with it, but h to borrow my wifes to get an program set up or two. Why I would have
Chinese company my phone number and name, so that someone who lives i same city (and in some cases, works in the same office) can message me beyond me. These people just don't think of how silly this is. I get complaining that I'm "uncontactable" despite having a phone, SMS, e-ma teams, Zoom. But because I don't run this stupid other app which is p tool for Chinese spying and surveillance, it causes problems.

I agree. Companies I have done work for also have a layer of management the phone that allows for them to push apps tothe phone, and even wipe it remotely. I wouldn't want to get all comfy using my company cell for personal use, then lose everything due to a staff reduction.

I don't care if it is a work phone, I'd want them to give me one. They want to install this on my own personal phone.

My personal affairs are mine, not the company's. Some companies have a "use your own device" option for those who have better equipment that they are issued, but I don't care for company spying and the ability to wipe my phone with no notice.

---
■ Synchronet ■ The Cave BBS - Since 1992 - cavebbs.homeip.net

Re: Re: the nothing to hide a
By: Otto Reverse to Boraxman on Wed Feb 16 2022 04:08 pm

What perplexes me, is that there are people I know (admittedly few), wh share these concerns, greatly, but still buy these items. One I know will talk about Big Tech censorship, how Google skews its searches and manipulates us, but you can "Hey Google" in his house and Google responds!

I think in part people arguing that privacy isn't important is a cope. They feel powerless, unwilling to fight or make the harder consumer choices to maintain freedom, so they just reorganise their values to suit the situation pushed upon then.

No doubt. That is probably where the "I have nothing to hide" refrain comes from.

Whenever people tell me they aren't fussed with monitoring and spying, I ask them for their phone, and if I can browse it. If they are saying they have nothing to hide, then lets prove it.



If they are OK with some anonymous person looking through their data, then surely someone they know and trust would be OK too.

Never had anyone comfortable with it yet. Good way to demonstrate they are really full of it.

Reminds me of this story, where there was a debate, and someone who was arguing against fiat money or something was saying that money was actually worthless. He put a $50 note on the table arguing it was worth nothing. His debate opponent then went to take it from here, whereup he quickly snatched it back!

---
■ Synchronet ■ MS & RD BBs - bbs.mozysswamp.org

Moondog wrote to Boraxman <=-

I agree. Companies I have done work for also have a layer of
management on the phone that allows for them to push apps tothe phone,
and even wipe it remotely. I wouldn't want to get all comfy using my company cell for personal use, then lose everything due to a staff reduction.

I had whitelisted my old phone for ActiveSync, and when I upgraded, needed
to install Microsoft Entune. It's great if you have work apps that aren't on the play store, but for a company that doesn't reimburse for BYOD, it's a little heavy-handed; if you're going to install your infrastructure on my phone to give me the "privelige" of keeping abreast of workflow and potentially monitor my activity, you should at least pitch in for my cell phone plan.





... SURELY NOT EVERYONE WAS KUNG FU FIGHTING
--- MultiMail/DOS v0.52
■ Synchronet ■ .: realitycheckbbs.org :: scientia potentia est :.

Re: the nothing to hide a
By: MRO to Nightfox on Tue Feb 15 2022 06:20 pm

Yep.. Manye BBSes today have web interfaces where the public forum

that's why guest access to that shit should be turned off.

Where is an example of this? So far, I only know of MajorBBS that puts the BBS messages in a web forum as well. What BBSes do you know that have their messages web accessible?

---
■ Synchronet ■ Final Zone BBS - finalzone.ddns.net - www.xadara.com

Re: Re: the nothing to hide a
By: Otto Reverse to Boraxman on Wed Feb 16 2022 04:08 pm

Got nothing to hide? Then get naked!

---
■ Synchronet ■ Final Zone BBS - finalzone.ddns.net - www.xadara.com

Re: the nothing to hide a
By: Phigan to MRO on Sat Feb 26 2022 09:25 pm

Where is an example of this? So far, I only know of MajorBBS that puts the BBS messages in a web forum as well. What BBSes do
you know that have their messages web accessible?

