public access point database
Ian Stirling
OpenMoko at mauve.plus.com
Wed Jul 4 17:48:57 CEST 2007
Ryan Prior wrote:
> You seem to imply that there is a technical infeasibility that cannot be
> overcome. If the public point database were segregated by a UNIX-style
> permissions system and connected to via SSH, wouldn't it be just about
> as safe as any public file server or database? Files that are "shared"
> can be accessed, files that are private stay private. A server-side
> daemon could negotiate friends lists, proximity, and other details
> without ever exposing private position data publicly.
>
> Am I missing something on the privacy front? Perhaps I just didn't grok
> your example.
I think so.
I was simply meaning that a simple static database exporting only the
position dumbly does not suit.
Os course SSH gives you access to the server securely.
You want something much more fine-grained than simply 'access, no access'.
Alice is my wife, I'm quite happy for her to have realtime tracking 24*7.
Bob is my brother, that gets really drunk on saturday night, I don't
want him able to track me from Sat 6PM-Sun 12AM.
Charlie is my employer, they get to track me while I'm at work.
Dave is someone in the group 'internet friends', who can get a position
to within 50Km at any time, so we might arrange a meeting. I do _not_
want him turning up on my doorstep unannounced.
I don't know Edwin, who has set his public tags to "Neo1973
Snowboarding" and if I get within 500m of him, I want my phone to bleep,
as these are my interests too. I should not be able to know anything
about him until he gets within 500m - I may not even get a position for
him, just contact details.
Fred has come into bluetooth range, and has interests that I share, so
again I want the phone to beep or something, maybe swap musical tracks,
do least-cost routing over his GPRS if he's got a better contract than
me (with payment).
Georgina matches my 'dating' profile, and has come within 100m. We may
have our phones setup to share pictures and a brief bio.
This is all quite fine-grained, with many different classes of user.
It needs more than a simple database of everyones location.
Then there is the reputation, and avoiding fake users that are simply
setup to repeatedly wander round populous areas gathering all the
information they can.
More information about the community
mailing list