[Cialug] I Don't Hate Tikly--a Thoughtful Side-Topic Opinion

Matt Stanton matt at itwannabe.com
Sun Nov 3 14:06:43 CST 2013


As to implementation of such an anonymous service:

Collect the name for the purpose of RSVP,  convert the alphabetic data to lower-case, run that data through your secure-ish hash cipher of choice to get a mangled, but testable anonymous token, save token to database for the length of time required to facilitate the count of RSVPs, drop table thisLUGevent;

This way the data isn't traceable back to any particular purpose without an original list of LUG members to which to correlate the hashes, and at the same time if a person suffering from "Old Person's Memory Disease" such as I do and they forget they already signed up, it is possible to remind them that they have already signed up (so long as they don't forget how to spell their name when registering one of these times).  If you have a good memory and you want to avoid being able to be correlated to an RSVP, you can then use a different name for the purpose of RSVPing so long as you always remember to use that name for the purpose of RSVPing and you never actually reveal to anyone that you use that name.

If anyone decides they want to write the code for such a service, I would be happy to host it on either my Linode or my DigitalOcean VPS for the group, though the group also has its own server sitting somewhere that should be able to fulfill that purpose.

-- Matt (N0BOX)

Sent from my ASUS Transformer

-----Original Message-----
From: David Champion <dchamp1337 at gmail.com>
To: Central Iowa Linux Users Group <cialug at cialug.org>
Sent: Sat, 02 Nov 2013 6:57 PM
Subject: Re: [Cialug] I Don't Hate Tikly--a Thoughtful Side-Topic Opinion

I moved Dave's cheese.

-dc


On Sat, Nov 2, 2013 at 3:43 PM, jim kraai <jimgkraai at gmail.com> wrote:

> Who moved Dave's cheese?
> On Nov 2, 2013 6:40 AM, "Dave Weis" <djweis at sjdjweis.com> wrote:
>
> > So you're volunteering to tally all RSVP's?
> >
> > I think the last use of the service was to get a count of people so you
> > could be provided free food and beverages at a meeting planned, hosted,
> and
> > led by volunteers.
> >
> > I'll be sitting out of the crusade against services that make my and
> > other's life easier without any risk beyond my email address and where
> I'll
> > be Wednesday night.
> >
> >
> >
> > On Sat, Nov 2, 2013 at 2:34 AM, jim kraai <jimgkraai at gmail.com> wrote:
> >
> > > ... but I do hate being forced to use third party services like it.
> > >
> > > This isn't directly Linux related, but it is related to a trend that
> all
> > of
> > > the local technical groups are going in where we're directed to third
> > party
> > > web sites to RSVP or schedule or whatever for events.
> > >
> > >
> > > I recall that government agencies used to be legally obligated to
> adhere
> > to
> > > the following principle:  If data is not required by law to fulfill a
> > > mandated requirement, then it is unlawful to collect it.  This was an
> > > acknowledgement that data:
> > > 1. was expensive to gather (this is no longer true)
> > > 2. was expensive to curate (this is no longer true)
> > > 3. would eventually be misused
> > >
> > > Which led me to ... let's call it Kraai's Maxim:  The reasons for which
> > > data are collected today will not constrain the uses to which it will
> be
> > > put tomorrow.
> > >
> > > Corollary 1:  Those collecting data today are not those who will be
> using
> > > it tomorrow.
> > >
> > > Corollary 2:  It is impossible to anticipate today what uses data will
> be
> > > put to tomorrow.
> > >
> > > Corollary 3:  It should be assumed that all data will eventually be
> > > misinterpreted or misused in unpredictable and possibly in unscrupulous
> > > ways.
> > >
> > > Weak Corollary to Corollary 3:  Data that isn't collected can't be
> > > effectively misinterpreted or misused.
> > >
> > > - By effectively, I mean that it wouldn't stand up under rational
> > scrutiny.
> > >
> > > - By weak, I mean that new data can be interpolated and/or extrapolated
> > > from what data there is depending on the quality of the source data and
> > > what other data sources are corellatable to the source data.
> > >
> > > So, applying the Maxim and Corollaries to tikly:
> > >
> > > (Note that tikly requires first/last name, email address, and a phone
> > > number.)
> > >
> > > Over the years we've learned that eventually, tikly will have an
> > accidental
> > > data spill or exposure, get hacked, and/or sell out.  The only
> > uncertainty
> > > is when that will happen--not whether.  Keep in mind that they can't
> leak
> > > or sell what they don't have.
> > >
> > > Note that if tikly goes under--and there's a 19/20 chance they
> > will--their
> > > most significant salable asset will be that data.  Recent precedent has
> > > shown that prior promises and user agreements will be thrown out so the
> > > investors can have their claims settled partially by the sale of that
> > data
> > > to the highest bidder.  Until something extraordinary happens in the
> > > courts, there's nothing you can do about such a sale or the uses to
> which
> > > that data is eventually put.
> > >
> > > It's a common practice to 'protect our privacy' by putting bogus data
> in
> > > their registration forms.  We need to realize that it's ethically
> > > problematic and potentially illegal to put bad data in a web site's
> > > registration forms.  So that should not be an acceptable long-term
> > practice
> > > for a principled person.
> > >
> > > This is why I prefer to not use third party services that gather any
> kind
> > > of data.
> > >
> > > --jim
> > > _______________________________________________
> > > Cialug mailing list
> > > Cialug at cialug.org
> > > http://cialug.org/mailman/listinfo/cialug
> > >
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > http://cialug.org/mailman/listinfo/cialug
> >
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>
_______________________________________________
Cialug mailing list
Cialug at cialug.org
http://cialug.org/mailman/listinfo/cialug


More information about the Cialug mailing list