Harper Reed's Blog

Harper Reed's Blog

Musing from a normal person doing normal things

20 Feb 2006

Campfire bot framework v.2 released

Please note: This post was written some time ago (18 years ago). My perspectives, knowledge, and opinions may have evolved significantly since then. While the content might still offer valuable insights, I encourage readers to consider it in the context of its publication date.

Oh yea. I forgot to mention that i released a new version of my campfirenow.com bot framework. It is quite a bit better and a lot more robust - however i imagine that 37signals has changed things to stop it.

Check out the source: here

I also released a proof of concept flood. its real annoying and stupid. don’t use it. i just wanted to see if i could make it.

Flood source: here

A couple things:

I really think that campfire should have some sort of authentication scheme to make sure that the message originator is the right user. It wouldn’t stop bots and what not, but it would stop the tinyurl hack that is always hilarious. I think that have super AJAXy sites and insuring simple app security is often more difficult - but in my opinion, more important because the feel of the application is more similar to the desktop applications and so the user may be caught off guard if a security breach rares its head. But as Jason Fried said: it just doesn’t matter.

I wonder if gtalk could be similarly exploited. I doubt it since it is based on the jabber client and xmpp. I wonder why 37s didn’t use xmpp or something.

awesome