I already avoid home nodes. Several load off-site images,
some of which are actually documented as being used to track
visits to their home node. Several now grab the userpass
cookie, one forwarding it to another site (after stripping
the password -- last time I checked). I don't want to be
the one who finds the first truely nasty home node.
At least non-home nodes very rarely have any interesting
HTML (and those that do usually get voted down -- probably
why this is still rare).
As for home-node buttons that send public chat requests,
I thought the first one was cute but got tired of it before
I even noticed a second one. I've been waiting for the fad
to die but am disappointed so far. I don't mind the buttons
that post private messages back to the node's owner (though
I wonder what the denial-of-service-attack potential for
the node owner or the site is). I particularly like
Adam's random node button. Posting private messages back
to the button pusher is probably harmless.
It is ironic that my favorite web site has also become my
most worrisome. I'm about to switch to my former paranoid
ways of disabling javascript and autoloading of images and
only turning them on for the few sites that both become
useless without them and are important.
A compromise did cross my mind. I'd love to see only
specific HTML tags allowed in posts and home nodes. Then I
could be curious about a monk and not worry about what tricks
they might think are cute today...
But each monk (level 5 and above) could have a "play node"
where they can post any HTML they want to. Then you could
go look at their tricks with the relative safety of knowing
who did it (and that they risked throwing away the time it
took them to get to level 5 if they did something truely
nasty).
As for off-site links, the browsers I use make it easy to
see where a link is going before I click on it. Plus,
there are plenty of legitimate reasons to have an off-site
link in a post or home node. So I'd not ban those.
-
tye
(but my friends call me "Tye")
|