Synchronet itself does this.

Mewcenary.

---
■ Synchronet ■ Extricate BBS - bbs.extricate.org

Re: the nothing to hide a
By: Phigan to MRO on Sat Feb 26 2022 09:25 pm

Re: the nothing to hide a
By: MRO to Nightfox on Tue Feb 15 2022 06:20 pm

Yep.. Manye BBSes today have web interfaces where the public forum

that's why guest access to that shit should be turned off.

Where is an example of this? So far, I only know of MajorBBS that puts the BBS messages in a web forum as well. What BBSes do you know that have their messages web accessible?

Most Synchronet BBSes (e.g. web.synchro.net).
--
digital man (rob)

Sling Blade quote #20:
Doyle: Hey is this the kind of retard that drools and rubs shit in his hair? Norco, CA WX: 50.4°F, 24.0% humidity, 0 mph NE wind, 0.00 inches rain/24hrs

---
■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net

--- DIGITAL MAN wrote ---
Re: the nothing to hide a
By: Phigan to MRO on Sat Feb 26 2022 09:25 pm

that's why guest access to that shit should be turned off.

Where is an example of this? So far, I only know of MajorBBS that puts

the

BBS messages in a web forum as well. What BBSes do you know that have

their

messages web accessible?

Most Synchronet BBSes (e.g. web.synchro.net).
--

I used to have a web interface. I should bring it back. I had it because I worked for EDS at the time and they had a proper firewall.

I used to voice validate users. In 1985.


---
* TARDIS BBS - Home of QUARKware * telnet bbs.cortex-media.info

Mewcenary wrote to Phigan <=-

Where is an example of this? So far, I only know of MajorBBS that puts the

BBS messages in a web forum as well. What BBSes do

you know that have their messages web accessible?

Synchronet itself does this.

Well, assuming the sysop wants it to.

My BBS is not web-accessible.



... Gone crazy, be back later, please leave message.
--- MultiMail/Linux v0.52
■ Synchronet ■ Palantir BBS * palantirbbs.ddns.net * Pensacola, FL

Re: the nothing to hide a
By: Phigan to MRO on Sat Feb 26 2022 09:25 pm

Re: the nothing to hide a
By: MRO to Nightfox on Tue Feb 15 2022 06:20 pm

Yep.. Manye BBSes today have web interfaces where the public forum

that's why guest access to that shit should be turned off.

Where is an example of this? So far, I only know of MajorBBS that puts the B messages in a web forum as well. What BBSes do you know that have their messages web accessible?

Echicken's one comes to mind, the first of all.

--
gopher://gopher.richardfalken.com/1/richardfalken

---
■ Synchronet ■ Palantir BBS * palantirbbs.ddns.net * Pensacola, FL

Re: the nothing to hide a
By: Phigan to MRO on Sat Feb 26 2022 09:25 pm

Re: the nothing to hide a
By: MRO to Nightfox on Tue Feb 15 2022 06:20 pm

Yep.. Manye BBSes today have web interfaces where the public forum

that's why guest access to that shit should be turned off.

Where is an example of this? So far, I only know of MajorBBS that puts the BBS messages in a web forum as well. What BBSes do you know that have their messages web accessible?

synchronet's web interface.
a2k bbs has a nice web interface for msgs too.
there's a few fidonet on the web websites.

i didnt see a majorbbs that puts bbs msgs in a web forum

i used to link my msg bases to vbulletin via nntp plugin and nightfox did also. i got the idea from hax0r from hax0r's palace.
---
■ Synchronet ■ ::: BBSES.info - free BBS services :::

Got nothing to hide? Then get naked!

Be glad this is a text-only medium! lol

Re: the nothing to hide a
By: Arelor to Phigan on Sun Feb 27 2022 11:03 am

Re: the nothing to hide a
By: Phigan to MRO on Sat Feb 26 2022 09:25 pm

Re: the nothing to hide a
By: MRO to Nightfox on Tue Feb 15 2022 06:20 pm

Yep.. Manye BBSes today have web interfaces where the public forum

that's why guest access to that shit should be turned off.

