AsmBB v2.7 has been released

Download links:

The binary installation package: asmbb.tar.gz

The source repository: AsmBB source repository

What is AsmBB?

AsmBB is a web forum software, written entirely in assembly language (FASM) and using SQLite as a forum database engine.

AsmBB is aimed to provide the fastest and the lightest possible forum engine, able to handle huge communities on a very lightweight servers like cheap VPS or even shared hosting.

AsmBB is free and open source software, distributed under the terms of EUPL.

In addition, AsmBB has the simplest possible installation process and need no regular support. It simply works.

Also AsmBB has very high level of security. SQL injections are impossible by design. Most of other web attack vectors are simply missing. And since this very version, AsmBB supports encrypted database for even better security.

What's new in this release?

The main and major change in this release is the support for encrypted forum database. The great SQLite plugin SQLeet is used. According to the specification it supports:

• PBKDF2-HMAC-SHA256 key derivation with a 16-byte salt and 12345 iterations.

• ChaCha20 stream cipher with one-time keys.

• Poly1305 authentication tags.

Of course, the encryption is optional and can be freely switched on and off from the administration settings panel (the new tab "Encryption").

Several minor bugs has been fixed in this release as well.

Why encrypted database?

Because the encryption can seriously increase the security and the privacy of the forum database.

The encryption key in AsmBB is never stored on the disk and only temporary stored in the RAM. That is why even serious security breach on the web server or the backup server, or the backup media will not compromise the database of the forum, the people account attributes or personal data.

The only known problem of this solution is that the encryption key must be entered on every forum engine restart (through the web interface). This way, on incidental server restarts, the forum will be not accessible for some time. But AsmBB is long living and very stable application so, such issues happen once a several months or even years.

Of course, using encrypted database makes the use of SSL/TLS mandatory.

johnfound

AsmBB v2.7 has been released

Download links:

The binary installation package: asmbb.tar.gz

The source repository: AsmBB source repository

What is AsmBB?

AsmBB is a web forum software, written entirely in assembly language (FASM) and using SQLite as a forum database engine.

AsmBB is aimed to provide the fastest and the lightest possible forum engine, able to handle huge communities on a very lightweight servers like cheap VPS or even shared hosting.

AsmBB is free and open source software, distributed under the terms of EUPL.

In addition, AsmBB has the simplest possible installation process and need no regular support. It simply works.

Also AsmBB has very high level of security. SQL injections are impossible by design. Most of other web attack vectors are simply missing. And since this very version, AsmBB supports encrypted database for even better security.

What's new in this release?

The main and major change in this release is the support for encrypted forum database. The great SQLite plugin SQLeet is used. According to the specification it supports:

• PBKDF2-HMAC-SHA256 key derivation with a 16-byte salt and 12345 iterations.

• ChaCha20 stream cipher with one-time keys.

• Poly1305 authentication tags.

Of course, the encryption is optional and can be freely switched on and off from the administration settings panel (the new tab "Encryption").

Several minor bugs has been fixed in this release as well.

Why encrypted database?

Because the encryption can seriously increase the security and the privacy of the forum database.

The encryption key in AsmBB is never stored on the disk and only temporary stored in the RAM. That is why even serious security breach on the web server or the backup server, or the backup medium will not compromise the database of the forum, the people account attributes or personal data.

The only known problem of this solution is that the encryption key must be entered on every forum engine restart (through the web interface). This way, on incidental server restarts, the forum will be not accessible for some time. But AsmBB is long living and very stable application so, such issues happen once a several months or even years.

Of course, using encrypted database makes the use of SSL/TLS mandatory.

Nice work johnfound Waiting for importers for vbulletin and xenforo.

kari

Waiting for importers for vbulletin and xenforo.

Well, I will leave these aspects of the development to the contributors.

Thanks for this new release johnfound.

I love this project and I admire what you've achieved with this.

Remarkable! This actually inspires me to learn assembly.