I am new to DNN and am working on my boss to get him to allow me to use it for my Web Applications. He has one reservation--he wants to be sure that information from our servers is not be gathered and sent back to DOTNETNUKE. I have surfed for this information but could not find anything to reassure my boss. I work for local government and they are a bit paranoid. Any information would be much appreciated. Thanks!

as purplebox said the only potential item is the version checker, and we do not record any information from that - it's purely to see if there are core/module versions available (it simply passes the current version which selects the relevant image). You can also disable this by unchecking the 'check for upgrades?' checkbox (log in as host, and go to host->host settings).

Cathal

---

Buy the new Professional DNN7: Open Source .NET CMS Platform book Amazon US

dstisher:

Yes there is a feature to check for updates in Host Settings, it can be turned off. Aside from that, and email messages to the users DNN may send if you configure the mail server parameters, I am pretty sure that there is no backdoor or call-home routine. This type of thing has never been discussed or documented in the forums that I remember. You can search on this forum or the old one at www.asp.net. Also, you have the source code to review, ask your boss for OT to do this ;) Now, be careful when you read security concerns on the forums because; first, the issues that may have been in the code have long been corrected; second, DNN is as secure as the weakest link in the configuration (meaning that you must secure your network, the server, IIS, apply patches, etc.) and third, there have been some perceived problems of DNN that were really vulnerabilities in IIS, .Net, Windows, or IE (this type of thing happens to ALL software written by human beings, as opposed to what the Unix followers would like you to think).

To summarize, if you need to develop Web sites or Web applications, I honestly doubt that you could get a more robust framework than DNN, especially if you run it in medium trust on Windows Server 2003 (and the server and the network are configured and managed properly). Anyway, think about the alternatives, with all due respect, do you want to develop the framework for your applications yourself??? Is it really going to be more robust and flexible than DNN????

There is also a Department of Defense Web site that I cannot recall at the moment where they actually discuss and encourage the use of Open Source software for the DoD, as long as the source code is freely available that is.

Carlos