Re: [liberationtech] archives public
Am 10.08.2012 06:40, schrieb Brian Conley: I agree with you generally Jillian, but perhaps the list guidelines should be changed to simply make the archives public? I respectfully disagree, I experienced it as dangerous to have open ML archives. In Germany I would clearly advise list admins against unless it is a newsletter. I have been through this. a) case of noticetakedown action: Most list admins have no process how to delete individual posts from the archives. If you don't respond in time you get into trouble. You never get enough time to respond when your opponents are malicious. b) several emails per year from individuals kindly asking you to remove posts from the archives of an inactive list you didn't even know. c) google indexing, which promotes a) and b) cases A ML usually implies an expectation about the audience and a customary agreement how to share submissions. If you subscribe to a mailing list w/o open archives your are not supposed to make them available. Here an example: RMS once had a discussion with Zimbabwe supporters on an IGF internet governance list where he expressed quite frank and opinionated views about the nature of the Mugabe government. Because it was an open list with open archives (but limited subscribers) the conversation ended up indexed by Google. RMS did not bother that he endangered his African discussion partners by inciting them to answer his flame bait. Did participants to a ML gave their prior consent to leave a totalitarian trace? Google indexing makes the discussion partners uneven, because (email surveillance aside) certain parties cannot express their views within the group. Google indexing of open archive ML leaves a trace that anyone without advanced knowledge, access or technology could exploit. You type the email of a student from Zimbabwe and you find a discussion where he responds to a critic of the Mugabe government. Not relevant for us, we enjoy free speech, but it may become quite dangerous for this person, in particular, if the nature of the regime was correctly described. I am disgusted by the information wants to be free cynicism in these scenarios. Best, André ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
Re: [liberationtech] archives public
There is what should be, and there is reality. Any mailing list that allows anyone to subscribe is effectively public - some malicious actor will always siphon off posts, regardless of laws, list policies, or basic social norms. Making claims that a list is private is dangerous and gives a false sense of security IMHO. I say we keep the list as it is - no automated archive. And if there is a technical measure to indicate to ethical bots not to archive, we set that up. But I feel strongly that we should _not_ make any claims that the list is private. We should state something like While LibTech attempts to limit crawling by robots, this list is open to anyone, and thus, is for all intents and purposes, public. -- Greg Norcie (g...@norcie.com) GPG key: 0x1B873635 On 8/11/12 3:58 PM, André Rebentisch wrote: Am 10.08.2012 06:40, schrieb Brian Conley: I agree with you generally Jillian, but perhaps the list guidelines should be changed to simply make the archives public? I respectfully disagree, I experienced it as dangerous to have open ML archives. In Germany I would clearly advise list admins against unless it is a newsletter. I have been through this. a) case of noticetakedown action: Most list admins have no process how to delete individual posts from the archives. If you don't respond in time you get into trouble. You never get enough time to respond when your opponents are malicious. b) several emails per year from individuals kindly asking you to remove posts from the archives of an inactive list you didn't even know. c) google indexing, which promotes a) and b) cases A ML usually implies an expectation about the audience and a customary agreement how to share submissions. If you subscribe to a mailing list w/o open archives your are not supposed to make them available. Here an example: RMS once had a discussion with Zimbabwe supporters on an IGF internet governance list where he expressed quite frank and opinionated views about the nature of the Mugabe government. Because it was an open list with open archives (but limited subscribers) the conversation ended up indexed by Google. RMS did not bother that he endangered his African discussion partners by inciting them to answer his flame bait. Did participants to a ML gave their prior consent to leave a totalitarian trace? Google indexing makes the discussion partners uneven, because (email surveillance aside) certain parties cannot express their views within the group. Google indexing of open archive ML leaves a trace that anyone without advanced knowledge, access or technology could exploit. You type the email of a student from Zimbabwe and you find a discussion where he responds to a critic of the Mugabe government. Not relevant for us, we enjoy free speech, but it may become quite dangerous for this person, in particular, if the nature of the regime was correctly described. I am disgusted by the information wants to be free cynicism in these scenarios. Best, André ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
