Wikinews:Water cooler/technical

Refresh

Archive, post

Archives 2009  July 2009 August 2009 September 2009 October 2009 November 2009 December 2009 2010  January 2010 February 2010 March 2010 April 2010 May 2010 June 2010 July 2010 August 2010 September 2010 October 2010 November 2010 December 2010 2011  January 2011 February 2011 March 2011 April 2011 May 2011 June 2011 July 2011 August 2011 September 2011 October 2011 December 2011 2012  March 2012 April 2012 May 2012 July 2012 August 2012 September 2012 October 2012 November 2012 December 2012 2013  January 2013 February 2013 March 2013 April 2013 May 2013 June 2013 July 2013 August 2013 September 2013 October 2013 November 2013 December 2013 January 2014 February 2014

wikinewsie.org emails and use of 3rd-party collectors known to collaborate with intelligence services[edit]

The problem of using Google's email services as an auto-collector on wikinewsie.org email addresses caused more friction than I would've liked last time it was raised; however, in forwarding a substantial document to the reporters' list I've - once again - discovered that my request people avoid the likes of gmail has been ignored.

Before I act, and so this cannot be said to be done in a unilateral manner, which of the following options do people believe might be reasonable:

1. Delist from scoop/reporters distribution lists when found to be using Gmail to auto-collect email?
2. Closure of email addresses until given assurances Gmail will not be used?

We're not, currently, handling anything suitably sensitive to have this as a major concern. But, it is the fact this was a point of conflict previously — one I assumed everyone was clear on being unacceptable — which is most-irksome. We should be amongst the groups who get fresh stuff from WikiLeaks; that'll never happen if we have to work on the assumption someone will use google email services and put their convenience ahead of the security of our sources. --Brian McNeil / ^talk 18:36, 16 February 2014 (UTC)

Absolutely not in regards to deactivating the addresses entirely; no telling what people might use those for. I (probably inappropriately) use mine as my primary email address, and can't remember the password for, nor when I last logged into, the free webmail account I used before that. The question I have to ask is, given just how much data is hoovered and stored, can we realistically have any faith any emails we send using any account are private from NSA, GCHQ etc?

There also lacks an alternative to amalgamating via Google etc, unless people log straight into the webmail part of Wikinewsie.org. The setup page lists settings available to hook up Wikinewsie to a local client like Thunderbird (which I used, before fire claimed my old laptop, God have mercy on its soul) but they aren't helpful to those who struggle with technical biz. Adding an exception is well-explained, but that's the easy bit. The mail protocols, and use of ports, will fly over many heads. BRS ^{(Talk) (Contribs)} 18:48, 16 February 2014 (UTC)

• As soon as an email from a non-USian passes through a US-based mail server (eg Google) the entire message is considered "fair game". In contrast, email between US correspondents is - allegedly - only mined for metadata (i.e. the headers). One can assume that email wholly between non-US correspondents is mined for metadata whether we like it or not.

Since this information came to my attention due to Gmail bouncing a large attachment, the temptation is to drop such people from scoop/reporters. Taking technical steps to put message content largely beyond snooping is far further beyond the average person than the instructions you make reference to.

I've been warning people about Google since long before the Snowden revelations; in fact, since before most people had even heard of WikiLeaks. It is that there was some conflict on this matter previously, and my cautions on the matter have "been used as toilet paper" is most-annoying. --Brian McNeil / ^talk 18:59, 16 February 2014 (UTC)

• The list seems to me to serve two distinguishable functions, one of which is much more demanding than the other. The simpler function is handling materials that should not be publicized; the more demanding, handling materials that should not be allowed to reach parties who might do serious harm with them. Stuff that oughtn't be publicized includes copyrighted materials, which can be viewed privately but can't legally be put on the wiki; embargoed press materials; email addresses that might draw spam (or other bothersomely unwelcome traffic) if publicized. Material that needs to be kept away from parties who might to real harm with it is most often going to be identities (such as real names, emails, addresses) of informants or, in some cases, victims, where the consequences of the information getting out could be rather more than spam. Yes, at the far upper end of that is stuff the likes of NSA shouldn't get hold of, but there's plenty of stuff falling into this class without (hopefully) going quite that far, just as Google's behavior toward the NSA may be expected to reflect other aspects of their behavior as well (making them untrustworthy for more than just things the NSA shouldn't get their hands on). A while ago we had someone claiming to file an original report from inside a war zone, who refused to send any documentation to scoop on the grounds that if xyr identity got out they'd be hunted down and killed. Now, I lack confidence that wasn't a hoax, but the point is valid: information that sensitive could not safely be sent to scoop, then or, presumably, now.

So should there should be two lists, one for stuff that oughtn't be made public, and one for stuff that truly needs to be kept confidential? --Pi zero (talk) 19:41, 16 February 2014 (UTC)

• Ideally, we need more than just kludged-together distribution lists. That requires the ability to run mailing list software on a server we control. Given my new broadband connection, I could probably run that from home (as, say, lists.wikinewsie.org). Not ideal, but more-sophisticated than anything currently at our disposal on shared hosting. --Brian McNeil / ^talk 19:46, 16 February 2014 (UTC)