Subj : WEB Access, false BBS ID
To   : ANDY BALL
From : MICHEL SAMSON
Date : Mon Oct 25 2004 05:21 pm

Hi Andy,

     About "WEB Access BBSes" of October 24:

MS> ~WEB~ BBSes are new to me, i thought i could tolerate this interface
MS> but the obvious lack of security is what i'd call a deterrent, in
MS> favour of plain old DialUp/~TelNet~ BBSing, i mean...
AB> How is this any more secure than an unencrypted HTTP connection?

     You're invited to discuss that issue with concerned SysOps.  I'm in
favour of migrating from ~TelNet~ toward ~SSH~ interactive sessions, but
right now BBSers like me who don't know how to steal PassWords do have a
way to steal identities!  :(  I made sure the SysOp was advised, thanks.

AB> A text-based BBS could be made less insecure by enabling SSH...

     We're in perfect agreement over ~SSH~, not the removal of ~TelNet~.

                                                           Salutations,

                                                           Michel Samson
                                                           a/s Bicephale


.... Sometimes, the cost of new features is too high, really!  Is it not?
-!- MultiMail/MS-DOS v0.45 - Using DOS+TCP/IP+TelNet+ZMoDem/Kermit+.QWK!
--- Mail-ennium/32 v2.0-beta-r1
 * Origin: Mail-ennium/32 v2 Beta Coming Soon! (1:379/1200.0)

.