I am mostly curious. The BBS software itself doesnt need to handle this, it could be done by a door/alternative message reader like Opicron's RJAM or something else, which is kind of the beauty of PGP/GPG. It could even be done manually without a "client" at all with a little copy and paste.
Forgive me if this topic has been covered in the past. I am going to assume it has been, but maybe not for a long time. I see security related topics talked about here and there, but I don't think I've seen one related to this.
Have any BBSs implemented support for PGP or GPG to allow for end-to-end encryption of messages, locally and over FTNs? I've used it in email for many years (and wish I could influence more people to use it). Its "pretty good protection" from prying eyes snooping your messages. It might make users of a BBS feel "safer" knowing that their Sysop is not reading their
Have any BBSs implemented support for PGP or GPG to allow for end-to-end
protection" from prying eyes snooping your messages. It might make users of BBS feel "safer" knowing that their Sysop is not reading their messages, or any other Sysop between the origin and destination.
If you've EVER used a BBS, you'd know that email/messages on a BBS are
NOT private and can be read by the sysop. Anything on their system is free game, as it is THEIR system. It's a PERSONAL system, not a
company.
If you've EVER used a BBS, you'd know that email/messages on a BBS are NOT private and can be read by the sysop. Anything on their system is free game, as it is THEIR system. It's a PERSONAL system, not a company.
Private messages seem like a reasonable thing to consider here in 2023. A lot has changed since the 90s. Hell, even passwords on modern BBSes are encrypted, whereas classic softwares stored them in plaintext...something that feels pretty lame these days.
Then you get the sysops that watch your every move while you're on their boards. Don't even get me started. I guess if some sysops start BBSes because they want to eavesdrop and monitor what people do, more power to them. But if I were able to offer private messaging on my BBS in a secure fashion, I'd do it immediately.
--- Mystic BBS v1.12 A49 2023/02/26 (Linux/64)
* Origin: m O N T E R E Y b B S . c O M (21:4/173)
Then you get the sysops that watch your every move while you're on their boards. Don't even get me started. I guess if some sysops start BBSes
The only way I know/see if someone is online here is in the list of
active lines... IT's just not worth my time to watch what someone is doing....
Have any BBSs implemented support for PGP or GPG to allow for end-to-end encryption of messages, locally and over FTNs? I've used it in email for
number of people that they tend to avoid calling boards where sysops lurk and watch their every move.
If you want to be sure of privacy you could UUEncode (or similar) and the recipient could UUDecode the message when they get it.
If you want to be sure of privacy you could UUEncode (or similar) and the
recipient could UUDecode the message when they get it.
Others will likely point this out too, but I didn't see any such responses yet UUencode is not encryption. It's just a way to encode arbitrary binary data into a subset of ASCII characters that are more universally transferrable. Base64 and yEnce are similar solutions to the same problem - nothing to do with privacy.
Wait how would you know if your BBS is doing that?
The only way I know/see if someone is online here is in the list of
active lines... IT's just not worth my time to watch what someone is
doing....
My BBS runs on a remote VPS so it would take concerted effort for me to
try to eavesdrop on a user. I wonder if I should advertise that "no
Wait how would you know if your BBS is doing that?
If every time you call a certain BBS, the sysop jumps into chat with you. That's a lurker. And it's something I (and many others) try to avoid when calling out :)
If every time you call a certain BBS, the sysop jumps into chat with you. That's a lurker. And it's something I (and many others) try to avoid when calling out :)
My BBS runs on a remote VPS so it would take concerted effort for me t try to eavesdrop on a user. I wonder if I should advertise that "no
It's not hard when you run mystic.. Just ssh into your vps, and run nodespy...
It's not hard when you run mystic.. Just ssh into your vps, and run nodespy...
I assert sshing into a VPS and waiting around for someone to dial in so
I can run nodespy counts as a "concerted effort" - especially when comparing to the.
can run nodespy counts as a "concerted effort" - especially when comparing to the.
Comparing to the? The what?
It's not hard when you run mystic.. Just ssh into your vps, andsomeone to dial in so I can run nodespy counts as a "concerted effort"
run nodespy... I assert sshing into a VPS and waiting around for
- especially when comparing to the.
No idea why this was cut off, but it was supposed to be "especially when comparing to the old days when we knew someone connected to our BBS
because we heard the phone ring" :P
If you've EVER used a BBS, you'd know that email/messages on a BBS are
NOT private and can be read by the sysop. Anything on their system is free game, as it is THEIR system. It's a PERSONAL system, not a
company.
Ganiman wrote to Exodus <=-
Below is my key if someone wants to try and send me a test message over Netmail. Ganiman(21:3/174)
Sysop: | Weed Hopper |
---|---|
Location: | Clearwater, FL |
Users: | 14 |
Nodes: | 6 (0 / 6) |
Uptime: | 229:51:11 |
Calls: | 55 |
Calls today: | 1 |
Files: | 50,127 |
D/L today: |
22 files (2,430K bytes) |
Messages: | 275,333 |