Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

On Wed, Mar 08, 2017 at 09:02:24PM +0100, Neven Sajko via arch-general wrote: > ... But there probably should be some TOS ... Why? Would a ToS be a legally binding document? If yes, it will constrain Arch, which is not good. If no, then it's just a meaningless text. I understand that companies

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

On Wed, 8 Mar 2017 21:02:24 +0100 Neven Sajko via arch-general wrote: > On 8 March 2017 at 20:57, Neven Sajko wrote: > > This discussion is pointless without legal advice. Without it > > disclosing user information (even if it is public) does not

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

On 8 March 2017 at 20:57, Neven Sajko wrote: > This discussion is pointless without legal advice. Without it > disclosing user information (even if it is public) does not seem like > such a good idea. Not that I advocate paying a lawyer just for this issue, it would be simpler

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

This discussion is pointless without legal advice. Without it disclosing user information (even if it is public) does not seem like such a good idea.

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

On Tue, Mar 7, 2017 at 11:36 AM, fnodeuser wrote: > test This worked. Thanks for your effort. cheers! mar77i

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

Reply-To is not what you are supposed to look into; look at In-Reply-To! On 03/07/2017 11:06 AM, fnodeuser wrote: > test > -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

fnodeuser writes: > Bartłomiej Piotrowski, > > it is the same email address that i have been using since the beginning. > > what opinions? > > i never talk with opinions. i always talk with facts. Hi. You may not notice your current reply function broke this thread.

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

On 03/07/17 at 10:03am, fnodeuser wrote: > Bartłomiej Piotrowski, > > it is the same email address that i have been using since the beginning. > > what opinions? > > i never talk with opinions. i always talk with facts. You broke the thread again. If you want to be taken serious atleast

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

On 2017-03-07 09:36, fnodeuser wrote: > why are you talking on her behalf? why did she send a message to you instead > of one to the ML? > why is she not answering any questions in this ML? Why do you keep breaking threads on our mailing lists? Why you are incapable of using one e-mail address?

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

Eli Schwartz via arch-general writes: > On 03/06/2017 10:08 PM, YANG Ling via arch-general wrote: >> Hi all, >> Shall we focus on Lukas's questions? > > Yes, let's. > > [skipped - pointlessly quoted and then repeated questions] > Sorry, I'm not familiar with the rules

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

On Tue, 2017-03-07 at 06:48 +0100, Ralf Mardorf wrote: > On Mon, 6 Mar 2017 22:46:14 -0500, Eli Schwartz via arch-general wrote: > > Let us emulate the forums, and provide a username list only accessible > > to logged-in AUR users. > > So you recommend that AUR should deviate from the Arch

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

On Mon, 6 Mar 2017 22:46:14 -0500, Eli Schwartz via arch-general wrote: >Let us emulate the forums, and provide a username list only accessible >to logged-in AUR users. So you recommend that AUR should deviate from the Arch related mailing lists. Note, mailman mailing list could be set up to "The

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

On 03/06/2017 10:08 PM, YANG Ling via arch-general wrote: > Hi all, > Shall we focus on Lukas's questions? Yes, let's. [skipped - pointlessly quoted and then repeated questions] > My opinions: > > 1. The first question: Are we fine with sharing the user names? >I am fine. But I think some

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

Mauro Santos via arch-general writes: > On 05-03-2017 13:35, Lukas Fleischer wrote: >> Hi, >> >> I was recently contacted by a Polish researcher asking for a list of AUR >> account names. I did not expect this to be controversial but a couple of >> Trusted Users

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

Hi, ok a last reply to this topic. Since the usernames are anyway public, there is a reason to ask for a list. - politeness? - laziness? - something related to laws? - ?? Perhaps the research has nothing to do with AUR and github, but e.g. with a method, maybe an algorithm to "establish

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

On Mon, Mar 6, 2017 at 3:53 PM, Ralf Mardorf wrote: > Has got somebody the slightest idea about the aim of this research? > good question. > "anonymized statistics" and "establish connections" are abstract > phrases. Not abstract is that those claims are contradictory,

