Hi!
In our community we recommend the usage of tor software (http://tor.eff.org) for safe browsing. But it's impossible to use it with the smf (and joomla-smf's login bridge) "remember me", because it checks IP and it kicks you out at the first automatic IP change.
Considering that we care for users privacy more than what we do for security (especially if made on IP checks: pretty useless), and that we have safer security methods, is there anything I or you can do to:
1) make the "remember me" function work with always different IPs
or
2) give the chance to eliminate IP check
?
Please, we really care about this.
Thanks,
S.
Well I don't recommend using that, just add McAfee SiteAdvisor to your Firefox browser and you're saved mostly :P
Eliminating the IP check is a security compromise, that automatic IP change is not safe as it can be abused.
First:
I'm not asking your opinion about Tor usage. We're not going to substitute it cause Tor has features that no proprietary software gives, not even McAfee's. Plus, most of us are (happily) linux users, so McAfee stuff is poison, it's Evil Stuff and it won't work (as it really won't on any Windows setup)
Second:
Our users are identified as real persons, not online. Each account is corresponding to one real person, so no anonymous abuse is possible. IP check is pointless.
Third:
On the contrary, IP change IS safe because improves privacy. And if you want to try tricks that way you don't need Tor, you just log in and out on almost every commercial DSL line and get new IPs.
I asked you one way to disable IP check or make it work with Tor, I didn't ask for alternative solutions, I didn't ask you if it is safe.
Thanks,
S.