Bryan Davis schreef op 2014/10/02 8:46:
On Wed, Oct 1, 2014 at 11:27 PM, Kevin Wayne Williams kwwilliams@kwwilliams.com wrote:
Focusing on what signature we can obtain from (or plant on) the device and how to make that signature available to and manageable by admins is the key.
I used to do this for a living in the name of "credit card fraud prevention". Not only is it a difficult problem, but it is also evil.
[snip]
In a space where we are actually arguing that there is a potential of loss of life for exposed actors, I don't think that it is reasonable at all to discuss ways to increase the risk of exposure by creating and publishing (oh yeah, we are open source and open config for most things here) a recipe for tracking users in a durable fashion based on device fingerprints and other sticky token techniques.
Anybody that risks death by editing Wikipedia is an idiot: no privacy system is secure enough and no information is important enough to make that a reasonable decision. Treating editing Wikipedia as some noble effort that we must protect by at the cost of increasing the vulnerability of the website is unreasonable.
There's no sacred right to privacy involved in editing the kind of material found on Wikipedia. Recognizing that it is nothing more but a repository of pop culture would allow us to prioritize protecting the site over the imaginary right to privately edit articles about Disney starlets.
KWW