Re: lynx-dev anonymous usage of Lynx (was Arizona)

[brian j. pardy]

Philip Webb wrote:
> [ can we please try to keep Subjects straight? ]
> 
> 981009 Rick Lewis wrote: 
> > lynx is used by the Phoenix library to access magazine & newspaper
> > indices & articles using a site called proquest. Anyone accessing these
> > on the Phoenix dial-up is using Lynx, whether they know it or not. 
> > Also, the AzTeC independent Free-Net maintained, partially funded
> > & run by ASU uses Lynx as its only browser,
> > & 16,000 people throughout the state are active users. Both use 2.7b. 
> > As a member of AzTeC's Board of Directors, I can assure you
> > our users seem quite happy with the flexibility & functionality of lynx.
> > So the great work of lynx developers is appreciated! 
>  
> this is certainly very encouraging for all involved with Lynx development,
> but the problem remains: there is a serious cost in volunteer labor
> in protecting sites like yours from malicious users taking advantage
> of occasional security cracks which may sneak into Lynx
> & attempted security fixes can sometimes harm other types of user.
> moreover, site managers can easily limit damage to a minimum
> by running anonymous Lynx on a dedicated machine.

I think asking for a dedicated machine is often too much to ask for when
dealing with the sort of sites that are allowing anonymous access to users
for whatever reason. Said sites are probably (I'm assuming, having no real
experience) operated on little or no budget, and anything we can do to
make Lynx A) more secure in general, or B) make it a more usable program
for people providing this kind of service is a Good Thing to me.

People running sites allowing anonymous access to the net are a wonderful
thing, and I'd hate to see them be left out in the cold[1]. 

To me, Lynx is a way that I can attempt to give back to the community that
has provided so many things for me (the net, so much great free software,
friendships). I think the people that help others get on the net at their
own personal expense (time/money/etc) are doing quite possibly one of the
best things the net can have done for it. And anything I can do to help
these people out makes me feel good.

> Lynx started out on a campus freenet, but has long outgrown those origins
> & today tends to be installed -- a/a used -- mainly by individuals
> running Linux, Windows or DOS or shell-account users on UNIX (like me).
> there appears to be no-one currently developing Lynx
> who also runs an anonymous site & so is motivated to be security guru,
> so i'ld say we have to ask managers of sites with anonymous users
> to contribute their own time & skills to the effort insofar as they can:
> otherwise, they should not expect security vs anonymous miscreants
> to have any kind of priority in future Lynx development efforts.

That seems a curious thought given how much coaxing was required to get
you to attempt to debug the rcfile problem you were having. I don't think
any bug is an acceptable bug.

IMO, the one true sign of a program's success is when it is used in ways
the authors never dreamed of, so writing off one group's problems as
irrelevant seems wrong to me. Throwing a dedicated server at something
because it doesn't work right and can't be trusted is a rather
Microsoftian attitude.

-brian


[1] my dream, if you will, is to eventually run a freenet somewhere
    allowing this very thing, both to provide the net to people who
    otherwise wouldn't have access, and to help them learn. 

-- 
If God had a beard, he'd be a UNIX programmer.
"a handful of LEAFLETS would be better than MS' 'personal web server'" -E.