Where is an example of this? So far, I only know of MajorBBS that puts th messages in a web forum as well. What BBSes do you know that have their messages web accessible?

Echicken's one comes to mind, the first of all.

--
gopher://gopher.richardfalken.com/1/richardfalken

And a nice layout that echicken's web forum interface has also. The best that I know of.

Sincerely,
Jon Justvig
Stepping Stone BBS
telnet://steppingstonebbs.com

---
■ Synchronet ■ Stepping Stone BBS - steppingstonebbs.com

Re: the nothing to hide a
By: Arelor to Phigan on Sun Feb 27 2022 11:03 am

Where is an example of this? So far, I only know of MajorBBS that puts
the B messages in a web forum as well. What BBSes do you know that
have their messages web accessible?

Echicken's one comes to mind, the first of all.

Many Synchronet BBSes have their messages available via the web. Many Synchronet sysops choose to enable this by forwarding the web port to their BBS machine. But a sysop could easily disable that functionality by not forwarding the web port, and I'm sure there's also a setting in Synchronet to have it not run its web server.

Nightfox

---
■ Synchronet ■ Digital Distortion: digitaldistortionbbs.com

Re: the nothing to hide a
By: cr1mson to Arelor on Sun Feb 27 2022 01:39 pm

And a nice layout that echicken's web forum interface has also. The best that I know of.

I used to run vBulletin on Apache with the plug-in that linked it with my BBS via Synchronet's news server, but I decided to stop doing that. I think echicken's webv4 started to approach the kind of functionality included in things like vBulletin, so I didn't really think it was worth it to continue paying for vBulletin's ongoing fees.

Nightfox

---
■ Synchronet ■ Digital Distortion: digitaldistortionbbs.com

Re: the nothing to hide a
By: Nightfox to Arelor on Sun Feb 27 2022 03:57 pm

not forwarding the web port, and I'm sure there's also a setting in Synchronet to have it not run its web server.

Startup sbbs with "w-" to disable the webserver.

From the Windows Sync control panel there's a "Web" menu. Uncheck auto start.


- Andre

---
■ Synchronet ■ Radio Mentor BBS - bbs.radiomentor.org

Re: Re: the nothing to hide a
By: Otto Reverse to Phigan on Sun Feb 27 2022 10:40 am

Got nothing to hide? Then get naked!

Be glad this is a text-only medium! lol

good thing you didn't hear of paul casey.
---
■ Synchronet ■ ::: BBSES.info - free BBS services :::

Re: the nothing to hide a
By: cr1mson to Arelor on Sun Feb 27 2022 01:39 pm

Re: the nothing to hide a
By: MRO to Nightfox on Tue Feb 15 2022 06:20 pm

Yep.. Manye BBSes today have web interfaces where the public forum

that's why guest access to that shit should be turned off.

Where is an example of this? So far, I only know of MajorBBS that puts th messages in a web forum as well. What BBSes do you know that have their messages web accessible?

Echicken's one comes to mind, the first of all.

--
gopher://gopher.richardfalken.com/1/richardfalken

And a nice layout that echicken's web forum interface has also. The best that I know of.

you really think that's better than steve wynn's at2k design?

https://i.imgur.com/G6X4CQK.png

https://i.imgur.com/PkPSmM7.png

https://i.imgur.com/hapUUWb.png


i know you've seen it.

i've always liked it. also it's nice and fast. i think it's the perfect design for a web interface to a bbs.
---
■ Synchronet ■ ::: BBSES.info - free BBS services :::

Re: the nothing to hide a
By: Nightfox to Arelor on Sun Feb 27 2022 03:57 pm

Many Synchronet BBSes have their messages available via the web. Many Synchronet sysops choose to enable this by forwarding the web port to their BBS machine. But a sysop could easily disable that functionality by not forwarding the web port, and I'm sure there's also a setting in Synchronet to have it not run its web server.

no. you just turn off guest access to the msg base so the msg bases arent crawled by a search bot.
---
■ Synchronet ■ ::: BBSES.info - free BBS services :::

