3 lines summary of what follows:
There is NO way that the list admin can prevent list members from
putting in danger other people who ask for help to the list, so stop
worrying too much about this and don't mess anymore with the headers.
On Mon, Apr 22, 2013 23:45:47 PM -0400, Michael Allan wrote:
> Experts on the list advise and inform on matters such as
> encrypting communications, protecting infrastructure from cyber
> attack, and protecting onself from personal danger.
in ~2 years I've been a subscriber here, I don't remember anything
that would be in the "personal vulnerable situation" category, that is
the starting point for all the concerns that follow. Anyway:
> the software adds a Reply-To header pointing to L, which is the
> address of the list itself. The message is then passed on to the
> subscribers. The meaning of the added Reply-To header is, "Q asks
> that you reply to her at L." [3]
> Note that this is false information; Q does not ask that.
Partly not correct (Q implicitly asked, or accepted that, the moment
he or she subscribed to a MAILING LIST, that as everybody knows are
places for public discussion. Especially when they have public
archives), partly irrelevant:
a) at least HALF of the fault in the scenario that you keep torturing
yourself with is not on "P". It is on "Subscriber Q dumb enough to
reply with helpful information" about a "PERSONAL VULNERABLE
SITUATION" [only] to the list, instead of being
mature/sensible/smart enough to:
1) answer to list ONLY in the vaguest possible terms ("I'll
get back to you on that") if at all
2) send any advice that may help but provocate reply with
sensitive data in a completely SEPARATE message, that the list
doesn't see at all
3) eventually, post to the list for future reference a summary
of general advice for cases like that, purged of personal data
if a "tired and distracted" person asks for advice to a not
stressed person, and the second person replies "OK, let's talk this
over just on the edge of a cliff", is the distracted person the
only one to blame if she falls off the cliff? In other words, the
only problem and fault in your scenario is not point 4 (P replies
with private info) but point 3 (Q replies with helpful info, but in
a totally braindead way, when he or she should really know better)
b) many people, like me, set their mail clients to recognize lists and
automatically send replies to list messages ONLY to the list.
Regardless of how much the admin played with the headers.
c) oh, and of course there still are the people who routinely and
blindly "reply to all" to whatever they get in their inbox
> POSSIBLE EXPLOIT THAT INCREASES THE DANGER
hmm...
> Might not this exploit be perceived as feasible?
yes. Just don't expect to solve it with mailing list management. If,
instead, the only goal is to give Stanford and the list admin wants a
legal basis to not be sued, that's OK.
> While Stanford University is evaluating these safety concerns and
> has yet to make a decision, it should return the configuration to
> its default setting. The default setting is known to be safe.
The default setting is known to provide very little of the specific
safety you want, for the reasons I explained. If replying to messages
from this list can put other people in danger, this is something that
ALL list members must individually commit to avoid, whenever they
answer.
Oh, and maybe "Q" people so DUMB to not check whether they are
replying on or off list when somebody's LIFE may be in danger
shouldn't subscribe in the first place, should they now?
So, personally I (re)vote for keeping reply-to to the list, but do as
you wish because I'll keep MY email client to "Reply-to List" anyway
(which proves my point), because it's infinitely more convenient than
having different behavior from all the other tens of mailing lists I
am subscribed to.
Marco F.
http://mfioretti.com
--
Too many emails? Unsubscribe, change to digest, or change password by emailing
moderator at compa...@stanford.edu or changing your settings at
https://mailman.stanford.edu/mailman/listinfo/liberationtech
