[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: lynx-dev lynx: ftp anonymous password

From: Doug Kaufman
Subject: Re: lynx-dev lynx: ftp anonymous password
Date: Fri, 15 Feb 2002 08:13:00 -0800 (PST)

On Fri, 15 Feb 2002, Eduardo Pérez wrote:

> I've seen that lynx sends the user name when doing ANONYMOUS ftp gets.
> I see a lot of problems:
> - Sending the user name if the user doesn't know that it's sent doesn't 
> protect the user state of ANONYMOUS
> - Spyware is not a good idea, most users don't like it.
> - Sending the user name helps SPAM instead of stopping it. Many ftp sites use 
> this information to send you unsolicited email.
> - Sending the user name doesn't help ftp sites to know who the cracker is, 
> crackers are not stupid to send their email address.
> - Sending the user name can be used to discriminate the user.

Perhaps I am old fashioned or I don't see the risks listed above, but
I don't see that this patch is a good idea. If we are to request free
use of the server's resources and they request our email address for
that use, it seems impolite not to supply it. There are still a few
servers who will not allow access if an invalid domain is given. My
specific comments about the above concerns:

If you are really concerned about anonymity, using lynx from your own
IP address without going through some anonymizing proxy doesn't make
sense either

By no stretch of the imagination does sending your email address
constitute "spyware" in the usual meaning of the word. Calling this
spyware confuses the spyware issue and may make it harer to fight true

Are there data that "many ftp sites" use the login data to send
unsolicited email?

Sending the email address is not supposed to help fight crackers. This
argument seems irrelevant.

FTP sites certainly have the right to exclude users who have abused
their services. I am not sure I call this discrimination.

Lynx users can always specify an invalid personal address in the option
menu if they don't want their true email address to be sent. 

What do they say about this topic in the*
newsgroups? Is there documentation of abuse to justify this change? If
so, I will withdraw objections, but I would like to see some data first.
Doug Kaufman
Internet: address@hidden

; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to address@hidden

reply via email to

[Prev in Thread] Current Thread [Next in Thread]