Re: the nothing to hide a
By: Nightfox to cr1mson on Sun Feb 27 2022 04:00 pm

I used to run vBulletin on Apache with the plug-in that linked it with my BBS via Synchronet's news server, but I decided to stop doing that. I think echicken's webv4 started to approach the kind of functionality included in things like vBulletin, so I didn't really think it was worth it to continue paying for vBulletin's ongoing fees.

oh you paid? that's one thing i didnt do.

i liked it. it was just cludged together.
also, nobody used it. it looked great and it was cool but nobody used it.
---
■ Synchronet ■ ::: BBSES.info - free BBS services :::

On 02-26-22 21:25, Phigan wrote to MRO <=-

Where is an example of this? So far, I only know of MajorBBS that puts
the BBS messages in a web forum as well. What BBSes do you know that
have their messages web accessible?

Synchronet is another.


... But that trick never works! -Rocky
--- MultiMail/Win v0.52
■ Synchronet ■ Freeway BBS, Bendigo Australia. freeway.apana.org.au

On 02-27-22 15:57, Nightfox wrote to Arelor <=-

Many Synchronet BBSes have their messages available via the web. Many Synchronet sysops choose to enable this by forwarding the web port to their BBS machine. But a sysop could easily disable that functionality
by not forwarding the web port, and I'm sure there's also a setting in Synchronet to have it not run its web server.

I love (not) how people assume we're all running behind a NAT. What port forwarding? ;)


... Let us drink deep for death is inevitable.
--- MultiMail/Win v0.52
■ Synchronet ■ Freeway BBS, Bendigo Australia. freeway.apana.org.au

Re: Re: the nothing to hide a
By: Vk3jed to Nightfox on Mon Feb 28 2022 03:42 pm

Many Synchronet BBSes have their messages available via the web.
Many Synchronet sysops choose to enable this by forwarding the web
port to their BBS machine. But a sysop could easily disable that
functionality by not forwarding the web port, and I'm sure there's
also a setting in Synchronet to have it not run its web server.

I love (not) how people assume we're all running behind a NAT. What port forwarding? ;)

You have all your ports exposed publicly to the internet? Or perhaps there's an alternative to NAT that I'm not aware of..?
I thought pretty much everyone with internet at home would be using a router, and I thought NAT a standard feature of a router for some level of protection.

Nightfox

---
■ Synchronet ■ Digital Distortion: digitaldistortionbbs.com

Re: Re: the nothing to hide a
By: Nightfox to Vk3jed on Sun Feb 27 2022 10:25 pm

You have all your ports exposed publicly to the internet?

On my BBS computers, yes.
--
digital man (rob)

Sling Blade quote #17:
Charles Bushman: A shovel just makes too goddamned much racket.
Norco, CA WX: 62.3°F, 12.0% humidity, 2 mph ENE wind, 0.00 inches rain/24hrs

---
■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net

Re: Re: the nothing to hide a
By: Nightfox to Vk3jed on Sun Feb 27 2022 10:25 pm

You have all your ports exposed publicly to the internet? Or perhaps there's an alternative to NAT that I'm not aware of..?
I thought pretty much everyone with internet at home would be using a router, and I thought NAT a standard feature of a router
for some level of protection.

Numerous BBS systems are run directly with public IPs now via cloud solutions.

Also, although rare, some broadband providers allow a _range_ of public IPs to be allocated to consumers, so it's possible to dedicate one of these to a BBS host.

Synchronet doesn't come security hardened out of the box (I'd argue it should, maybe I should submit a pull request on this :-) ), but there is an article on Hardening on the Wiki.

Mewcenary.

---
■ Synchronet ■ Extricate BBS - bbs.extricate.org

Re: Re: the nothing to hide a
By: Nightfox to Vk3jed on Sun Feb 27 2022 10:25 pm

Re: Re: the nothing to hide a
By: Vk3jed to Nightfox on Mon Feb 28 2022 03:42 pm

Many Synchronet BBSes have their messages available via the web.
Many Synchronet sysops choose to enable this by forwarding the web
port to their BBS machine. But a sysop could easily disable that
functionality by not forwarding the web port, and I'm sure there's
also a setting in Synchronet to have it not run its web server.

I love (not) how people assume we're all running behind a NAT. What por forwarding? ;)

You have all your ports exposed publicly to the internet? Or perhaps there' an alternative to NAT that I'm not aware of..?
I thought pretty much everyone with internet at home would be using a router and I thought NAT a standard feature of a router for some level of protectio

Nightfox

Many rural areas have homes with a single computer in them. Village grandpas just skip the router and connect their computer directly to the ethernet link their ISPs give them. A router does not make much sense if you are only using a single computer.

Besides, with IPV6 a computer may have an Internet routable address and be completely exposed while being behind a router anyway.

--
gopher://gopher.richardfalken.com/1/richardfalken

---
■ Synchronet ■ Palantir BBS * palantirbbs.ddns.net * Pensacola, FL

Re: the nothing to hide a
By: Nightfox to cr1mson on Sun Feb 27 2022 04:00 pm

Re: the nothing to hide a
By: cr1mson to Arelor on Sun Feb 27 2022 01:39 pm

And a nice layout that echicken's web forum interface has also. The bes that I know of.

I used to run vBulletin on Apache with the plug-in that linked it with my BB via Synchronet's news server, but I decided to stop doing that. I think echicken's webv4 started to approach the kind of functionality included in things like vBulletin, so I didn't really think it was worth it to continue paying for vBulletin's ongoing fees.

Nightfox

I actually remember that from way-back. I too used your script with Synchonet and vBulletin. It was nice to import SBBS users into the forum and transfer messages between the two. That was quite nice back then. But ya, things have changed since then and echicken's approach fulfills certainly my needs as well as others. I still use the legacy telnet to write messages but it's nice to have a web-base forum with messages too that don't use telnet and particularly like the web side of things.

Sincerely,
Jon Justvig
Stepping Stone BBS
telnet://steppingstonebbs.com

---
■ Synchronet ■ Stepping Stone BBS - steppingstonebbs.com

Re: Re: the nothing to hide a
By: Vk3jed to Nightfox on Mon Feb 28 2022 03:42 pm

On 02-27-22 15:57, Nightfox wrote to Arelor <=-

Many Synchronet BBSes have their messages available via the web. Many Synchronet sysops choose to enable this by forwarding the web port to their BBS machine. But a sysop could easily disable that functionality by not forwarding the web port, and I'm sure there's also a setting in Synchronet to have it not run its web server.

I love (not) how people assume we're all running behind a NAT. What port forwarding? ;)

well, we're assuming people here are somewhat powerusers, and they have multiple computers and devices. also it helps to have some type of hardware firewall up.
---
■ Synchronet ■ ::: BBSES.info - free BBS services :::

Re: the nothing to hide a
By: cr1mson to Nightfox on Mon Feb 28 2022 03:52 am

I actually remember that from way-back. I too used your script with Synchonet and vBulletin. It was nice to import SBBS users into the forum and transfer messages between the two. That was quite nice back then. But ya, things have changed since then and echicken's approach fulfills certainly my needs as well as others. I still use the legacy telnet to write messages but it's nice to have a web-base forum with messages too that don't use telnet and particularly like the web side of things.

well another thing that was nice is the search feature of vbulletin.
vbulletin is good software. the nntp plugin not so good.it worked most of the time. it's just old and meant for an older version of vbulletin.
---
■ Synchronet ■ ::: BBSES.info - free BBS services :::

On 02-27-22 22:25, Nightfox wrote to Vk3jed <=-

You have all your ports exposed publicly to the internet? Or perhaps there's an alternative to NAT that I'm not aware of..? I thought pretty much everyone with internet at home would be using a router, and I
thought NAT a standard feature of a router for some level of
protection.

NAT != security. You've fallen for the big myth that NAT is somehow more secure. All it does is screw up some protocols (FTP anyone?), and puts arbitrary limits on incoming traffic (2 BBSs on the same port, NO WAY!).

NAT is an ugly hack to help with IPv4 shortages.