Re: [liberationtech] archives public
Am 12.08.2012 01:03, schrieb Greg Norcie: There is what should be, and there is reality. Any mailing list that allows anyone to subscribe is effectively public - some malicious actor will always siphon off posts, regardless of laws, list policies, or basic social norms. Radicalising realism, why do societies sanction murder if all people have to die anyway? ;-) But seriously, in the context of camera surveillance: Analogue argument, you are in public space, everyone could watch you at the streets, why bother camera surveillance? Shouldn't a citizen expect to be recorded on tape? etc. I am all for worst case expectations but often it's a human slippery slope that we tend make these views normative and as a result promote practices that make things worse and discourage higher ambitions and standards. Best, André ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
Re: [liberationtech] archives public
I am not suggesting legalizing murder I am suggesting placing prominent signs in an area where many murders occur :) These signs could warn people to take reasonable precautions such as avoiding travel at night, and dialing 911 to report suspicious persons, and possibly choosing to obtain a concealed carry permit. I don't think these signs would normalize murders. My own undergrad used to post flyers in areas where muggings occured, and this didn't make me think it was OK to mug people - it made me take a bus or a cab, rather than walk through those areas late at night. Also, we have a means to stop CCTV - privacy legislation. For example, if London (CCTV champion of the world) changed their laws, the use of CCTV could be eliminated very easily. There is no easy fix to stop malicious individuals and/or intelligence agencies from siphoning off posts. The intelligence agencies of the world all have pretty much free reign to spy on the communications of the rest of the world. Some of the less human rights respecting ones spy on their own people as well :) You talk about how terrible it is that these privacy violations are occurring - and I emphatically agree, 100%. Where we differ is that I think that it is better to warn people about their lack of privacy, and perhaps help them avoid making a dangerous disclosure, rather than pay lip service to some ill-defined idea like normalization while some poor souls posts something that could get them arrested or killed. I value human lives over ideas, especially when those ideas aren't backed with data. Can you show me proof that people's privacy attitudes change when exposed to privacy warnings in the manner you fear will happen? (If not - hey - potential study idea up for grabs :) ) -- Greg Norcie (g...@norcie.com) GPG key: 0x1B873635 On 8/11/12 4:20 PM, André Rebentisch wrote: Am 12.08.2012 01:03, schrieb Greg Norcie: There is what should be, and there is reality. Any mailing list that allows anyone to subscribe is effectively public - some malicious actor will always siphon off posts, regardless of laws, list policies, or basic social norms. Radicalising realism, why do societies sanction murder if all people have to die anyway? ;-) But seriously, in the context of camera surveillance: Analogue argument, you are in public space, everyone could watch you at the streets, why bother camera surveillance? Shouldn't a citizen expect to be recorded on tape? etc. I am all for worst case expectations but often it's a human slippery slope that we tend make these views normative and as a result promote practices that make things worse and discourage higher ambitions and standards. Best, André ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
Re: [liberationtech] archives public
Yes. I think I was unnecessarily harsh in my own initial reply. We simply cannot presuppose knowledge of a system. Security nonexperts have different mental models. Can we solve every security issue? No. And this is one that unfortunately, can't be solved without user education. However, if there's a way to tell robots not to archive this list, I think it should be undertaken. Corporations and other private business entities will always respond to the letter (not the spirit) of the law (/rules/W3C standards) -- Greg Norcie (g...@norcie.com) GPG key: 0x1B873635 On 8/9/12 9:40 PM, Brian Conley wrote: I agree with you generally Jillian, but perhaps the list guidelines should be changed to simply make the archives public? In the interest of simplicity and transparency to users, this is probably the best solution. Currently individuals who are more knowledgeable have more access, while those who are less knowledgeable may have incorrect assumptions about the safety/security of the content of their emails to the list. This is starting to feel a bit like the crux of that cryptocat conversation, no? On Thu, Aug 9, 2012 at 3:03 PM, Jillian C. York jilliancy...