On 06/29/2013 08:14 AM, Nick wrote: > Quoth Fabio Pietrosanti (naif): >> It would be a nice transparency measure to run a small web server >> that provide direct access to the full server filesystem, allowing >> to browse everything and download any files, with few exceptions >> such as SSH or SSL private keys. >> >> That way anyone would be able to fully inspect the server, even >> without logging-in, by assessing configurations and checking out >> that logs are not kept. > > It would be nice, but you're still entirely trusting the server > admin to be providing an honest view of the system.
Both of you bring up good points and it's something I personally worry about when using a service: even though a server admin "says" they aren't logging, how do we really *they* aren't logging? In some cases, we can go by reputation in the community. For example, if Jacob Appelbaum from the Tor Project started a service, we could all be "fairly sure" that he's not going to do something sneaky. But someone like me, who's brand new in the community with zero reputation, that's a different story. Thank you both for the feedback. I'm going to look at what you both said and see what I can do. Thanks! anthony -- Anthony Papillion Phone: 1.918.533.9699 SIP: sip:[email protected] iNum: +883510008360912 XMPP: [email protected] www.cajuntechie.org -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
