On 8/2/02 8:15 AM, "Bernie Cosell" <bernie@fantasyfarm.com> wrote:
> I think we are in roaring agreement on this matter. That's why I tried
> to be careful to put *PUBLIC* whenever I mentioned relaying or archives.
Or as some of my bosses like to say, we're in violent agreement (again)
> If you're running a *restricted* archive,
Unfortunately, I don't know how you can do anything else any more. Which
creates another conflict, because that archive is a useful resource, so I
feel it needs to be made as available as you can, but at the same time, the
email addresses in it are a personal identifier that requires protection.
From the POV of a mailing list, I think having the archives spidered by
google and company are a very good thing -- branding and marketing stuff.
Good content attracts good people. But that's where harvesting starts, too.
So...
> So I guess I hear the message, but I'd have expressed it differently: in
> this day and age, you can no longer have really 'public' lists, as we did
> back in the dark ages,
Times have changed, and until we hunt down and kneecap all the script
kiddies...
Sigh. But yes, that's basically true. In Ray Bradbury's books, nobody locked
a front door. Now, nobody talks to their neighbors.
> impose various restrictions on how both the listmembers and the public
> can use and access both the list and the archives, and part of *that* is
> not allowing listmembers to evade the restrictions [whatever they happen
> to be for YOUR list] by taking local actions.
You have to do one of a few things:
Not care and/or not try. And in some cases, that might be appropriate or
acceptable. That's just Not Me.
Restrict usage. But this creates other conflicts. And frankly, I've grown
increasingly uncomfortable with the concept of the mailing list as armed
refugee camp. I LIKE talking to my neighbors. But to date, it's been what we
had available.
Do Something Else. What we're bandying around at work is to basically "fix
the archives", only in this case, we're sort of using fix in the "friendly
veterinarian way". Rather than restrict usage of the archives, restrict what
comes out of it, by dynamically cloaking the sensitive content as it leaves
the system. Then, the only restriction we need to make is "you can't
subscribe to the list and create your own PUBLIC archive". Which still
doesn't solve gmane's "problem". So we're actually talking about whether it
makes sense to create a "pre cloaked" feed of the lists, so anyone who wants
to make an archive can subscribe to THAT archive, knowing it's "safe" as we
define safe. In other words, if you use that feed, we're saying you'll never
get in trouble with us, because we took responsibility for cleaning it up
before it left the site.
And that, I think, is where this needs to move. Back to technology, instead
of permissions. And that means making sure that the data that leaves your
site is in a form you can lose control over without getting stressed over
it.
Barry, JC and some others have been doing some noodling at integrating TMDA
(an address obscuring and whitelisting tool) into Mailman. The idea being
that even addresses coming from the server are obscured (except for russ')
and replies to a user go through the list server and the whitelist. That
basically puts the server in charge of ALL interactions between list users,
although users can choose to drop out of the system, obviously. But it means
that you no longer have to try to control content after it leaves the
server. It's safe.
That has it's own challenges, but at least it opens up lists into more of a
"welcome, boys!" place again, instead of the increasingly paranoid, closed
circles I think we're being forced into....
> So I see that I need a perception adjustment... I'm still stuck in the
> past on some of these policy matters and haven't fully internalized the
> realities and necessities of the way things are now.
As we all are. Most of this is stuff that had no real visibility two years
ago. Or even a year ago. It wasn't too long ago folks thought I was crazy
for password protecting email archives (some probably still think so...)
But, you know? I remember when we thought nothing of putting home addresses
and phone numbers in messages. I remember a time when I would post "party at
my place" messages to net.general, and we'd get together and party. Can you
imagine the riot that'd happen now?
It's just more of the exploration into how to be available and in contact,
but still be able to manage your privacy. I expect we'll be working that
issue for years to come. It's funny, though, how a little privacy well
placed makes it a lot easier to be public and accessible. Seems
counter-intuitive, but it looks to be true.
--
Chuq Von Rospach, Architech
chuqui@plaidworks.com -- http://www.chuqui.com/
Someday, we'll look back on this, laugh
nervously and change the subject.
Follow-Ups:
References:
|
|
