Archive of UserLand's first discussion group, started October 5, 1998.
Re: New Third Voice version out
Author: Jeremy Bowers Posted: 9/14/1999; 10:27:05 PM Topic: New Third Voice version out Msg #: 11019 (In response to 11015) Prev/Next: 11018 / 11020
Fair question...OK, if you download Third Voice for Netscape, it goes through its install routine, installs some executables, etc.
It starts a proxy server on your machine. It modifies your Netscape configuration (with implicit permission, of course).
If you currently have Netscape 4+ open, you can follow along by doing this:
- Edit->Preferences
- Open the Advanced menu on the bottom if it is not open.
- Click Proxies.
- Now, on the right, select Manual proxy configurations. You can now click the button next to it, so please do so.
- A new server type has been added for HTTP, pointing to 127.0.0.1 (which is a special number that always means the same machine that the TCP/IP request is made on, for those who don't know), on port 3333. (Note: It was quickly discovered that this server accepted connections from ANY machine, making it look as if the machine with the proxy server were doing whatever those remotes were doing... I'll skip the painfully obvious security implications this time.)
This means that netscape will route all requests through that proxy server. The proxy server adds in stubs that allows Third Voice to function and download the notes, with the plugin that can connect to the Third Voice servers. Which is to say, the user never even sees the original page.
A simple "View Source" cut & paste or "Save page" WILL save these manipulations (unlike the IE) version... for an example, see http://www.msu.edu/~bowersj2/tvexample.htm. (It'll probably fail, as you don't have it installed... interesting... the server seems to notice the modifications are already there... I wonder if it can be fooled? Anyhow, view source. It will clearly NOT match what Userland put there... note those scripts towards the top.)
A screenshot:
That is the homepage of Scripting News. We all know what that looks like... this is chopped a bit to show the importent stuff, shrunk a bit for space, and, as all three of the messages are personally insulting to Dave, I've gone ahead and blurred out the message (as that is not relevant). The frame on the left is optional, and can be pulled up into just the upper left of the browser window. The note is there (only ususally legible).
I think calling that "inside a frame" is reasonable... I'll give you two more, but they are too large to include here. Here is a complete screen shot of this page, with the frame down. Here is the same picture with the TV plugin retracted to minimum size.
The HTML does not have the actual messages added into it (although, there's nothing STOPPING them from doing so except that it is more efficient to only grap the requested message), but the stub that allows it to do so is added, obviously, without your permission being an issue.
Is there anything else you would like to know? I'm going to uninstall this thing pronto... opening a port like this, even after the so-called "fix", is not something I'm willing to do in the longterm...
There are responses to this message:
- Re: New Third Voice version out, Dave Winer, 9/14/1999; 10:39:10 PM
This page was archived on 6/13/2001; 4:52:36 PM.
© Copyright 1998-2001 UserLand Software, Inc.
