Brian Raiter wrote:
Oh and the emails sent to the SDL mainling list are only recieved by
people subscribed to the list, while the SDL wiki is accessible to
anyone who has internet access. That’s quite a difference.http://twomix.devolution.com/pipermail/sdl/2004-August/063892.html
dig wanadoo.frI don’t think the difference is significant.
Nope, wanadoo is my ISP.
Stephane
Bob Pendleton wrote:
Here are some reasons :
- maybe you don’t want other people to know what your ip(s) are since it
reveals (for example) where you work, where you study, where you are…First off, as far as I can tell the IPs are not stored anywhere that is
visible to the public. Your host name is stored in the recent changes
page. Many ISPs include your IP in the host name so it winds up in the
wiki through no fault of the wiki. Complain to your ISP.
Well, the hostname resolves to an IP anyway so that’s almost the same.
The “host” command does this.
- maybe you don’t want your boss to know you edit the SDL wiki from work
There are so many problems with that… In every job I have ever had
doing programming or anything technical everything I did using the
companies equipment belonged to the company. So, if you work under a
similar contract you are using your companies equipment to to edit the
wiki then everything you add from your companies computers belongs to
the company and we have no right to display it on the wiki. We can be
sued for even having it on the wiki and/or forced to remove everything
you did. If we actually helped you cover your tracks we are placing
ourselves on very thin legal ice. I know that sounds absolutely absurd,
but if I now change the setting so that the host name is not shown,
could a lawyer claim that I am helping you defraud your employer? I bet
they could. Could they make it stick? I don’t know and I don’t have the
$100,000 it would take to defend a suit like that.I understand how this helps you. But, it creates a potential legal
problem for us. Please, helping you defraud your employer is not a
reason to change the setting.We could lose the rights to the documentation.
That’s not a problem I personnaly have.
OTOH, with people going crazy about lawsuits, I could sue you because my
IP showed up in the SDL wiki and someone subsequently hacked me. Heh 
- maybe your machine has a nice security hole you haven’t noticed yet
(or maybe the hole is unpublished). People looking for machines to hack
sometimes get addresses from such places.Considering how easy it is to get IP addresses I can’t really buy this
one. Sorry.
Depends. Maybe someone who wants to hack Bob’s machine (you are the
example here, since I can’t see why someone would want to hack my machine
[…]
Oh and the emails sent to the SDL mainling list are only recieved by
people subscribed to the list, while the SDL wiki is accessible to
anyone who has internet access. That’s quite a difference.Hey, posting this message places your email address on a web site where
anyone can see it. What is the difference?
I don’t care about my message being put online since in this form it
doesn’t show where it comes from.
My spam filter rejects 500
emails a day, but I haven’t (to the best of my knowledge) been hacked or
had a virus since I 1) got a hardware fire wall 2) moved to Linux 3) got
religious about security updates.
Well, I now how tu run a server, that’s exactly why I am paranoid. With
security there is no panacea.
I’ve never had any security problem, btw, so being paranoid pays off, in
the end.
Stephane
Donny Viszneki wrote:
I understand what the circumstances are. Hey guess what, my IP address
is 136.142.21.65, oh no my privacy has been violated somehow. Or worse,
someone will hack my Windows box, wait, I’m not running Winblows.
If you choose in full conciousness to publicly show your IP address to
other people, fine, that’s your choice. If you show the IPs of other
people without them knowing prior to their posting this is not okay.
Seriously people, there is no shortage of IP addresses out there.
Seriously, Donny, there is a shortage of IP addresses out there. Have
a look at IPv6. Jeez.
If
you’re looking to hack someone’s machine or do ANY other malicious
activity against a random computer, there are thousands of times greater
methods for finding future victims’ ip addresses.
That’s not what its (primarily) about. It’s about making information
about some poeple publicly available which they might not want to be
publicly available.
I think the sdl doc wiki should adopt this friendly edict: if you object
to having your IP address shown to the public, I object to you
contributing to the sdl doc wiki.
Awesome! Man, you are so very tolerant and understanding…
Greetings,
Joe
That’s not what its (primarily) about. It’s about making
information about some poeple publicly available which they
might not want to be publicly available.
Then don’t contribute to the wiki if your concerned about it. Geez… can
this thread die already?
Tom> -----Original Message-----
From: sdl-bounces+tom=sickheadgames.com at libsdl.org
[mailto:sdl-bounces+tom=sickheadgames.com at libsdl.org] On
Behalf Of Johannes Bauer
Sent: Tuesday, August 10, 2004 4:44 AM
To: A list for developers using the SDL library. (includes
SDL-announce)
Subject: Re: [SDL] Wiki etiquetteDonny Viszneki wrote:
I understand what the circumstances are. Hey guess what, my
IP address
is 136.142.21.65, oh no my privacy has been violated somehow. Or
worse, someone will hack my Windows box, wait, I’m not
running Winblows.If you choose in full conciousness to publicly show your IP
address to other people, fine, that’s your choice. If you
show the IPs of other people without them knowing prior to
their posting this is not okay.Seriously people, there is no shortage of IP addresses out there.
Seriously, Donny, there is a shortage of IP addresses out
there. Have a look at IPv6. Jeez.If
you’re looking to hack someone’s machine or do ANY other malicious
activity against a random computer, there are thousands of times
greater methods for finding future victims’ ip addresses.That’s not what its (primarily) about. It’s about making
information about some poeple publicly available which they
might not want to be publicly available.I think the sdl doc wiki should adopt this friendly edict: if you
object to having your IP address shown to the public, I
object to you
contributing to the sdl doc wiki.Awesome! Man, you are so very tolerant and understanding…
Greetings,
Joe
SDL mailing list
SDL at libsdl.org
http://www.libsdl.org/mailman/listinfo/sdl
Hi,
I have been following this discussion for the past few days. And I have
decided that i’m not personally going to contribute to the wiki pages.
This is mostly due to the fact that my IP would be shown, without my
authorisation. I have a static IP.
I can’t really see the point of showing any of the IP’s when the
large majority of dial-up or broadband users will have a dynamic
addresses. This fact alone makes it totally pointless showing an
IP. Only people with static IP’s will be ‘hurt’ by this.
Why can’t you just make it so that people who don’t wish to show their
IP can opt-out by checking a check box or something.
This is obviously a big issue with people otherwise the discussion would
not be taking place. So perhaps we should try to accomodate everyone.
Hi,
I have been following this discussion for the past few days. And I have
decided that i’m not personally going to contribute to the wiki pages.
This is mostly due to the fact that my IP would be shown, without my
authorisation. I have a static IP.
As I said before, IPs are not shown. I also have a static IP, and it
doesn’t bother me at all that my host name is shown. I really don’t get
this at all. I haven’t seen a single posting that gives an reason why
the wiki shouldn’t have host names in the text of the web page.
I can’t really see the point of showing any of the IP’s when the
large majority of dial-up or broadband users will have a dynamic
addresses. This fact alone makes it totally pointless showing an
IP. Only people with static IP’s will be ‘hurt’ by this.
This is a good point. Very few people are even potential hurt by this.
Why can’t you just make it so that people who don’t wish to show their
IP can opt-out by checking a check box or something.
The reason is that I just down loaded and installed moinmoin, I didn’t
write it. Changing it to do what you want would require a lot more time
than I am willing to put in. Why don’t you write it, submit it to
moinmoin and when it gets in I’ll install the new version?
This is obviously a big issue with people otherwise the discussion would
not be taking place. So perhaps we should try to accomodate everyone.
My bet is that it is a big issue to a very small number of people and
the vast majority of the people on the list only care because they keep
getting emails on this topic.On Tue, 2004-08-10 at 11:22, Tom Wilson wrote:
- Tom
SDL mailing list
SDL at libsdl.org
http://www.libsdl.org/mailman/listinfo/sdl
–
±-------------------------------------+
Tom Spilman wrote:
That’s not what its (primarily) about. It’s about making
information about some poeple publicly available which they
might not want to be publicly available.Then don’t contribute to the wiki if your concerned about it. Geez… can
this thread die already?Tom
I’m also surprised that this thread keeps coming up on so many different
lists, and that so many people still don’t get it, but “Then don’t
contribute” is not an acceptable answer. There is a very simple reason
for not allowing the wiki to show authors’ IPs to all visitors: a) IPs
are identifying information, and b) showing them is not necessary for
the wiki to operate as intended. Those 2 things together say that there
is no justification for showing IPs to non-admins, and common sense says
that if there’s an easy way to stop doing it, it’s the right thing to
do. If the wiki can’t be configured that way, we’ll all just consider
it a minor weakness in the system and take whatever care we feel we
need. But because it’s just a minor weakness is no justification for
not fixing it.
If this wiki was intended to have a requirement that you can’t
contribute unless you identify your location, or if the design intended
for all users to know the locations of all other users, then it would
make perfect sense to leave IPs visible. But just because someone
doesn’t understand or care about the privacy issues that are present
is no reason they shouldn’t be fixed wherever possible for those who do
care.
For clarity, the issue isn’t that people can see your IP address. It’s
that people don’t need to. Your IP has nothing to do with the content
you contribute to the documentation as far as non-admins are concerned,
so it shouldn’t be tied to it. It’s just good design. A lot of people
who are concerned with their privacy understand the importance of
keeping separate information about themselves separate. It’s not about
hiding individual pieces of information. No single piece of information
about someone is worth all that much; it’s the combinations of collected
data that makes it easier to invade people’s privacy. If some people
want to practice good personal security, and it’s not terribly
inconvenient for the site admins, let them. And don’t tell them they
can’t contribute just because you don’t yet understand the principles
behind what they want.
Ryan>
-----Original Message-----
From: sdl-bounces+tom=sickheadgames.com at libsdl.org
[mailto:sdl-bounces+tom=sickheadgames.com at libsdl.org] On
Behalf Of Johannes Bauer
Sent: Tuesday, August 10, 2004 4:44 AM
To: A list for developers using the SDL library. (includes
SDL-announce)
Subject: Re: [SDL] Wiki etiquetteDonny Viszneki wrote:
I understand what the circumstances are. Hey guess what, my
IP address
is 136.142.21.65, oh no my privacy has been violated somehow. Or
worse, someone will hack my Windows box, wait, I’m notrunning Winblows.
If you choose in full conciousness to publicly show your IP
address to other people, fine, that’s your choice. If you
show the IPs of other people without them knowing prior to
their posting this is not okay.Seriously people, there is no shortage of IP addresses out there.
Seriously, Donny, there is a shortage of IP addresses out
there. Have a look at IPv6. Jeez.If
you’re looking to hack someone’s machine or do ANY other malicious
activity against a random computer, there are thousands of times
greater methods for finding future victims’ ip addresses.That’s not what its (primarily) about. It’s about making
information about some poeple publicly available which they
might not want to be publicly available.I think the sdl doc wiki should adopt this friendly edict: if you
object to having your IP address shown to the public, Iobject to you
contributing to the sdl doc wiki.
Awesome! Man, you are so very tolerant and understanding…
Greetings,
Joe
SDL mailing list
SDL at libsdl.org
http://www.libsdl.org/mailman/listinfo/sdl
SDL mailing list
SDL at libsdl.org
http://www.libsdl.org/mailman/listinfo/sdl
And don’t tell them they can’t contribute just because you don’t
yet understand the principles behind what they want.
I never said can’t and I very much understand why they’re concerned. I
don’t agree that any effort to modify the MoinMoin wiki engine should be
taken when there are easy solutions like 1) not contributing or 2) set your
username before contributing. I don’t seem to remember any wiki engine that
doesn’t show IPs and/or hostnames for unregistered users, so I take that as
meaning it isn’t a top priority to wiki developers.
I suggest as Bob has to talk to the MoinMoin developers and get a feature
request in.
Bob: What about just disabling anonymous users in the wiki (I assume
MoinMoin can do that)? That way you must register to contribute and no IPs
are shown.
Tom> -----Original Message-----
From: sdl-bounces+tom=sickheadgames.com at libsdl.org
[mailto:sdl-bounces+tom=sickheadgames.com at libsdl.org] On
Behalf Of Ryan Hanlon
Sent: Tuesday, August 10, 2004 11:57 AM
To: sdl at libsdl.org
Subject: Re: [SDL] Wiki etiquetteTom Spilman wrote:
That’s not what its (primarily) about. It’s about making
informationabout some poeple publicly available which they might not
want to bepublicly available.
Then don’t contribute to the wiki if your concerned about
it. Geez…
can this thread die already?Tom
I’m also surprised that this thread keeps coming up on so
many different lists, and that so many people still don’t get
it, but “Then don’t contribute” is not an acceptable answer.
There is a very simple reason for not allowing the wiki to
show authors’ IPs to all visitors: a) IPs are identifying
information, and b) showing them is not necessary for the
wiki to operate as intended. Those 2 things together say
that there is no justification for showing IPs to non-admins,
and common sense says that if there’s an easy way to stop
doing it, it’s the right thing to do. If the wiki can’t be
configured that way, we’ll all just consider it a minor
weakness in the system and take whatever care we feel we
need. But because it’s just a minor weakness is no
justification for not fixing it.If this wiki was intended to have a requirement that you
can’t contribute unless you identify your location, or if the
design intended for all users to know the locations of all
other users, then it would make perfect sense to leave IPs
visible. But just because someone doesn’t understand or care
about the privacy issues that are present is no reason they
shouldn’t be fixed wherever possible for those who do care.For clarity, the issue isn’t that people can see your IP
address. It’s that people don’t need to. Your IP has
nothing to do with the content you contribute to the
documentation as far as non-admins are concerned, so it
shouldn’t be tied to it. It’s just good design. A lot of
people who are concerned with their privacy understand the
importance of keeping separate information about themselves
separate. It’s not about hiding individual pieces of
information. No single piece of information about someone is
worth all that much; it’s the combinations of collected data
that makes it easier to invade people’s privacy. If some
people want to practice good personal security, and it’s not
terribly inconvenient for the site admins, let them. And
don’t tell them they can’t contribute just because you don’t
yet understand the principles behind what they want.Ryan
-----Original Message-----
From: sdl-bounces+tom=sickheadgames.com at libsdl.org
[mailto:sdl-bounces+tom=sickheadgames.com at libsdl.org] On Behalf Of
Johannes Bauer
Sent: Tuesday, August 10, 2004 4:44 AM
To: A list for developers using the SDL library. (includes
SDL-announce)
Subject: Re: [SDL] Wiki etiquetteDonny Viszneki wrote:
I understand what the circumstances are. Hey guess what, my
IP address
is 136.142.21.65, oh no my privacy has been violated somehow. Or
worse, someone will hack my Windows box, wait, I’m notrunning Winblows.
If you choose in full conciousness to publicly show your IP
address toother people, fine, that’s your choice. If you show the IPs
of otherpeople without them knowing prior to their posting this is not okay.
Seriously people, there is no shortage of IP addresses out there.
Seriously, Donny, there is a shortage of IP addresses out there.
Have a look at IPv6. Jeez.If
you’re looking to hack someone’s machine or do ANY other malicious
activity against a random computer, there are thousands of times
greater methods for finding future victims’ ip addresses.That’s not what its (primarily) about. It’s about making
informationabout some poeple publicly available which they might not
want to bepublicly available.
I think the sdl doc wiki should adopt this friendly edict: if you
object to having your IP address shown to the public, Iobject to you
contributing to the sdl doc wiki.
Awesome! Man, you are so very tolerant and understanding…
Greetings,
Joe
SDL mailing list
SDL at libsdl.org
http://www.libsdl.org/mailman/listinfo/sdl
SDL mailing list
SDL at libsdl.org
http://www.libsdl.org/mailman/listinfo/sdl
SDL mailing list
SDL at libsdl.org
http://www.libsdl.org/mailman/listinfo/sdl
And don’t tell them they can’t contribute just because you don’t
yet understand the principles behind what they want.I never said can’t and I very much understand why they’re concerned. I
don’t agree that any effort to modify the MoinMoin wiki engine should be
taken when there are easy solutions like 1) not contributing or 2) set your
username before contributing. I don’t seem to remember any wiki engine that
doesn’t show IPs and/or hostnames for unregistered users, so I take that as
meaning it isn’t a top priority to wiki developers.I suggest as Bob has to talk to the MoinMoin developers and get a feature
request in.Bob: What about just disabling anonymous users in the wiki (I assume
MoinMoin can do that)? That way you must register to contribute and no IPs
are shown.
Yeah…
Anyone see the move “office Space”? I’m starting to feel a lot like a
character in that movie. Not sure which one… Yeah…
Oh well.
I looked into this at a pretty good level of detail. If you are a
registered user it does not show your host name on the RecentChanges
page, but it does include it in the text of the page. So, it is still
there, just not visible. I’m sure the objections to having it there, but
hidden, would be just as loud as they are now.
A long time ago, oh nearly a month, we had a discussion about requiring
people to register to post on the wiki. The reaction was as loud and
negative as it was to this. We sort of agreed that registration would be
oK, but after running a wiki on my own site I came to see that
registration really isn’t needed. So, when I configured this wiki I
decided to allow people to post without registering. So far it has
worked well.
When I tell MoinMoin to not show host names on the RecentChanges page it
shows no identifying information at all. I for one, want my
contributions to the wiki to be visible for at least a little while.
Without the info on the RecentChanges pages the people doing the work
get no credit at all.
I suspect this a “Little Red Hen” situation. There are only a half dozen
people doing any work at all on the wiki. Of those, 3 people have done
most of the work and 1 person has done more than all the others put
together. I think it is time for the little red hens to completely
ignore the loud mouthed do nothings and get on with building the wiki.
In the time I’ve wasted on this I could have converted a dozen pages of
documentation.
Bob PendletonOn Tue, 2004-08-10 at 12:23, Tom Spilman wrote:
Tom
–
±-------------------------------------+
Donny Viszneki wrote:
I understand what the circumstances are. Hey guess what, my IP
address is 136.142.21.65, oh no my privacy has been violated somehow.
Or worse, someone will hack my Windows box, wait, I’m not running
Winblows.If you choose in full conciousness to publicly show your IP address to
other people, fine, that’s your choice. If you show the IPs of other
people without them knowing prior to their posting this is not okay.
I’m not commenting on your comment, but rather on the un-commented-on
portion of my previous comment. I just wanted to apologize for saying
something completely irrelevant about Windows being bad.
Seriously people, there is no shortage of IP addresses out there.
Seriously, Donny, there is a shortage of IP addresses out there.
Have a look at IPv6. Jeez.If you’re looking to hack someone’s machine or do ANY other malicious
activity against a random computer, there are thousands of times
greater methods for finding future victims’ ip addresses.That’s not what its (primarily) about. It’s about making information
about some poeple publicly available which they might not want to be
publicly available.
You misinterpreted these two statements as being separate in nature. I
was not in fact saying that the Internet isn’t running out of IPv4
addresses, I was saying that there is no shortage to lesser hackers
(script kiddies) of target IP addresses for their “hacking” escapades.
I have not contributed to this thread, though I have been following it
with some interest, and would like to simply sum up what happened, and
things as I understand them. Assuming all is correct, it seems this
thread is officially closed, yes?
So someone saw an IP address on the recent changes page and/or the
bottom of a page they or someone else edited. Seeing objection coming
from others, several of us then proceeded to continue on a
conversational path wrought with misunderstandings and mild insult. In
the end, we discovered that the IPs shown are not one’s own IP address,
but rather the host’s IP address, thus rendering the privacy argument
relatively void (I could still see an argument against); especially in
light of the lack of controls to remove the display of a person’s host
IP address, we have decided that it is not as serious as previously
thought, and thus not worth the effort of overhauling anything.
No feelings remain hurt, nor prides permanently damaged, I hope. I have
been a member of this list for a long time, and you’re all very
intelligent people; I hope we can walk away unscathed?
Cheers (while I go learn how to wiki for myself so I can stop being a
red-hen, as it were… ^_^),
–Scott
Also, we determined that the internet world is running a tad short on
IPv4 addresses, and thus the invention of IPv6 is becoming more and more
requisite, though that fact by itself has little to do with our little
wiki, and was pointed out by mistake. Good to know!