public access point database

Ian Stirling OpenMoko at mauve.plus.com
Wed Jul 4 17:48:57 CEST 2007


Ryan Prior wrote:
> You seem to imply that there is a technical infeasibility that cannot be 
> overcome. If the public point database were segregated by a UNIX-style 
> permissions system and connected to via SSH, wouldn't it be just about 
> as safe as any public file server or database? Files that are "shared" 
> can be accessed, files that are private stay private. A server-side 
> daemon could negotiate friends lists, proximity, and other details 
> without ever exposing private position data publicly.
> 
> Am I missing something on the privacy front? Perhaps I just didn't grok 
> your example.

I think so.
I was simply meaning that a simple static database exporting only the 
position dumbly does not suit.

Os course SSH gives you access to the server securely.

You want something much more fine-grained than simply 'access, no access'.

Alice is my wife, I'm quite happy for her to have realtime tracking 24*7.

Bob is my brother, that gets really drunk on saturday night, I don't 
want him able to track me from Sat 6PM-Sun 12AM.

Charlie is my employer, they get to track me while I'm at work.

Dave is someone in the group 'internet friends', who can get a position 
to within 50Km at any time, so we might arrange a meeting. I do _not_ 
want him turning up on my doorstep unannounced.

I don't know Edwin, who has set his public tags to "Neo1973 
Snowboarding" and if I get within 500m of him, I want my phone to bleep, 
as these are my interests too. I should not be able to know anything 
about him until he gets within 500m - I may not even get a position for 
him, just contact details.

Fred has come into bluetooth range, and has interests that I share, so 
again I want the phone to beep or something, maybe swap musical tracks, 
do least-cost routing over his GPRS if he's got a better contract than 
me (with payment).

Georgina matches my 'dating' profile, and has come within 100m. We may 
have our phones setup to share pictures and a brief bio.

This is all quite fine-grained, with many different classes of user.

It needs more than a simple database of everyones location.

Then there is the reputation, and avoiding fake users that are simply 
setup to repeatedly wander round populous areas gathering all the 
information they can.




More information about the community mailing list