Skip to comments.
Should FreeRepublic be closed to anyone w/o an account on election day/night?
11-5-12
| Arcy
Posted on 11/05/2012 5:55:58 AM PST by Arcy
click here to read article
Navigation: use the links below to view more comments.
first previous 1-20, 21-40, 41-60, 61-80, 81-99 next last
To: Responsibility2nd; Arcy; BuckeyeTexan
Actually, on the walk over to work (yes, I live THAT close to work), I realized I spoke w/o coffee.
The authentication layer is already written. It's the login and cookie structure JohnRob already has in play. What we would do is the AUTHORIZATION layer, which is a lot easier if all you are doing is granting access to pages. I've never 'had it that easy', I've always had to have RBAC (Rules-Based Access Control) down to the control- and menu-item level.
I won't claim it to be a five-minute fix, but it is a lot easier than it first struck me.
By the way, during my thinkwalk, I actually thought of a series of security holes that I bet JohnRob didn't think to plug, based on his authentication method. If he's not using SessionID on every page, he's vulnerable to a variety of spoofs and CSRF 'confused teller' attacks. Not a big deal, because the attacker would need to know A) which internet user was logged into FR to begin with, and B) the payoff is small, unless they happen to luck upon the session with Admin Mod, JimRob or JohnRob. So what if they hijack Laz's screen name, for example. All that would happen is Laz might not hit it for one day.
61
posted on
11/05/2012 6:46:03 AM PST
by
Lazamataz
(The Pravda Press has gone from 'biased' straight on through to 'utterly bizarre'.)
To: Responsibility2nd; Arcy; BuckeyeTexan
Actually, on the walk over to work (yes, I live THAT close to work), I realized I spoke w/o coffee.
The authentication layer is already written. It's the login and cookie structure JohnRob already has in play. What we would do is the AUTHORIZATION layer, which is a lot easier if all you are doing is granting access to pages. I've never 'had it that easy', I've always had to have RBAC (Rules-Based Access Control) down to the control- and menu-item level.
I won't claim it to be a five-minute fix, but it is a lot easier than it first struck me.
By the way, during my thinkwalk, I actually thought of a series of security holes that I bet JohnRob didn't think to plug, based on his authentication method. If he's not using SessionID on every page, he's vulnerable to a variety of spoofs and CSRF 'confused teller' attacks. Not a big deal, because the attacker would need to know A) which internet user was logged into FR to begin with, and B) the payoff is small, unless they happen to luck upon the session with Admin Mod, JimRob or JohnRob. So what if they hijack Laz's screen name, for example. All that would happen is Laz might not hit it for one day.
62
posted on
11/05/2012 6:47:10 AM PST
by
Lazamataz
(The Pravda Press has gone from 'biased' straight on through to 'utterly bizarre'.)
To: Rapscallion
Please announce the truth about Free Republic.What truth? Information on FR can be read by anyone; that's how most of us found the place to begin with. If you want to post a new thread or participate in an existing thread you have to take the effort to build an account and logon.
63
posted on
11/05/2012 6:47:10 AM PST
by
ken in texas
(I was taught to respect my elders but it keeps getting harder to find any.)
To: Arcy
Move FR over to one of these...
With bridged Cisco CP-DQPSK cards for OC-768 up/down network speeds...
64
posted on
11/05/2012 6:52:34 AM PST
by
Dead Corpse
(I will not comply.)
To: cripplecreek
I need to get me an account today over at DU if that is the case.
65
posted on
11/05/2012 6:53:32 AM PST
by
cornfedcowboy
(Trust in God, but empty the clip.)
To: Arcy
I don’t understand st00pid. Try again.
66
posted on
11/05/2012 6:55:30 AM PST
by
lefty-lie-spy
(Stay metal. For the Horde \m/("_")\m/ - via iPhone from Tokyo.)
To: bmwcyle
Actually, since it's a login/persistant cookie sort of authentication deal, it's not all that rough. I never really thought about the security of FR before because I never think in terms of doing her harm, but there are likely a lot of reasonably easy dodges around this model to get in behind the scenes. Maybe. Depends how much of his homework JohnRob did.
Even sniffing for passwords is (somewhat) reasonable on the http: non secure model we are presently on! Certs are obviously the way to go to prevent all that treachery.
I cannot be open about the Fed measures in place, for obvious reasons, but it is a very fascinating and pretty durned rugged setup they've got.
