To date internal surveys have run on a non-encrypted LimeSurvey instance hosted on a WMF server. It's ironic that this server has been just taken down because of potential security issues (SQL injection). I'd recommend that we ask researchers to use standard encryption whenever possible (Limesurvey for one does support HTTPS).
Dario
On Sep 28, 2011, at 7:52 AM, Aaron Halfaker wrote:
Usually, I'd expect an encrypted connection between user and server so that the survey data can be protected against a man-in-the-middle attack. However, this particular survey doesn't ask for information that is very personal in nature with the possible exception of age group (e.g. 13-20, 21-30, ..., 51 and above).
-Aaron
On Wed, Sep 28, 2011 at 9:28 AM, Goran Milovanovic goran.s.milovanovic@gmail.com wrote: What is the usual way to do it? Use SSL? What are the previous experience and how did the RCom responded previously to similar requests?
Best, G.
On Wed, Sep 28, 2011 at 4:26 PM, Aaron Halfaker aaron.halfaker@gmail.com wrote:
Hey folks, The researcher running one of the new projects (http://meta.wikimedia.org/wiki/Research:Anonymity_and_conformity_over_the_ne...) wants to have editors take a survey, but not use SSL or any other data encryption technology. What do you think? -Aaron _______________________________________________ RCom-l mailing list RCom-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/rcom-l
--
"Truth is much too complicated to allow anything but approximations." :: John von Neumann
http://www.milovanovicresearch.com
RCom-l mailing list RCom-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/rcom-l
RCom-l mailing list RCom-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/rcom-l