[fpc-other] Last message about changes (guaranteed!)

[Jonas Maebe]

On 29 Sep 2012, at 14:36, Cephas Atheos wrote:

> How many of you reading this message could, say, at 6:30 tonight, fix a
> configuration problem on the mailing list server, if whoever usually looks
> after it got called away and was uncontactable? From where you sit right
> now? What about if a hacker logs in to the list and starts spamming the
> list? How long would it take to shut them down? Would it be possible to keep
> the list running? What if they got in all the FPC lists? How long would that
> take? And how long would the server be out of action while that was
> happening?
> 
> I've been there and done that, so I can imagine the chaos - unless you all
> know each other's phone numbers and you all know how to configure the list
> server so you can find out who the person is, shut them down, and lock them
> out, then find a way to identify and remove the messages, then bring up the
> server again, and so on.
> 
> On a properly set up forum, any one of you could log in, disable the
> account, remove all the messages, and prevent the user from logging in
> again, in less than a couple of minutes. From your iPhone.
> 
> While you're on the bus.
> 
> Tell me you can do that with your current software, and I'll shut up about
> forums for ever! :)

While I'm not opposed at all to switching web forum software (on the contrary, in fact), I think the above scenario comparison isn't exactly "equal opportunity". Several people have the mailing list admin password and can disable any account (or block mails based on regular expression matching) from anywhere with internet access using a web interface. Mailman, the mailing list software we use, is really quite easy and flexible to administer.

However, if the server were hacked that would probably not be enough. On the other hand, it probably wouldn't be enough either in case a forum server were hacked.


Jonas