Re: [OSM-talk] Fwd: Why doesn't OSM ?
2009/12/27 Aun Johnsen li...@gimnechiske.org: Taiwan, Sri Lanka, Morocco, Israel, Palestine, Russia, all of these are Then there is China and Iran and various other countries that love to jail their dissidents... As I said before, until any of this has a direct negative effect on people personally they don't see what the big fuss about security and privacy is all about. implementing SSL for login would to some extent prevent them from harvesting mail addresses, which can reduce the amount of SPAM in some of our users mailboxes, just to mention one real threat. Some may claim you can use a nickname to log into the site instead of an email address, but during initial signup and on various pages the email address is exposed, and thanks for bringing up this threat, I hadn't considered this but spam is one of the basic attacks OSM already suffers. Also OSM leaks email addresses, you can type an email address only into the signup page and it will tell you if that email address is valid in OSM, but I don't see any brute force protection to prevent this, a simple capture would at least slow things down before telling others that the email address is valid or not. ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Fwd: Why doesn't OSM ?
On Sun, Dec 27, 2009 at 11:43 AM, Aun Johnsen li...@gimnechiske.org wrote: On Sun, Dec 27, 2009 at 9:26 AM, Liz ed...@billiau.net wrote: On Sat, 26 Dec 2009, Frederik Ramm wrote: 1. What do we want to protect? The data is fully open, but some people want to reduce their fingerprint on the data to protect themselves, for example they submit their GPX tracks privately so it will not be possible to derive from them where he lives or works. This doesn't mean he is holding back data, he only chooses to give it without his fingerprints. this isn't quite the case. even if tracks are submitted privately it may be possible to find common locations such as home and work from the anonymous points. then it also might to possible to find corresponding local editing to get the user. for example, some of the calculated home locations from http://stat.latlon.org/ are quite accurate - mine is only about 200m from cloudmade's offices, where i used to work. if you are really very concerned with your privacy: don't upload tracks which include your home or office locations at all. cheers, matt ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Fwd: Why doesn't OSM ?
2009/12/28 John Smith deltafoxtrot...@gmail.com: 2009/12/28 Matt Amos zerebub...@gmail.com: if you are really very concerned with your privacy: don't upload tracks which include your home or office locations at all. Lets assume for a second that they are smart enough to filter their points so they aren't near their home location, we can also assume they may not have vectorised the data, however there is a lot of non-home/non-work information still not being protected by a simple SSL connection OSM could be providing. Actually myself and someone else emailed TomH a while back about OSM providing this kind of anonymising service for people that are unable, we were offering to try and help, even though neither of us knew ruby, but due to a lack of interest the thread died at the time. ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Fwd: Why doesn't OSM ?
Hi, John Smith wrote: Lets assume for a second that they are smart enough to filter their points so they aren't near their home location, we can also assume they may not have vectorised the data, however there is a lot of non-home/non-work information still not being protected by a simple SSL connection OSM could be providing. Let me repeat: If your tracks contain information that needs protection, then *please* don't upload them to OSM. Bye Frederik -- Frederik Ramm ## eMail frede...@remote.org ## N49°00'09 E008°23'33 ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Fwd: Why doesn't OSM ?
On Sun, Dec 27, 2009 at 2:36 PM, Matt Amos zerebub...@gmail.com wrote: On Sun, Dec 27, 2009 at 11:43 AM, Aun Johnsen li...@gimnechiske.org wrote: On Sun, Dec 27, 2009 at 9:26 AM, Liz ed...@billiau.net wrote: On Sat, 26 Dec 2009, Frederik Ramm wrote: 1. What do we want to protect? The data is fully open, but some people want to reduce their fingerprint on the data to protect themselves, for example they submit their GPX tracks privately so it will not be possible to derive from them where he lives or works. This doesn't mean he is holding back data, he only chooses to give it without his fingerprints. this isn't quite the case. even if tracks are submitted privately it may be possible to find common locations such as home and work from the anonymous points. then it also might to possible to find corresponding local editing to get the user. for example, some of the calculated home locations from http://stat.latlon.org/ are quite accurate - mine is only about 200m from cloudmade's offices, where i used to work. if you are really very concerned with your privacy: don't upload tracks which include your home or office locations at all. cheers, matt 200m is quite a distance if they have no other links between you and OSM, if that possition is the only thing they have to connect you to OSM, than how many other potential contributors live within 200m of that position? If that is in some of the larger cities we can talk thousands of people. ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Fwd: Why doesn't OSM ?