First defence is only have the services (daemons) you need running and listening only on the IP/port combinations you want. If further limiting of access is needed, then there's this wonderful thing called a firewall. ;) iptables on Linux does an excellent job, and even Windows Firewall doesn't do a bad job, if properly configured.


... You were sent here as a warning to others, weren't you?
--- MultiMail/Win v0.52
■ Synchronet ■ Freeway BBS, Bendigo Australia. freeway.apana.org.au

On 02-28-22 05:03, MRO wrote to Vk3jed <=-

well, we're assuming people here are somewhat powerusers, and they have multiple computers and devices. also it helps to have some type of hardware firewall up. ---

That still doesn't necessarily mean NAT. Firewalls have been around _much_ longer than NAT.


... People are always available for work in the past tense.
--- MultiMail/Win v0.52
■ Synchronet ■ Freeway BBS, Bendigo Australia. freeway.apana.org.au

Re: Re: the nothing to hide a
By: Vk3jed to MRO on Fri Mar 04 2022 06:57 pm

On 02-28-22 05:03, MRO wrote to Vk3jed <=-

well, we're assuming people here are somewhat powerusers, and they have multiple computers and devices. also it helps to have some type of hardware firewall up. ---

That still doesn't necessarily mean NAT. Firewalls have been around _much_ longer than NAT.

... People are always available for work in the past tense.

so what are we arguing about? you neek saying NAT over and over again. that's all i'm geting.
---
■ Synchronet ■ ::: BBSES.info - free BBS services :::

Re: Re: the nothing to hide a
By: Vk3jed to MRO on Fri Mar 04 2022 06:57 pm

well, we're assuming people here are somewhat powerusers, and they
have multiple computers and devices. also it helps to have some
type of hardware firewall up. ---

That still doesn't necessarily mean NAT. Firewalls have been around _much_ longer than NAT.

Probably does. Most home users only have a single IP.

Firewalls only preceeded NAT by few years, and stateful firewalls came a couple years after NAT.


- Andre

---
■ Synchronet ■ Radio Mentor BBS - bbs.radiomentor.org

Re: Re: the nothing to hide a
By: Vk3jed to Nightfox on Fri Mar 04 2022 06:55 pm

thought pretty much everyone with internet at home would be using a
router, and I thought NAT a standard feature of a router for some
level of protection.

NAT != security. You've fallen for the big myth that NAT is somehow more secure. All it does is screw up some protocols (FTP anyone?), and puts arbitrary limits on incoming traffic (2 BBSs on the same port, NO WAY!).

You're both conflating NAT and PAT, and neither of them screw up protocols. Stateful firewalls screw up protocols if they're misconfigured and not tracking the full conversation.

;) iptables on Linux does an excellent job

The only thing IPTABLES is good at is that it's stable and free. It's archaic and damn near useless for anything other than port blocking and logging traffic.


- Andre

---
■ Synchronet ■ Radio Mentor BBS - bbs.radiomentor.org

Re: Re: the nothing to hide a
By: Andre to Vk3jed on Fri Mar 04 2022 05:41 am

The only thing IPTABLES is good at is that it's stable and free. It's archai and damn near useless for anything other than port blocking and logging traffic.

I am more of a pf fan than an iptables fan, but Iptables is actually fine for redirecting, man-in-the-middleing and doing other tricks other than blocking and logging.

--
gopher://gopher.richardfalken.com/1/richardfalken

---
■ Synchronet ■ Palantir BBS * palantirbbs.ddns.net * Pensacola, FL

I am more of a pf fan than an iptables fan, but Iptables is actually fine for redirecting, man-in-the-middleing and doing other tricks other than blocking and logging.

Yes, but that's not IPTABLES doing any of that. All it's doing is managing packet routing and state (I know I'm oversimplifying it, but let's be
realistic about what people actually do with it most of the time).


- Andre

---
■ Synchronet ■ Radio Mentor BBS - bbs.radiomentor.org

Re: Re: the nothing to hide a
By: Andre to Arelor on Fri Mar 04 2022 08:22 am

I am more of a pf fan than an iptables fan, but Iptables is actually fine redirecting, man-in-the-middleing and doing other tricks other than blocki and logging.

