Subj : WEB Access BBSes
To   : Michel Samson
From : Andy Ball
Date : Sun Oct 24 2004 08:58 pm

Hello Michel,

 MS> ~WEB~ BBSes are new to me, i thought i could tolerate this
   > interface but the obvious lack of security is what i'd call a
   > deterrent, in favour of plain old DialUp/~TelNet~ BBSing, i
   > mean...

Telnet sends your password, everything that the remote system sends for display
on your screen and everything that you type, to and from the remote host in
unencrypted clear text. How is this any more secure than an unencrypted HTTP
connection?

A Web interface to a BBS could also be made less insecure by making use of SSL
and HTTPS.  A text-based BBS could be made less insecure by enabling SSH and
disabling Telnet.

- Andy Ball.

* SLMR 2.1a *
--- BBBS/NT v4.01 Flag-5
# Origin: FamilyNet Sponsored by http://www.christian-wellness.net (8:8/2)
* Origin: BBS Networks @ www.bbsnets.com 808-839-6036 (1:10/345)