On Thu, Jul 23, 2009 at 1:37 PM, Tim Starling<tstarl...@wikimedia.org> wrote: > To help in the "proving trustworthy, or else" process, I have released > the source code of Watchlistr - please take a look at it. You will see > that I take the utmost care in securing user information. The wiki > logins are encrypted with AES in our database. The key used to encrypt > each user's login list is their site username, which is stored as a > SHA1 hash in our database. If a cracker were to, somehow, gain access > to the database, they would be left with a pile of garbage.
They would only have to get the site usernames to decrypt the login info. They could get those the next time each user logs in, if they're not detected immediately. There's no way around this; if your program can log in as the users, so can an attacker who's able to subvert your program. > As for the other solutions that were presented - I was really trying > to create a cross-platform, cross-browser solution that would not > hinge on one particular technology. Javascript would be great, but > what if someone doesn't have JS enabled? OAuth and a read-only API > would be close-to-ideal, but they currently don't work with/don't > exist on the Wikimedia servers. I am, however, open to other workable > solutions that are presented - let me know. I would suggest you apply for a toolserver account: https://wiki.toolserver.org/view/Account_approval_process Once you have a toolserver account, I'd be willing to work with you to arrange for some form of direct access to all wikis' watchlist tables (I'm a toolserver root). You then wouldn't need to possess any login info. _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l