----- Original Message ----- > From: "Brian Wolff" <[email protected]>
> Thanks for taking the time to write these two emails. You raise an > interesting point about having everything on one domain. I really > don't think that's practical for political reasons (not to mention > technical disruption), but it would allow people to be more lost in > the crowd, especially for small languages. Some of the discussion > about this stuff has taken place on bugzilla. Have you read through > https://bugzilla.wikimedia.org/show_bug.cgi?id=47832 ? I should think we might be able to run a proxy that would handle such hiding, no? > Personally I think we need to make a more formal list of who all the > potential threats we could face are, and then expand that list to > include what we would need to do to protect ourselves from the > different types of threats (or which threats we chose not to care > about). Some kid who downloads a firesheep-type program is very > different type of threat then that of a state agent, and a state agent > that is just trying to do broad spying is different from a state agent > targeting a specific user. Lots of these discussion seem to end up > being: lets do everything to try to protect against everything, which > I don't think is the right mindset, as you can't protect against > everything, and if you don't know what specifically you are trying to > protect against, you end up missing things. Definitely: the potential attack surfaces need to be explicitly itemized. Cheers, -- jra -- Jay R. Ashworth Baylink [email protected] Designer The Things I Think RFC 2100 Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA #natog +1 727 647 1274 _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
