Ok I've had some time to poke at the code myself, and I'm both dissaponted and worried.
They don't just have the normal "don't validate user input/SQL injection" problems that every newbie makes.
They have flaws on their code that demonstrate a fundamental misunderstanding of some basic security ideas.
I'm not going to use or suggest anyone else use diasporia untill the project is taken over by people with some experience in the field.
Could this become something great? Sure, but it is nowhere near close enough. Heck it's not even in the same zip code.
It would require a Mozilla level organization adopting this for me to use a release of anything related to this.
-Terry
-----
"so listen up boy, or pornography starring your mother will be the second worst thing to happen to you today"
TF2: Spy
They don't just have the normal "don't validate user input/SQL injection" problems that every newbie makes.
They have flaws on their code that demonstrate a fundamental misunderstanding of some basic security ideas.
I'm not going to use or suggest anyone else use diasporia untill the project is taken over by people with some experience in the field.
Could this become something great? Sure, but it is nowhere near close enough. Heck it's not even in the same zip code.
It would require a Mozilla level organization adopting this for me to use a release of anything related to this.
-Terry
-----
"so listen up boy, or pornography starring your mother will be the second worst thing to happen to you today"
TF2: Spy