[svlug] anonymous file transfer -- non-FTP?

[wayne@qconcepts.net]

On Fri, 7 Jul 2000, J C Lawrence wrote:
> 
> Given DENT's apparent immaturity and BIND's overkill for most
> applications, I've been looking at DJB's DNSCache/djbdns as
> discussed:
> 
>   http://www.securityfocus.com/focus/sun/articles/dnscache.html
> 
> While all your caveats do apply, it also does appear a usefully
> constrained and controllable tool that doesn't have any direct
> comparables.

Unfortunately, I'm inclined to agree here. The man is an ass, and his
licenses are horrible, but his code works well. I've been using djbdns for
some time now (on Linux, and recently on FreeBSD). It works, and it works
well. 

For that matter, RMS can be an ass, but that doesn't stop me from using
emacs as well. ;-)

> Aside: DJB's continuously unstated contention in both his publicftp
> pages and elsewhere that any application that has ever had a
> security compromise is somehow inherently and eternally flawed is
> grating.  Most esspecially because the people who don't know how
> pompous that is or how valuable the simple fact that shortcomings
> have been found is(if only as evidence of scrutiny), will tend to
> swallow that authoritatian dogma without a blink and thus severely
> warp their view of system security and tool choice.  Bloody
> irresponsible.
> 

Agreed. You cannot ever prove software to be secure; all you can really
say is, to the best of your knowledge, it has yet to be compromised.
Bernstein's reward offer for compromising qmail was nothing more than yet
another "hack this server" marketing gimmic.

--
Wayne Earl <wayne at qconcepts.net>
http://www.qconcepts.net
gpg key fingerprint: 834E 07CB 4761 104D C005 E991 93D3 288E E406 52FE