|
Home > Archive > Debian Developers > June 2006 > sending debian-private postings to gmail
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
sending debian-private postings to gmail
|
|
| Ian Jackson 2006-05-24, 7:17 pm |
| I'm one of the small minority of people who have a very negative
opinion about gmail. I realise I'm a bit of a kook on this subject
and I'd ideally I'd like to avoid having an enormous flamewar about
it.
However, it has come to my attention that at least one developer
appears to be reading debian-private at their gmail account.
I think that this is a violation of the privacy rules surrounding the
debian-private list. Google should not get a copy of debian-private,
even if the only current output is aggregate keyword hit reports
(ie ad presentation rate data).
Note that this applies to _any_ email provider with similar privacy
and processing concerns. I have no idea whether other webmail
providers' privacy practices are (nowadays) as bad from my personal
point of view, or as conflicting with the debian-private policy, as
Gmail's.
But it seems clear that Gmail's processing isn't compatible with
debian-private.
A Debian developer should cause debian-private to be processed only as
is necessary for providing developers with good and convenient access
to the mailing list. They should not cause debian-private to be
distributed to computers whose owners and operators cannot be expected
to refrain from processing the content in other ways.
Ian.
--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
| |
| Kevin B. McCarty 2006-05-24, 7:17 pm |
| Ian Jackson wrote:
[snip]
> But it seems clear that Gmail's processing isn't compatible with
> debian-private.
>
> A Debian developer should cause debian-private to be processed only as
> is necessary for providing developers with good and convenient access
> to the mailing list. They should not cause debian-private to be
> distributed to computers whose owners and operators cannot be expected
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^
> to refrain from processing the content in other ways.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^
I'm not one of the people you are accusing, but I have to comment. The
phrase I underline above applies to *any* computer that is not under
direct control of the Debian developer. If you are sufficiently
paranoid, you could argue that any ISP might be subpoenaed at any time
for the contents of someone's mailbox, some rogue admin of the ISP might
decide to read customers' email, or even that someone might be sniffing
SMTP traffic on the net.
Taken to extremes, this implies that (1) DD's should only receive mail
sent to boxes under their own control and (2) all mail passing through
debian-private should, for each subscriber to the list, be encrypted
individually to the public key on file for her/him.
Come to think of it, (2) isn't a bad idea. Is it feasible for this to
be done transparently? Mailing list admins, any comments?
regards,
--
Kevin B. McCarty <kmccarty@princeton.edu> Physics Department
WWW: http://www.princeton.edu/~kmccarty/ Princeton University
GPG: public key ID 4F83C751 Princeton, NJ 08544
--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
| |
| Henning Makholm 2006-05-25, 1:24 am |
| Scripsit "Kevin B. McCarty" <kmccarty@Princeton.EDU>
> Taken to extremes, this implies that (1) DD's should only receive mail
> sent to boxes under their own control and (2) all mail passing through
> debian-private should, for each subscriber to the list, be encrypted
> individually to the public key on file for her/him.
> Come to think of it, (2) isn't a bad idea. Is it feasible for this to
> be done transparently?
It may or may not be feasible to do it transparently on the list
software side, but it certainly isn't feasible to do it on the reader
side. I for one certainly am not going to make a daily effort to move
mail from the internet-connected box to the one that knows my secret
key, and type in my 100+ character passphrase several times in order
just to get to know that ${INSERT_RANDOM_DD} will be on vacation.
Better to drop -private completely then, and what does that gain
anybody?
--
Henning Makholm "I Guds Faders namn, och Sonens, och den Helige
Andes! Bevara oss från djävulens verk och från Muhammeds,
den förbannades, illfundigheter! Med dig är det värre än med
någon annan, ty att lyssna till Muhammed är det värsta av allt."
