On Thu, Jul 23, 2009 at 8:50 PM, Happy-melon <happy-me...@live.com> wrote:
> > > "Aryeh Gregor" > <simetrical+wikil...@gmail.com<simetrical%2bwikil...@gmail.com>> > wrote in message > news:7c2a12e20907231051s638dd2f9v399ac2a79e185...@mail.gmail.com... > > On Thu, Jul 23, 2009 at 1:37 PM, Tim Starling<tstarl...@wikimedia.org> > > wrote: > >> To help in the "proving trustworthy, or else" process, I have released > >> the source code of Watchlistr - please take a look at it. You will see > >> that I take the utmost care in securing user information. The wiki > >> logins are encrypted with AES in our database. The key used to encrypt > >> each user's login list is their site username, which is stored as a > >> SHA1 hash in our database. If a cracker were to, somehow, gain access > >> to the database, they would be left with a pile of garbage. > > > > They would only have to get the site usernames to decrypt the login > > info. They could get those the next time each user logs in, if > > they're not detected immediately. There's no way around this; if your > > program can log in as the users, so can an attacker who's able to > > subvert your program. > > Or, since the set of registered Wikimedia users is both vastly smaller than > the superset of all possible usernames (remember it's restricted to users > with a global login AFAICT), and readily accessible through a > high-throughput API, a brute-force attack would be, if not trivial, > certainly extremely feasible. > > > >> As for the other solutions that were presented - I was really trying > >> to create a cross-platform, cross-browser solution that would not > >> hinge on one particular technology. Javascript would be great, but > >> what if someone doesn't have JS enabled? OAuth and a read-only API > >> would be close-to-ideal, but they currently don't work with/don't > >> exist on the Wikimedia servers. I am, however, open to other workable > >> solutions that are presented - let me know. > > > > I would suggest you apply for a toolserver account: > > > > https://wiki.toolserver.org/view/Account_approval_process > > > > Once you have a toolserver account, I'd be willing to work with you to > > arrange for some form of direct access to all wikis' watchlist tables > > (I'm a toolserver root). You then wouldn't need to possess any login > > info. > > This looks like a *much* more acceptable system. Although how would you > authenticate without collecting proscribed data...? Let the user prove account ownership by a talk page edit. This was the way Interiot used in his old edit counter... (is this one still active?) Marco -- VMSoft GbR Nabburger Str. 15 81737 München Geschäftsführer: Marco Schuster, Volker Hemmert http://vmsoft-gbr.de _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
