public access point database

Nick Johnson arachnid at notdot.net
Wed Jul 4 08:00:18 CEST 2007


On 7/4/07, Ryan Prior <piratehead at gmail.com> wrote:
> You seem to imply that there is a technical infeasibility that cannot be
> overcome. If the public point database were segregated by a UNIX-style
> permissions system and connected to via SSH, wouldn't it be just about as
> safe as any public file server or database? Files that are "shared" can be
> accessed, files that are private stay private. A server-side daemon could
> negotiate friends lists, proximity, and other details without ever exposing
> private position data publicly.
>
> Am I missing something on the privacy front? Perhaps I just didn't grok your
> example.

SSL would be better suited - perhaps that's what you meant.

The main issue, I think, is that it requires users to trust this
third-party database with some very personal information - possibly up
to and including an ongoing log of their location. Even if the site
itself is trustworthy, if it were compromised it could easily be
exposed.

The obvious solution, of course, is to simply restrict your userbase
to those that are happy with the tradeoff.

-Nick Johnson




More information about the community mailing list