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

On Mon, 6 Mar 2017 15:18:43 +0100, Martin Kühne via arch-general wrote: >On Mon, Mar 6, 2017 at 3:01 PM, Ralf Mardorf >wrote: >> Much likely nothing bad >> would happen by handing out a list, but to avoid a "Now, why didn't I >> think of that?"-issue the easiest solution

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

On Mon, Mar 6, 2017 at 3:01 PM, Ralf Mardorf wrote: > Much likely nothing bad > would happen by handing out a list, but to avoid a "Now, why didn't I > think of that?"-issue the easiest solution seems to reject such > requests in general, at least as long as it's not

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

2017-03-06 15:01 GMT+01:00 Ralf Mardorf : > On Mon, 6 Mar 2017 13:45:37 +0100, Henrik Danielsson wrote: >>We could simply deny the AUR username request it for the same reason, >>or no reason at all. Since some people seem uncomfortable about what >>could be derived from a

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

On Mon, 6 Mar 2017 13:45:37 +0100, Henrik Danielsson wrote: >We could simply deny the AUR username request it for the same reason, >or no reason at all. Since some people seem uncomfortable about what >could be derived from a potential correlation of publicly available >data, that's most likely

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

2017-03-06 14:36 GMT+01:00 Mauro Santos via arch-general : > On 06-03-2017 12:45, Henrik Danielsson via arch-general wrote: >> 2017-03-06 12:53 GMT+01:00 Mauro Santos via arch-general < >> arch-general@archlinux.org>: >> >>> On 06-03-2017 11:20, Henrik Danielsson via

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

On 06-03-2017 12:45, Henrik Danielsson via arch-general wrote: > 2017-03-06 12:53 GMT+01:00 Mauro Santos via arch-general < > arch-general@archlinux.org>: > >> On 06-03-2017 11:20, Henrik Danielsson via arch-general wrote: >>> 2017-03-06 11:18 GMT+01:00 Ralf Mardorf :

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

On 06-03-2017 12:13, Ralf Mardorf wrote: > On Mon, 6 Mar 2017 11:53:34 +, Mauro Santos via arch-general wrote: >> I think the point here is not so much privacy, as I believe everyone >> recognizes that the information that was asked for (the full list of >> usernames) is public > > It's not

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

2017-03-06 12:58 GMT+01:00 Martin Kühne via arch-general : > > On Mon, Mar 6, 2017 at 12:21 PM, Henrik Danielsson via arch-general > wrote: > > I was not replying to anyone in particular. Gaetan? Sorry, you lost me > > there. > > It may not

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

2017-03-06 12:53 GMT+01:00 Mauro Santos via arch-general < arch-general@archlinux.org>: > On 06-03-2017 11:20, Henrik Danielsson via arch-general wrote: > > 2017-03-06 11:18 GMT+01:00 Ralf Mardorf : > >> > >> Privacy is a principle. You seem not to understand the

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

On Mon, 6 Mar 2017 11:53:34 +, Mauro Santos via arch-general wrote: >I think the point here is not so much privacy, as I believe everyone >recognizes that the information that was asked for (the full list of >usernames) is public It's not per se forbidden to take a photo of a public location,

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

On Mon, Mar 6, 2017 at 12:21 PM, Henrik Danielsson via arch-general wrote: > I was not replying to anyone in particular. Gaetan? Sorry, you lost me > there. It may not have appeared in the same thread for you, but here we go [0] context, and the mail I was replying to

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

On 06-03-2017 11:20, Henrik Danielsson via arch-general wrote: > 2017-03-06 11:18 GMT+01:00 Ralf Mardorf : >> >> Privacy is a principle. You seem not to understand the difference >> between giving somebody data with the formal permission to use this data >> and data that

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

On Mon, 6 Mar 2017 11:39:33 +0100, Martin Kühne via arch-general wrote: >> I know it's not directly an privacy issue, but I find it scary >> nonetheless... (especially since they expressed the wish to >> consolidate the data with other websites such as github). > >This is exactly for the

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

2017-03-06 11:39 GMT+01:00 Martin Kühne via arch-general < arch-general@archlinux.org>: > > Gaetan's criticism applies to you here, now. please designate > paragraphs of text which you reply to. > I was not replying to anyone in particular. Gaetan? Sorry, you lost me there.