--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
| |
| Joey Hess 2006-05-25, 1:24 am |
| Kevin B. McCarty wrote:
> Taken to extremes, this implies that (1) DD's should only receive mail
> sent to boxes under their own control and (2) all mail passing through
> debian-private should, for each subscriber to the list, be encrypted
> individually to the public key on file for her/him.
>
> Come to think of it, (2) isn't a bad idea. Is it feasible for this to
> be done transparently? Mailing list admins, any comments?
I think that Nick Moffitt ran a mailing list with mailman for a while
that operated like this. Should be even easier for -private since we
have all potential subscribers' gpg keys on file already.
It would, however, probably be difficult to read such a mailing list in
gmail. ;-)
--
see shy jo
| |
| Domenico Andreoli 2006-05-25, 7:18 am |
| On 5/24/06, Ian Jackson <ian@davenant.greenend.org.uk> wrote:
>
> However, it has come to my attention that at least one developer
> appears to be reading debian-private at their gmail account.
doh! i have been caught 
it's nice to have your personal gobal & searchable mailing list
archive, where you can really find anything you have ever received.
sorry, i already switched to a safer address, sob..
ciao
dom
-----[ Domenico Andreoli, aka cavok
--[ http://people.debian.org/~cavok/gpgkey.asc
---[ 3A0F 2F80 F79C 678A 8936 4FEE 0677 9033 A20E BC50
| |
| Lionel Elie Mamane 2006-05-29, 5:35 pm |
| On Wed, May 24, 2006 at 04:09:07PM -0400, Kevin B. McCarty wrote:
> (2) all mail passing through debian-private should, for each
> subscriber to the list, be encrypted individually to the public key
> on file for her/him.
> Come to think of it, (2) isn't a bad idea. Is it feasible for this
> to be done transparently? Mailing list admins, any comments?
There is a barely maintained patch for Mailman to implement
this. Whether we want to suffer all the pain of using Mailman only in
exchange for this is another matter completely.
--
Lionel
--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
| |
| Ron Johnson 2006-05-29, 5:35 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ian Jackson wrote:
> Kevin B. McCarty writes ("Re: sending debian-private postings to gmail"):
[snip][vbcol=seagreen]
>
> However, it is _not_ silly to observe that Google are counting up how
> many times certain keywords appear and providing reports to their
> advertisers. We don't know exactly what those reports look like but
> it might be quite easy to find out what topics are being discussed on
> debian-private.
>
> It's clear that Google think they have the legal right (given to them
> by the developer-user) to facilitate that and it's also clear that
> they have no particular reason to spend effort thinking about how to
> make it difficult for their advertiser customers to do that kind of
> thing.
ROT13? Such "encryption" would not hinder the NSA, but would bollox
Google's keyword counting.
Do any modern GUI MUAs do ROT13 anymore?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFEdh/ eS9HxQb37XmcRAsddAJ9S4dFCU1ljj5lEXQlQMGp
QPVgxGgCgwv2/
ggHhMVQOSZ8ZVn7EvGk3Y00=
=uW7C
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
| |
| Agustin Martin 2006-05-29, 5:35 pm |
| On Thu, May 25, 2006 at 02:13:38AM +0200, Henning Makholm wrote:
> Scripsit "Kevin B. McCarty" <kmccarty@Princeton.EDU>
>
>
>
> It may or may not be feasible to do it transparently on the list
> software side, but it certainly isn't feasible to do it on the reader
> side. I for one certainly am not going to make a daily effort to move
> mail from the internet-connected box to the one that knows my secret
> key, and type in my 100+ character passphrase several times in order
> just to get to know that ${INSERT_RANDOM_DD} will be on vacation.
> Better to drop -private completely then, and what does that gain
> anybody?
If we are to be paranoid, another possibility is that a POP server
is made available in a Debian controlled box just for debian-private
use by DD, so debian-private mail is sent there, and nowhere else, and
retrieved from there by DD. Some security adjustments might be needed.
--
Agustin
--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
| |
| Anthony DeRobertis 2006-05-30, 1:21 am |
| Kevin B. McCarty wrote:
>
> Come to think of it, [pgp encrypting each message] isn't a bad idea. Is it feasible for this to
> be done transparently? Mailing list admins, any comments?
I suspect that the end result of this would be more people keeping their
GPG keys unencrypted on Internet-accessible machines.
--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
| |
| Martin Schulze 2006-06-26, 7:22 pm |
| Xref: number1.nntp.dca.giganews.com linux.debian.devel:192119
Domenico Andreoli wrote:
> it's nice to have your personal gobal & searchable mailing list
> archive, where you can really find anything you have ever received.
Even though it is nice, it's also problematic to scatter around
private and hence sensitive (at least temporarily sensitive)
information on a system that uses this as content for various
ratings. I also have some doubts the mails are really deleted
from the disks and archives when you delete them in your interface.
Hence, I have to admit that Ians reasons are valid.
> sorry, i already switched to a safer address, sob..
Thank you.
Regards,
Joey
--
Have you ever noticed that "General Public Licence" contains the word "Pub"?
Please always Cc to me when replying to me on the lists.
--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
| |
| Aigars Mahinovs 2006-06-27, 7:21 pm |
| Ian Jackson <ian@davenant.greenend.org.uk> said:
> I'm one of the small minority of people who have a very negative
> opinion about gmail. I realise I'm a bit of a kook on this subject
> and I'd ideally I'd like to avoid having an enormous flamewar about
> it.
>
> However, it has come to my attention that at least one developer
> appears to be reading debian-private at their gmail account.
I am one of those developers. I have never though that such action could
be considered a violation of debian-private policy and some reasons for
that have already been raised. In fact I do think that we should encrypt
the postings to debian-private for both privacy and flamecontrol
reasons. At this encryption stage headers of the messages should be
stripped and only stored on the server. Only most important headers
(like from, subject and date) would be embedded in the encrypted
payload.
Unless we go that far and realise such system, I see no reason to single
out Google on the storage of the mail messages from debian-private.
Currently GMail is the most trustable mail storage location that I have
available. And it is also the only location I do use - all my mail from
all other locations is redirected there. Even if I do redirect
debian-private mail to another place, that will simply mean that I will
stop reading it.
P.S. Please CC me, I am not on debian-devel.
--
Best regards,
Aigars Mahinovs mailto:aigarius@debian.org
#--------------------------------------------------------------#
| .''`. Debian GNU/Linux LAKA |
| : :' : http://www.debian.org & http://www.laka.lv |
| `. `' |
| `- |
#--------------------------------------------------------------#
--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
| |
| Steve Langasek 2006-06-28, 7:21 pm |
| On Tue, Jun 27, 2006 at 09:22:45PM +0100, Aigars Mahinovs wrote:
> Ian Jackson <ian@davenant.greenend.org.uk> said:
[vbcol=seagreen]
[vbcol=seagreen]
> I am one of those developers. I have never though that such action could
> be considered a violation of debian-private policy and some reasons for
> that have already been raised. In fact I do think that we should encrypt
> the postings to debian-private for both privacy and flamecontrol
> reasons. At this encryption stage headers of the messages should be
> stripped and only stored on the server. Only most important headers
> (like from, subject and date) would be embedded in the encrypted
> payload.
> Unless we go that far and realise such system, I see no reason to single
> out Google on the storage of the mail messages from debian-private.
I would expect developers to exercise the same judgement with regard to any
mail provider that they have reason to believe is analyzing mail for, or
delivering mail to, parties other than the intended recipient.
Google is singled out only in the sense that it's well-known, widely used,
and has a published policy of analyzing received mail for its advertisers.
If anything, it's commendable that Google has been open about the existence
of this practice, but I still share Ian's concern that it makes GMail an
unsuitable mail store for -private mail.
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
vorlon@debian.org http://www.debian.org/
|
|
|
|
|