67
posted on
11/05/2012 6:56:35 AM PST
by
Lazamataz
(The Pravda Press has gone from 'biased' straight on through to 'utterly bizarre'.)
To: Arcy
It would also be adventageous to prevent the creation of new accounts on FR (starting now) until after the election to keep out the liberals who will certainly come here to explode in anger as elction results come in.What, and miss all the fun of their heads exploding???
;^)
68
posted on
11/05/2012 7:02:09 AM PST
by
JimRed
(Excise the cancer before it kills us; feed &water the Tree of Liberty! TERM LIMITS, NOW & FOREVER!)
To: cornfedcowboy
I need to get me an account today over at DU if that is the case. Funny you should say that; because, I tried it yesterday and this morning using different e-mail addresses and screen names and their side has yet to send me a log-in password for either acct. This tells me they are NOT allowing new account creation right now and will probably continue this practice until after election night.
69
posted on
11/05/2012 7:03:22 AM PST
by
Arcy
(When the righteous are in authority, the people rejoice; But when a wicked man rules, people groan.)
To: Lazamataz
If we just had our own geosync internet communication satellite.
70
posted on
11/05/2012 7:16:37 AM PST
by
bmwcyle
(45% to 47% of American voters are stupid)
To: All
This is what visitors to the site on election night should see and it's so easy to implement:
71
posted on
11/05/2012 7:18:16 AM PST
by
Arcy
(When the righteous are in authority, the people rejoice; But when a wicked man rules, people groan.)
Comment #72 Removed by Moderator
To: Arcy
Glad you decided not to quit FR
To: traditional1; All
It could be a DOS (Denial of Service) attack by a group that is dedicated to causing problems over here. One way to launch an attack like this is through the command line interface using the ping command and writing some code to generate a shower of these requests from multilple pc's. However, that can be PREVENTED easily by turning off response to pings via the server, which FreeRepublic has NOT done (novice security team) as evidenced by my successful ping just now (see below).
74
posted on
11/05/2012 7:52:04 AM PST
by
Arcy
(When the righteous are in authority, the people rejoice; But when a wicked man rules, people groan.)
To: BO Stinkss
Thanks. I had to go cool off for a while. :)
75
posted on
11/05/2012 8:09:42 AM PST
by
Arcy
(When the righteous are in authority, the people rejoice; But when a wicked man rules, people groan.)
To: Arcy
::sigh::: Third freakin attempt...
I don’t foresee such changes being implemented, but I’ll opine.
If it helps with traffic issues, I’m fine with disallowing new signups until after all returns are in.
WRT blocking mere lurkers from site access - I see no need to act as if we FReepers have something to be ashamed of. The DUmp is hardly an example to emulate.
Besides, FReepers themselves may be trying to take quick anonymous peeks throughout the day (ignoring of course that the site’ll be a parking lot even w/out logging in).
76
posted on
11/05/2012 8:15:55 AM PST
by
Titan Magroyne
(What one person receives without working for, another person must work for without receiving.)
To: Arcy
I don’t think FR should shut anybody out; I was a lurker for a few years before actually joining and I like the idea that this site is available to anybody who wants to read it and get educated. We are not at all like the Dumb-o-crats and their stinking site (thanks to the Grace of God) and therefore should be proud to have a site that anybody can check in with and see what we all think. I’m proud to be part of FREEREPUBLIC.
To: Old Grumpy
It would only be for one night.
78
posted on
11/05/2012 8:23:39 AM PST
by
Arcy
(When the righteous are in authority, the people rejoice; But when a wicked man rules, people groan.)
To: Lazamataz
I have zerpo knowledge of these things, but what I have read that makes the most sense is that the problem is the pipe - not anything internal to FR.
Is that even close to accurate? What solution, if it is?
Right now - mid morning on Election Day Eve, she’s feeling like she’s taking her last gasping breaths before expiration.
79
posted on
11/05/2012 8:24:03 AM PST
by
don-o
(He will not share His glory and He will NOT be mocked! Blessed be the name of the Lord forever.)
To: Arcy
80
posted on
11/05/2012 8:24:41 AM PST
by
tomkat
( PAlabama '12 = RR = 300 +)
Navigation: use the links below to view more comments.
first previous 1-20, 21-40, 41-60, 61-80, 81-99 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson