[OS X TeX] [OT] All about P2P (was: MacTeX-2008 Status)
Adam R. Maxwell
amaxwell at mac.com
Thu Sep 4 10:41:53 EDT 2008
On Sep 4, 2008, at 3:38 AM, Thomas Bohn wrote:
> On 4 Sep 2008, at 05:09, Adam R. Maxwell wrote:
>> Requesting data from an http/ftp/nntp server is a bit different
>> from opening up your filesystem to people all over the world,
> You don't. At least not with BitTorrent, this protocol gives access
> to the file(s) in question nothing else. It is to my knowledge not
> possible to access other files, except those described in the
> BitTorrent file.
Be that as it may, you are explicitly allowing traffic through your
firewall in order for other persons to access some portion of your
>> hoping the program doesn't have a buffer overflow or a back door
>> that gives someone full access (assuming it was configured securely
>> in the first place).
> This can be a problem if someone is spreading a manipulated
> BitTorrent file and this can be as dangerous as open a manipulated
> JPEG in a browser. But who runs such a software or any software for
> that matter as root or admin?
I'd guess that most Mac users are running under an admin account all
the time; I certainly run as admin at home. Many of us are probably
conditioned to enter our password every time it's requested, also...
> I think you get the "old" way of P2P like Napster and Gnutella
> confused with BitTorrent.
My point is this: if it is possible to misconfigure the software /or/
it contains an exploitable bug, your risk increases. Google 
indicates that such vulnerabilities have been found in bittorrent
software . The user (or owner of the computer/data) needs to
decide if that risk is acceptable.
>> In the present case of MacTeX, it not necessary to use p2p, so
>> there's no justification for it.
> P2P can help to reduce the load of the servers and get MacTeX faster
> to the people who wants it. You actually can distribute it to the
> public and to the mirrors at the same time.
Yes, it has some benefits, and can be a useful tool. If it's worth
the risk to you, by all means use it; it may not be acceptable for
everyone on this list, though.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 2415 bytes
Desc: not available
More information about the MacOSX-TeX