On Sun, Dec 27, 2009 at 4:59 PM, Frederik Ramm frede...@remote.org wrote: Hi, Aun Johnsen wrote: John Smith wrote: Lets assume for a second that they are smart enough to filter their points so they aren't near their home location, we can also assume they may not have vectorised the data, however there is a lot of non-home/non-work information still not being protected by a simple SSL connection OSM could be providing. Let me repeat: If your tracks contain information that needs protection, then *please* don't upload them to OSM. So your answer to this, if you are concerned about your security, don't contribute? Well, concerned is perhaps the wrong word here. If you have GPS tracks which contain information that is so sensitive that you fear someone could be spying on your connection, retrieve the information and use it to cause damage to you, then OpenStreetMap is clearly not equipped to handle information of such importance. SSL encryption might keep your employer or your internet provider or the UK government from spying on you, but the data will eventually land on the OSM servers where any number of project members deemed trustworthy in a non-ISO-certified process will have access to it, and will even be handed out through an API which may be buggy, and where anyone can commit changes into a publicly writable SVN. (Not everything commited to SVN will land in production but it is absolutely not impossible that something will escape the attention of an admin.) My concern is that if we allow people to claim that their data is so sensitive that it needs SSL to upload, then the next thing they will demand is that there be a complex vetting procedure for admins - why am I going through the hassle of uploading my data in an encrypted fashion when you don't even make your admins sign a legally binding statement about what they can and cannot do with the data, for example. The logical next step for John Smith would be to inquire about the security precautions at the site where our computers are. What locks are there, how many people have the keys, and surely we have CCTV? And so on. Security is not something where you can twist a few screws somewhere and hope that it will magically improve. It needs a thorough analysis - as I said: What do we want to protect, and whom against, and then let's see where the weakest points are. And then determine the price for the level of security you want, and think about whether you are willing to pay that price. Because security *never* comes for free - it will cost you more computing power, it will cost the admins more nerves, create paperwork, formalities, slow down innovation, and so on. Isn't that the same as continuing the economic gap between industrial and developing countries? No, my argument has nothing whatsoever to do with the global economy; it would be just as valid if OSM were a UK only (or London only, for that matter) project. Bye Frederik -- Frederik Ramm ## eMail frede...@remote.org ## N49°00'09 E008°23'33 I very well understood you there, and mark that some of my points have been put to the extreme. Some of the socalled security concernes about OSM are covered by license disclaimers, some is covered by the fact that the source code are available so any security mechanisms can be examined by anybody to patch holes, and some are covered by OSMF's administration of the hardware. A vetting of the admins are senseless as what can be done with the data is covered by OSM's chose of License and the Disclaimer of the project. My point in all of this is not that we must implement security measures now, but that it must be put on the TODO list with an appropriate priority. If anybody are able to supply a patch for lets say SSL login to the API, than please let him supply the patch, and the admins then should take a look at it to see if it can be implemented right away or if it needs more patching to be obtained. As the source code of OSM should be awailable on the svn, than people with the appropriate programing and security knowledge should be able to supply the right patch. John Smith, you can put your money where your mouth is and write a patch, since you brought this up? ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Fwd: Why doesn't OSM ?
2009/12/28 Aun Johnsen li...@gimnechiske.org: John Smith, you can put your money where your mouth is and write a patch, since you brought this up? I can't do anything until I know what will be protected by SSL, because TomH said they don't even know yet. Until something certain is stated by someone with the ability to do something on the servers there is no point doing anything with client software. ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk