List Archive (Was: Re: p2p, anonymity and security)

[Derek Martin]

On Fri, Mar 12, 2004 at 03:29:20PM -0500, Travis Roy wrote:
> 
> >Derek's assertion is that there needs to be mechanism behind one's
> >ability to protect privacy. In Derek's mind Travis' actions prove this.

Now, as in the past...

> >In my mind, the mechanism doesn't exist yet - and probably won't because
> >our society has rendered the spam problem as a "policy fix". 
> 
> The only way for this to work is that in every email ever sent to 
> anybody EVER, it would scan the email. Say it sees Derek's email 
> address, it would then send a copy to him asking him if it was okay for 
> his email address to be posted. The problem with that is, how would 
> Derek know who it was going to, since that person would also want their 
> privacy.

I'm not really sure how we get here from my original interest in
spam-proof archives...  There's a world of difference.  I'm willing to
give up SOME privacy in order to take advantage of using the Internet.
But you'll never convince me that e-mail addresses by necessity must
be available to the whole world, in order to use public forums.

> I understand his concerns, I understand what he's saying. I have a few 
> points.
> 
> 1 - He's been "loose" with his email address before, you can see that 
> with some simple searches, it's already EVERYWHERE. Does this mean he 
> can't enforce strict guidelines now? Of course not, but if somebody 
> makes a reference to an existing instance of his email I don't see how 
> that is "wrong" or "bad"

You use "loose" and "EVERYWHERE" in interesting ways...  A normal
google search reveals exactly 7 instances of my e-mail address
on-line.  You can expand the search and get a cornucopia of results,
true...   But if you bother to look at them, you'll see they're all
the same.  You'll also notice that all but one of them were cases whre
someone decided to attribute my e-mail address, or re-post something I
wrote, without my permission.  The last was where I had made a mistake
composing a message, and the wrong .sig file was appended to the
message.  If one mistake in three years constitutes loose, then I guess
you got me.

And I don't get a lot of spam, despite the fact I don't run spam
assassin or any other sort of spam filtering package.  But even one
message is too many...

> 2 - He expects people that he does not know, never met, probably never 
> talked to, and don't even know are subscribed to this list to respect 
> his wishes. 

Basically, yes.  Silly me for believing in the decency of people on
this list...

> room with a bunch of strangers you're not going to go to every one and 
> had them a card with your SSN on it, and if you did how could you even 
> start to think that they would respect any terms that you think apply 
> but you never actually told anybody about.

I don't (any longer) give out my SSN to anyone who doesn't need it for
tax reporting purposes.

> 3 - Without signing a legal document he really can't do anything about 
> anybody doing anything with any information on this list. 

Short of complaining publicly, you're right.  You're still missing the
point.  It's a risk, but it's MY risk, and I accept it, UNLIKE the
risk of having my e-mail address posted in a public web archive.  At
some point in the future, my domains will expire, and I will allow
them to.  At that time I'll have a new e-mail address.  When that
happens, I will be extra dilligent to keep it from appearing anywhere
on the net.

As for your comment about not being upset about you posting my bogus
info:  You thought it was real.  It doesn't bother me that it was
posted.  It bothers me that you posted it, knowing full well I don't
want it posted.

For the record, in general I don't want to be contacted by anyone I
haven't given my e-mail address to, either directly or by way of being
subscribed to the same mailing list.  I find those risks acceptable.
I include my URL and GPG key in my .sig because under some
circumstances, I do want actual humans to be able to track me down, if
they need to.  These also, I consider acceptable risks.  Others I do
not, most notably non-obfuscated web archives.  

I believe that in order to protect members, all mailing list archives
should be completely sanitized of e-mail addresses.  Philisophically,
I believe this to be for the "greater good" -- whatever that means.
Those who do not want their e-mail address posted are irreparably
harmed if it is posted; the amount they are harmed is subjective.
Those who don't care can easily make their e-mail address available
somewhere else, so no harm is done to them if they are sanitized.
Travis demonstrated how easy it is to use google, or any other search
engine, to get someone's e-mail address if it's on the web
somewhere...  

Ben likened signing up to the list to a gate as an access control.
It's a poor analogy, because gates on public facilities are put in
place more to control WHEN people use the facility, than WHO.  The
list sign-up mechanism, on the other hand, does control WHO can post.
I never actually claimed that this list was private, nor that it
should be.  However the presence of this access control certainly
makes the list less public than one that doesn't have it.  Ben
admitted that it is in place to keep the spammers out.  But spammers
are members of the public.  And yet this access control is in place to
prevent them from accessing the list.  Logically then, this list isn't
really for the public to post to.  Just *most* of the public.  Even
spammers can use public toilets...  ;-)

Lastly, it is not my e-mail address appearing on this list that "has
me so concerned..."  It's that so many intelligent people don't seem
to get the idea that keeping your e-mail address in spammable form off
the web is important for preventing spam.  Or that they've resigned
themselves to the idea it's impossible, which it isn't.  I've been
doing it pretty effectively for over 2 years.

-- 
Derek D. Martin    http://www.pizzashack.org/   GPG Key ID: 0xDFBEAD02
-=-=-=-=-
Despite the ever-increasing complexities of human society and the advancement
of science and technology, the most perplexing problems that face most people
remain what to eat for lunch today, and who to sleep with tonight.
-=-=-=-=-
This message is posted from an invalid address.  Replying to it will result in
undeliverable mail.  Sorry for the inconvenience.  Thank the spammers.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mail.gnhlug.org/mailman/private/gnhlug-discuss/attachments/20040312/be738bc4/attachment.bin