Yes, but that's not IPTABLES doing any of that. All it's doing is managing packet routing and state (I know I'm oversimplifying it, but let's be realistic about what people actually do with it most of the time).

- Andre

If you want to split hairs, it is not Iptables doing that. It is Netfilter. Iptables is only loading rules into the kernel :-)

--
gopher://gopher.richardfalken.com/1/richardfalken

---
■ Synchronet ■ Palantir BBS * palantirbbs.ddns.net * Pensacola, FL

On 03-04-22 05:11, MRO wrote to Vk3jed <=-

so what are we arguing about? you neek saying NAT over and over again.

Maybe try reading the message. :)


... An Elephant; A Mouse built to government specifications.
--- MultiMail/Win v0.52
■ Synchronet ■ Freeway BBS, Bendigo Australia. freeway.apana.org.au

On 03-04-22 05:36, Andre wrote to Vk3jed <=-

That still doesn't necessarily mean NAT. Firewalls have been around _much_ longer than NAT.

Probably does. Most home users only have a single IP.

Another assumption - who says the BBS was going to be hosted at home? Sure, many are (including mine), but I could have used (and did consider using) a
PS.

Firewalls only preceeded NAT by few years, and stateful firewalls came
a couple years after NAT.

Sounds about right.


... Dachshund kennel ad: Get a long little doggie.
--- MultiMail/Win v0.52
■ Synchronet ■ Freeway BBS, Bendigo Australia. freeway.apana.org.au

On 03-04-22 05:41, Andre wrote to Vk3jed <=-

You're both conflating NAT and PAT, and neither of them screw up protocols. Stateful firewalls screw up protocols if they're
misconfigured and not tracking the full conversation.

Hmm, what about active FTP? DCC (on IRC)? Just to name a couple that have been affected.


... Observe the procedures of a general alert.
--- MultiMail/Win v0.52
■ Synchronet ■ Freeway BBS, Bendigo Australia. freeway.apana.org.au

Re: Re: the nothing to hide a
By: Vk3jed to MRO on Sun Mar 06 2022 08:43 pm

On 03-04-22 05:11, MRO wrote to Vk3jed <=-

so what are we arguing about? you neek saying NAT over and over again.

Maybe try reading the message. :)

you: nat nat nat. it's not nat. nat nat nat
---
■ Synchronet ■ ::: BBSES.info - free BBS services :::

Vk3jed wrote to Nightfox <=-

On 02-27-22 22:25, Nightfox wrote to Vk3jed <=-

NAT != security. You've fallen for the big myth that NAT is somehow
more secure. All it does is screw up some protocols (FTP anyone?), and puts arbitrary limits on incoming traffic (2 BBSs on the same port, NO WAY!).

It's in no way a secure model, but I liked my first setup, where I had a single IP address and a Linux box with 2 network cards. I ran all of my services on the box directly with iptables running, and NATed the rest of my lan over the second card.

Easy, less hassle with NAT, and everything worked.

Admittedly, this was in kindler, gentler times.



... No ceremonies are necessary.
--- MultiMail/DOS v0.52
■ Synchronet ■ .: realitycheckbbs.org :: scientia potentia est :.

Re: Re: the nothing to hide a
By: MRO to Vk3jed on Sun Mar 06 2022 08:18 am

Re: Re: the nothing to hide a
By: Vk3jed to MRO on Sun Mar 06 2022 08:43 pm

On 03-04-22 05:11, MRO wrote to Vk3jed <=-

so what are we arguing about? you neek saying NAT over and over
again.

Maybe try reading the message. :)

you: nat nat nat. it's not nat. nat nat nat

All these nats. I think someone needs to start spraying for bugs.
---

Sincerely,
Jon Justvig
Stepping Stone BBS
telnet://steppingstonebbs.com
http://steppingstonebbs.com
---
■ Synchronet ■ Stepping Stone BBS - steppingstonebbs.com

On 03-04-22 06:56, poindexter FORTRAN wrote to Vk3jed <=-

It's in no way a secure model, but I liked my first setup, where I had
a single IP address and a Linux box with 2 network cards. I ran all of
my services on the box directly with iptables running, and NATed the
rest of my lan over the second card.