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

2017-03-06 11:18 GMT+01:00 Ralf Mardorf : > > Privacy is a principle. You seem not to understand the difference > between giving somebody data with the formal permission to use this data > and data that simply is available for everybody, but not explicitly > handed over to

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

I really, don't want to make it any easier for someone to spam me based on correlations between account names. On Mon, Mar 6, 2017 at 4:39 AM, Martin Kühne via arch-general < arch-general@archlinux.org> wrote: > On Mon, Mar 6, 2017 at 11:26 AM, Guus Snijders via arch-general >

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

On Mon, Mar 6, 2017 at 11:26 AM, Guus Snijders via arch-general wrote: > Op 6 mrt. 2017 10:52 schreef "Henrik Danielsson via arch-general" < > arch-general@archlinux.org>: > > > I guess I'll be the devil's advocate. I see no privacy issues in handing > > over a list of

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

Op 6 mrt. 2017 10:52 schreef "Henrik Danielsson via arch-general" < arch-general@archlinux.org>: I guess I'll be the devil's advocate. I see no privacy issues in handing over a list of already public information You could deny it for practical reasons though, if you simply could not be bothered

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

On Mon, 6 Mar 2017 10:52:51 +0100, Henrik Danielsson via arch-general wrote: >I guess I'll be the devil's advocate. I see no privacy issues in >handing over a list of already public information You could deny it >for practical reasons though, if you simply could not be bothered to >scrape/export

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

I guess I'll be the devil's advocate. I see no privacy issues in handing over a list of already public information You could deny it for practical reasons though, if you simply could not be bothered to scrape/export such a list yourself. Denying or allowing won't stop anyone from obtaining the

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

On 03/06/2017 10:03 AM, Ralf Mardorf wrote: > I did not wrote about the NSA. I only pointed out that even the NSA > doesn't get all the data as a gift. Why should a researcher get such > data as a gift? You are seemingly already that used to data mining and > offended privacy, that it's good and

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

On Mon, Mar 06, 2017 at 09:44:12AM +0100, Tinu Weber wrote: > Because anonymisation: even if one dataset in isolation may look > unsuspicious from a privacy POV, if combined with other datasets, it may > suddenly reveal information that was not intended to be public. > > I admit that a simple

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

On Sun, 5 Mar 2017 18:14:02 -0700, Leonid Isaev wrote: >Isn't Arch BBS already providing list of usernames? > >In general, though, I'd say follow the principle of least effort. Why >just not publish the list of usernames and that's all? This way, new >users can easily grep for them and don't need

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

I was under the impression that the AUR git interface is just one big git repo. Yes it checks out only the package you clone but the references contain all packages (and commits). Am I mistaken to this? Regards, -- Leonidas Spyropoulos A: Because it messes up the order in which people normally

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

On Sun, Mar 05, 2017 at 18:14:02 -0700, Leonid Isaev wrote: > Isn't Arch BBS already providing list of usernames? The BBS's user list is only available to logged-in users. Although that is certainly not an extended privacy measure, it still prevents random people who just "pass by" from

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

Isn't Arch BBS already providing list of usernames? In general, though, I'd say follow the principle of least effort. Why just not publish the list of usernames and that's all? This way, new users can easily grep for them and don't need scrapers, and "researchers" can have fun... On Mon, Mar 06,

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

Giving away any data is bad, period. I hate this fashion that nowadays every "expert" holding a share is granted access to data, that even the NSA isn't getting that easy. Starting to give away such data to "researchers" is evil, let alone that all that "serious" statistics are just bullshit. No

Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)

On 05-03-2017 13:35, Lukas Fleischer wrote: > Hi, > > I was recently contacted by a Polish researcher asking for a list of AUR > account names. I did not expect this to be controversial but a couple of > Trusted Users raised concerns on IRC, so I decided to move this to the > public mailing list