Dan Trainor wrote:
Jochem Maas wrote:
...
I don't think that this is an issue that is specific to pr0n. Sure, the
first thing that we think of when we hear a traded login is actually
pr0n, but it is most definately not limited to this arena.
does anybody know whether pr0n sites have a much higher 'cheat'
percentage (regarding traded/cracked logins) than other kinds of sites..
for instance does the NewYorkTimes have major problems like this?
(I'll bet that regardless of whether NYT has these problems they are a
very expensive custom system in place to mitigate the problem!?)
I appreciate the kind words mentioned by Jochem and Mikey. They see
through the whole stereotypical "I have a username and password" thing
and understand the true technical reasoning behind my question.
we understand the issues, we know that the topic appears regularly - and
that there are various bits of code out on the web that try to do, mostly
we are aware that its not 100% possible, and that doing it to some acceptable
level of approximation is hard... either you write it or you pay some to
write it... why? simply because only monkeys work for nothing while you rake it
in - unfortunately monkeys can't program (yet).
I think Richard Lynch already pointed that out but you didn't seem to get it.
(Also your explaination of what Open Source is showed a rather
Microsoftesque (i.e. purely economic) understanding of the concept - more's the pity)
To address Mikey's question - I am not looking for a way to uniquely
identify users. For one, it's just not possible. On top of that, the
vast majority of members with to stay anonymous for reasons that I am
not even going to begin to state on this list, because we all know where
that will end up.
true enough - sad to say we live in a world where looking at the 'wrong'
picture can cost you your job/reputation - then again if you're oggling
kiddiepr0n maybe you need a visit from the authorities.
double-edged sword and all that.
then again exactly how anonymous is a creditcard transaction!
I am trying to ensure that one login and one password are specific to
one client. Several methods of this include making sure that not more
than two IPs use a specific login/password throughout a pre-set
threshold, and on top of this, the automatic blocking of IPs that
attempt brute-force style attacks. These two items alone would be an
invaluable tool in the assurance that logins and passwords are not abused.
true enough...
on a side note: maybe Dan would have been better off never mentioning his
line of business - then nobody would have been any wiser?
also you Dan, you might want to be careful how you use the word Rasmus around here
<quote>
Rasmus? Waht's he got to do with anything?
</quote>
regardless of the context you say stuff like that in, its probably not going to go
down too well on this list...
(you might get away with it if your name was Zeev, Andi, Wez, etc)
Thanks again
-dant
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php