Easy, less hassle with NAT, and everything worked.

Yeah not a bad option, if you need only one IP. And there's other ways to harden Internet facing systems, if needed.


... Command not found. Damn, it was here a minute ago... hold on...
--- MultiMail/Win v0.52
■ Synchronet ■ Freeway BBS, Bendigo Australia. freeway.apana.org.au

Quoting Boraxman to Ogg <=-

I totally agree. We don't expect privacy so it isn't an issue for many
people.

I'm a quad, and I have Amazon Services throughout the house. For myself,
the abdication of my privacy isn't a convenience, it is how I can be as independent as I can.

Security v. Freedom is a lofty argument. The more something is secure, the
less freedom we have. Many people forget this and want 100% of both. Well, there is nothing that is ever 100% secure nor is there anything that is
ever 100% free -- I think of how much a "free" dog costs in medical bills
after the fact.

The best someone can do is strive to strike a balance between the two.

However, for most people, they don't understand the concept of IoT and
never update their TVs, refrigerators, toasters, you name it. Whatever they have in their LANs that pull an IP is vulnerable and a security risk.

People also don't value their information. They don't understand that the myriad of trash they are getting in their email or twit feed, etc. is
largely their own making.

Before we can increase electronic security, we need the public to be
educated on what electronic security touches. I think the average person
would be confounded and overwhelmed with some of the specifics.

Jazzy J


* AmyBW v2.16 *
... I use Windows... on my car, on my house, but not on my computer!

---
■ Synchronet ■ BayouBBS.Net, Ports 23, 6401 and 6402

Jazzy J wrote to Boraxman <=-

@MSGID: <622DDCFC.2296.dove-internet@jayscafe.net>
@REPLY: <62084A5E.5205.dove-int@bbs.mozysswamp.org>

Quoting Boraxman to Ogg <=-

I totally agree. We don't expect privacy so it isn't an issue for many people.

I'm a quad, and I have Amazon Services throughout the house. For
myself, the abdication of my privacy isn't a convenience, it is how I
can be as independent as I can.

Security v. Freedom is a lofty argument. The more something is secure,
the less freedom we have. Many people forget this and want 100% of
both. Well, there is nothing that is ever 100% secure nor is there anything that is ever 100% free -- I think of how much a "free" dog
costs in medical bills after the fact.

The best someone can do is strive to strike a balance between the two.

However, for most people, they don't understand the concept of IoT and never update their TVs, refrigerators, toasters, you name it. Whatever they have in their LANs that pull an IP is vulnerable and a security
risk.

People also don't value their information. They don't understand that
the myriad of trash they are getting in their email or twit feed, etc.
is largely their own making.

Before we can increase electronic security, we need the public to be educated on what electronic security touches. I think the average
person would be confounded and overwhelmed with some of the specifics.

Jazzy J

Who is going to educate the public though? There is no real incentive for the companies selling these products to do it, in fact, they would thrive of ignorance and lack of knowledge, as people would default to just purchasing something to fix a problem.

I think people don't care because they don't want to have to fight, or be inconvenienced. So instead they try to rationalise away giving away their privacy and control.

I'm not optimistic about where technology and our relationship is going, not at all.

... MultiMail, the new multi-platform, multi-format offline reader!
--- MultiMail/Linux v0.52
■ Synchronet ■ MS & RD BBs - bbs.mozysswamp.org

Re: the nothing to hide a
By: Digital Man to Phigan on Sun Feb 27 2022 01:33 am

Most Synchronet BBSes (e.g. web.synchro.net).

Aha, up there under "Forum". Not bad! I had not seen anyone set that up yet, only the telnet client in a web page thing. Going to check out themeability or whatever. Thanks :)

---
■ Synchronet ■ Final Zone BBS - finalzone.ddns.net - www.xadara.com