AsmBB

Power
Login Register

AsmBB v2.7 has been officially released

#15961 (ツ) johnfound
Last edited: 16.10.2019 by johnfound, read: 2477 times

AsmBB v2.7 has been released

Download links:

The binary installation package: asmbb.tar.gz

The source repository: AsmBB source repository

What is AsmBB?

AsmBB is a web forum software, written entirely in assembly language (FASM) and using SQLite as a forum database engine.

AsmBB is aimed to provide the fastest and the lightest possible forum engine, able to handle huge communities on a very lightweight servers like cheap VPS or even shared hosting.

AsmBB is free and open source software, distributed under the terms of EUPL.

In addition, AsmBB has the simplest possible installation process and need no regular support. It simply works.

Also AsmBB has very high level of security. SQL injections are impossible by design. Most of other web attack vectors are simply missing. And since this very version, AsmBB supports encrypted database for even better security.

What's new in this release?

The main and major change in this release is the support for encrypted forum database. The great SQLite plugin SQLeet is used. According to the specification it supports:

  • PBKDF2-HMAC-SHA256 key derivation with a 16-byte salt and 12345 iterations.

  • ChaCha20 stream cipher with one-time keys.

  • Poly1305 authentication tags.

Of course, the encryption is optional and can be freely switched on and off from the administration settings panel (the new tab "Encryption").

Several minor bugs has been fixed in this release as well.

Why encrypted database?

Because the encryption can seriously increase the security and the privacy of the forum database.

The encryption key in AsmBB is never stored on the disk and only temporary stored in the RAM. That is why even serious security breach on the web server or the backup server, or the backup media will not compromise the database of the forum, the people account attributes or personal data.

The only known problem of this solution is that the encryption key must be entered on every forum engine restart (through the web interface). This way, on incidental server restarts, the forum will be not accessible for some time. But AsmBB is long living and very stable application so, such issues happen once a several months or even years.

Of course, using encrypted database makes the use of SSL/TLS mandatory.

#15962 (ツ) kari
Created 04.10.2019, read: 1632 times
johnfound

AsmBB v2.7 has been released

Download links:

The binary installation package: asmbb.tar.gz

The source repository: AsmBB source repository

What is AsmBB?

AsmBB is a web forum software, written entirely in assembly language (FASM) and using SQLite as a forum database engine.

AsmBB is aimed to provide the fastest and the lightest possible forum engine, able to handle huge communities on a very lightweight servers like cheap VPS or even shared hosting.

AsmBB is free and open source software, distributed under the terms of EUPL.

In addition, AsmBB has the simplest possible installation process and need no regular support. It simply works.

Also AsmBB has very high level of security. SQL injections are impossible by design. Most of other web attack vectors are simply missing. And since this very version, AsmBB supports encrypted database for even better security.

What's new in this release?

The main and major change in this release is the support for encrypted forum database. The great SQLite plugin SQLeet is used. According to the specification it supports:

  • PBKDF2-HMAC-SHA256 key derivation with a 16-byte salt and 12345 iterations.

  • ChaCha20 stream cipher with one-time keys.

  • Poly1305 authentication tags.

Of course, the encryption is optional and can be freely switched on and off from the administration settings panel (the new tab "Encryption").

Several minor bugs has been fixed in this release as well.

Why encrypted database?

Because the encryption can seriously increase the security and the privacy of the forum database.

The encryption key in AsmBB is never stored on the disk and only temporary stored in the RAM. That is why even serious security breach on the web server or the backup server, or the backup medium will not compromise the database of the forum, the people account attributes or personal data.

The only known problem of this solution is that the encryption key must be entered on every forum engine restart (through the web interface). This way, on incidental server restarts, the forum will be not accessible for some time. But AsmBB is long living and very stable application so, such issues happen once a several months or even years.

Of course, using encrypted database makes the use of SSL/TLS mandatory.

Nice work johnfound :-)Waiting for importers for vbulletin and xenforo.

#15963 (ツ) johnfound
Last edited: 04.10.2019 by johnfound, read: 1626 times
kari

Waiting for importers for vbulletin and xenforo.

Well, I will leave these aspects of the development to the contributors. rofl

#15974 (ツ) macadoum
Created 12.10.2019, read: 1340 times

Thanks for this new release johnfound. :-D

#16001 (ツ) IvanMontillaM
Created 03.02.2020, read: 557 times

I love this project and I admire what you've achieved with this.

Remarkable! This actually inspires me to learn assembly. :-)

AsmBB v2.8 (check-in: 6348f13102432a47); SQLite v3.31.1 (check-in: 3bfa9cc97da10598);
©2016..2020 John Found; Licensed under EUPL. Powered by Assembly language Created with Fresh IDE