@gmail.com mailto:jilliancy...@gmail.com wrote: Folks, *anyone can join the list*. I assume you all know that, since you all joined once. Therefore, this seems like a pretty silly thing to argue about. On Thu, Aug 9, 2012 at 7:29 AM, Maxim Kammerer m...@dee.su mailto:m...@dee.su wrote: On Thu, Aug 9, 2012 at 4:41 PM, Sam King samk...@cs.stanford.edu mailto:samk...@cs.stanford.edu wrote: In general, I prefer it when the reply-to is as it is in this mailing list. When I want to reply to the sender, I hit reply, and when I want to reply to all, I hit reply all. Then, after N replies in a row, you have N subscriber emails in To: header, which means that user's mail server has to send N identical emails (strain on the server, risk of triggering spam filters), list server has to filter email to subscribers who are in To: or Cc: (if anything goes wrong, they get an email twice), and anyone who forwards an email from the list unnecessarily exposes subscribers' email addresses. When the reply-to is the list, it becomes more annoying to reply just to the sender. Any decent mail client has a “Reply to Sender” button — no idea why GMail doesn't (or I didn't look hard enough). -- Maxim Kammerer Liberté Linux: http://dee.su/liberte ___ liberationtech mailing list liberationtech@lists.stanford.edu mailto:liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech -- *+1-857-891-4244 tel:%2B1-857-891-4244 |**jilliancyork.com http://jilliancyork.com/ | @jilliancyork * We must not be afraid of dreaming the seemingly impossible if we want the seemingly impossible to become a reality - /Vaclav Havel/ ___ liberationtech mailing list liberationtech@lists.stanford.edu mailto:liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech -- Brian Conley Director, Small World News http://smallworldnews.tv http://smallworldnews.tv/ m: 646.285.2046 Skype: brianjoelconley public key: http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0xCEEF938A1DBDD587
Re: [liberationtech] archives public
Yes, agreed. On Thu, Aug 9, 2012 at 1:22 AM, Anne Roth annal...@riseup.net wrote: I assume that most everyone on this list shares your realism but still I think the list info page shouldn't misinform people regarding that? Besides which I, and probably many others, have made the experience that there's generally a difference between what could happen and what actually will which leads to me thinking that it's worth guarding as much of my privacy as possible. Knowing that this is generally not bullet-proof, but knowing also that sometimes 'the other side' has to make choices how to spend their time and energy. Which makes it worth putting up as many fences as possible. Anne Am 09.08.12 09:44, schrieb Greg Norcie: Any list is effectively public. I'd bet hard cash that any list like LibTech has at least one person siphoning off posts to some database. As Benjamin Franklin said Three can keep a secret - if two of them are dead It's a sad state, but it is good opsec to assume anything sent to a large group like LibTech is effectively public. Not making a value judgement - I am no fan of the transparent society. But I'm also a realist. -- Greg Norcie (g...@norcie.com) GPG key: 0x1B873635 On 8/9/12 12:39 AM, Anne Roth wrote: Hi, I just saw through this tweet https://twitter.com/csoghoian/statuses/233445976365465603 that the list archives are public (see http://www.mail-archive.com/liberationtech@lists.stanford.edu/info.html) - is everyone aware of that? Until now I thought that they're available to list members only, as stated here https://mailman.stanford.edu/mailman/listinfo/liberationtech I tend to prefer non-public but can see why public makes sense as well. In any case that should be clearly mentioned on the info page, don't you think? Anne -- http://about.me/annalist http://pgp.mit.edu:11371/pks/lookup?op=vindexsearch=0x7689407F942951E2 ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
Re: [liberationtech] archives public
On Thu, Aug 09, 2012 01:01:27 AM -0700, Yosem Companys wrote: Yes, as we say in the list guidelines, our policy as an institution is to keep the archives private. Unfortunately, because any list member can see the archives, we have little or no recourse available to stop someone from copying and making them public (unless we simply closed off the archives to all members). Uh? This is not someone copying the ARCHIVES. It is an automatic, real time mirroring of the list. The most likely explanation of the fact that there is such a mirror at mail-archive.com is that somebody has added The Mail Archive as a member to your mailing list as described in the how-to-guide: http://www.mail-archive.com Also, according to their privacy guidelines, http://www.mail-archive.com/faq.html#privacy We comply with internet standard email headers which restrict or prohibit archiving so adding those headers is something the administrators should do. Yes, this will NOT make it impossible to publish the archives online as a whole etc etc, but IMO you should do it anyway as a matter of principle. Marco http://mfioretti.com ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
