Topic: PunBB on NewsForge
We've made the big time: http://software.newsforge.com/article.p … 19/2014253
Congrats to all the contributors of PunBB!
You are not logged in. Please login or register.
PunBB Forums → PunBB 1.2 discussion → PunBB on NewsForge
We've made the big time: http://software.newsforge.com/article.p … 19/2014253
Congrats to all the contributors of PunBB!
Indeed an excellent article !!! We must go on ! PunBB is simply ... A REAL DREAM
nice write up.
Although of course it is a good feeling for us being amongst the PunBB pioneers I am not sure if I want to see it going down the mainstream.
The more people adopt it the more it will be a valuable target for hackers.
This might be still interesting from a developer point of view but if you just want to maintain 3-4 boards all you want is a good sleep.
I think that f.e. phpBB is not more or less buggy than a lot of other software out there but they get a lot of atention from the wrong people because they are so big...
I think that f.e. phpBB is not more or less buggy than a lot of other software out there but they get a lot of atention from the wrong people because they are so big...
I don't know enough about coding to know whether thats true or not. What I do wonder is why, if popularity is the key attraction for hackers, doesn't vBulletin get hacked as often as phpBB.
Sorry, I'm wandering vaguely off topic yet again.
Great article.
Looks great! Maybe more will get it now and contribute more making PunBB more of the Forums many will use.
I already thanked the author via e-mail, but if you're reading this. Thanks once again
I must admit though, that I don't read NewsForge. Not because I don't like it, but because I didn't know of it at all. /me adds RSS feed to Firefox bookmarks!
The more people adopt it the more it will be a valuable target for hackers.
This really doesn't worry me that much. Sure, people are bound to find new security issues in PunBB in the future, but I believe that even though more people use PunBB and thus, it becomes a more tempting target for "hackers", the frequency is going down. A lot due to the introduction of Stefan Esser's unregister_globals(). Most of the really serious vulnerabilities in the past have been register_globals related.
The introduction of extensions should also make a difference as it removes the main reason for people not wishing to apply security updates.
I must admit though, that I don't read NewsForge. Not because I don't like it, but because I didn't know of it at all. /me adds RSS feed to Firefox bookmarks!
I read this site everyday: http://lxer.com/ - it's where I learned of the NewsForge article.
Paul, I agree, once we have extensions and the new template system, updating will be easier.
As for popularity causing more hacks, I don't buy that. What I like of PunBB is the smaller code base, which is easier to manage and find security related issues.
What I do wonder is why, if popularity is the key attraction for hackers, doesn't vBulletin get hacked as often as phpBB.
Because it's closed source.
You have to either know somebody who would give you a copy or buy it to read the sources. This, of course, makes it less attrctive for hackers.
It should be mentioned though that it also makes it much less attractive for people to have alook at the sources to fix vulnerabilities = The old IE vs. FF story
I believe that even though more people use PunBB and thus, it becomes a more tempting target for "hackers", the frequency is going down
It probably does at the moment, don't know what's happening once we have as many people here as in the phpBB board
But don't get me wrong: It is not a bad thing to expose the sources to as many people as possible to find *all* them holes.
It was just a very personal view of one who likes his good sleep
You have to either know somebody who would give you a copy or buy it to read the sources.
Or download it illegally from any kind of file sharing network. Something most "hackers" will do happily.
PunBB Forums → PunBB 1.2 discussion → PunBB on NewsForge
Powered by PunBB, supported by Informer Technologies, Inc.