[Foundation-l] Warrantless (government) surveillance of reader activity. Was: Release of squid log data

Gwern Branwen gwern0 at gmail.com
Sun Sep 16 17:07:34 UTC 2007 

On 2007.09.16 07:21:25 +0200, GerardM <gerard.meijssen at gmail.com> scribbled 48 lines:
> Hoi,
> Let us defer all talk about changing the login functionality until we have
> SUL implemented. Let us get SUL soon and first !
> Thanks,
>    GerardM

Why should we defer it? It really doesn't seem like a big deal. There are a couple things to discuss here:

#How much load would all logins going through SSL cause? This should be really easy to do - figure out how much work a single SSL login causes, and multiply. Even that crude ballpark estimate is better than nothing.

#Make logins by default go through SSL. We can break this down into two suggestions:
##Make all admins go through SSL by default. I think this is an *extremely* good idea. However expensive a SSL login might be, a few thousand admins infrequently logging in is hardly going to stress the servers comparable to normal editing or bot edits or spiders. Plus, it'd give just a little more protection for account passwords in all situations, not just for those editing through TOR. It's largely transparent to users, has a chance of doing good, etc. (Now, I'm not saying force admins to go through secure.wikimedia.org, just that surely there must be some configuration option or something for the regular en.wikipedia.org login page? This, like the first suggestion, is best answered by those with technical chops.)
##Make all logins go through SSL by default. Sure, why not. The argument against this would seem to be server load, but we need an answer to the first point before we can productively argue this.

We really need some more information here. Is it hard to change the login? I would assume that because you can already log in via SSL through secure.wikimedia.org, the functionality is there and only needs to be enabled for the frontend (as compared to SUL, a backend enhancement involving vast and far-reaching changes), so to speak, but for all I know the login page is actually some hardwired crufty HTML page that barely works and adding an SSL option, default or not, would be a heroic undertaking comparable to that of SUL.

Any of the developers want to comment?

--
gwern
Stallman guest jihad SL-1 VHF DF DSS Juiliett 2.6.2. Kwajalein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.wikimedia.org/pipermail/foundation-l/attachments/20070916/1b74d5ee/attachment.pgp

More information about the foundation-l mailing list