Re: [liberationtech] archives public
In general, I prefer it when the reply-to is as it is in this mailing list. When I want to reply to the sender, I hit reply, and when I want to reply to all, I hit reply all. When the reply-to is the list, it becomes more annoying to reply just to the sender. Sam King Director | Code the Change http://codethechange.org - we have a Code Jam for social good coming up! Teacher | CS1U: Practical Unix http://cs1u.stanford.edu - videos and exercises are available free online! facebook https://www.facebook.com/samjking, linkedinhttp://www.linkedin.com/profile/view?id=55518052, twitter http://twitter.com/codethechange, google+https://plus.google.com/111459971983433860521, verbose letters http://stanford.edu/~samking/personal/ On Thu, Aug 9, 2012 at 5:49 AM, Maxim Kammerer m...@dee.su wrote: On Thu, Aug 9, 2012 at 11:01 AM, Yosem Companys compa...@stanford.edu wrote: Yes, as we say in the list guidelines, our policy as an institution is to keep the archives private. For an open list, this does not make any sense — it only serves as a hurdle. For example, the liberationtech-jobs list was mentioned a few days back. I am curious, but not interested enough to subscribe, confirm, archive the relevant notification messages, look at the archive, then unsubscribe, again archiving relevant message after confirming requests. So what I think I will do is use one of the throwaway address services, forgetting about it immediately after subscribing and retrieving a password, and you will get another address to waste mailer resources on and to skew statistics. I would also like to voice a few suggestions about this list: 1. The signature is ridiculously long. You can at least prefix it with -- to enable auto-hiding in most mailers when people don't have their own signature. 2. You should reject messages without one of the list addresses in To: or Cc: fields. It helps filtering and prevents email from people who put all their address book in Bcc:. 3. Reply-To: should be to the list, not to the individual sender. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
Re: [liberationtech] archives public
Folks, *anyone can join the list*. I assume you all know that, since you all joined once. Therefore, this seems like a pretty silly thing to argue about. On Thu, Aug 9, 2012 at 7:29 AM, Maxim Kammerer m...@dee.su wrote: On Thu, Aug 9, 2012 at 4:41 PM, Sam King samk...@cs.stanford.edu wrote: In general, I prefer it when the reply-to is as it is in this mailing list. When I want to reply to the sender, I hit reply, and when I want to reply to all, I hit reply all. Then, after N replies in a row, you have N subscriber emails in To: header, which means that user's mail server has to send N identical emails (strain on the server, risk of triggering spam filters), list server has to filter email to subscribers who are in To: or Cc: (if anything goes wrong, they get an email twice), and anyone who forwards an email from the list unnecessarily exposes subscribers' email addresses. When the reply-to is the list, it becomes more annoying to reply just to the sender. Any decent mail client has a “Reply to Sender” button — no idea why GMail doesn't (or I didn't look hard enough). -- Maxim Kammerer Liberté Linux: http://dee.su/liberte ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech -- *+1-857-891-4244 |** jilliancyork.com | @jilliancyork * We must not be afraid of dreaming the seemingly impossible if we want the seemingly impossible to become a reality - *Vaclav Havel* ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
Re: [liberationtech] archives public
On Thu, Aug 09, 2012 01:01:27 AM -0700, Yosem Companys wrote: Yes, as we say in the list guidelines, our policy as an institution is to keep the archives private. Unfortunately, because any list member can see the archives, we have little or no recourse available to stop someone from copying and making them public (unless we simply closed off the archives to all members). Uh? This is not someone copying the ARCHIVES. It is an automatic, real time mirroring of the list. The most likely explanation of the fact that there is such a mirror at mail-archive.com is that somebody has added The Mail Archive as a member to your mailing list as described in the how-to-guide: http://www.mail-archive.com Also, according to their privacy guidelines, http://www.mail-archive.com/faq.html#privacy We comply with internet standard email headers which restrict or prohibit archiving so adding those headers is something the administrators should do. Yes, this will NOT make it impossible to publish the archives online as a whole etc etc, but IMO you should do it anyway as a matter of principle. Marco http://mfioretti.com ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
