Ted Smith wrote: > I think that it isn't libre.fm's responsibility to enforce user > security. Only the user can make themselves secure or anonymous; > attempting to transparently do so will inevitably fail because anonymity > and security require work.
We have a responsibility to do everything we can to not attract subpoenas. > In that light I propose that libre.fm listen on the public internet and > also through a Tor hidden service (or, to reduce latencies, run a Tor > server with a restrictive exit policy that will allow for torified > requests to libre.fm to exit the Tor network on libre.fm's node). I don't want to run a Tor node. How else could we do this? Nothing stopping people connecting to Libre.fm via Tor. > In this case, the onus is on the user for keeping the datastream clean > of identifying information (this is a hard thing to do, especially given > the concept of "friends" and the fact that libre.fm by nature reduces > the anonymity set over time), but assuming they do so, there is nothing > that libre.fm can do to produce their identity. All their scrobbles will > originate at localhost as far as libre.fm is concerned, and so that, > along with whatever other user data they give, is all that could be > handed over in the event of a subpoena. If we have their email address, their homepage URL, etc... we'd have to give all that over as well. > This has the added effect of making it easy to tell whether or not a > user is taking advantage of anonymity software, and so segmenting the > userbase into those that noticeably care about their privacy and those > that care less. This means that the defaults for accounts created on > this interface can be much more locked-down that the defaults for > accounts created on the www interface. Also, it would mean that libre.fm > would be the first social networking site with a strong commitment to > user privacy through anonymity software. I think we should make the strong privacy the default for everyone. _______________________________________________ Libre-fm mailing list [email protected] http://lists.autonomo.us/mailman/listinfo/libre-fm
