savannah-hackers-public
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Savannah-hackers-public] Running GNU Savannah (frontend) locally


From: Assaf Gordon
Subject: Re: [Savannah-hackers-public] Running GNU Savannah (frontend) locally
Date: Thu, 04 Sep 2014 08:08:14 +0300
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Icedove/24.7.0

Hello,

On 09/03/2014 11:43 PM, address@hidden wrote:

The fact that Savannah data is not easily parsable is a form of
protection, admittedly weak, but still.

I strongly disagree with the above statement. It is not a protection, neither 
by design nor by coincidence.

This is also a legal matter, as soon as you deal with personnal data
aggregation.

If you see a concrete legal problem with packaging information which is already 
publicly accessible to non-logged-in users, please list it.
Otherwise I see no legal issues.

Let's not confuse data and aggregated data: checking what date you
coded a feature is one thing, profiling your work-hours habits by
aggregating your activity is another.

Not only it is not another issue, it is one and the same.
The above sentiment is the same misconception of people sharing things online 
and then act surprised when someone else can access it and make use of it.
If a person submits public information to a public website (a commit to a 
source code repository or an email to a mailing list or a non-private bug 
report on GNU Savannah or anything similar) - it is public.
The person has not further control over it, and should not have any reasonable 
expectation of what can and can not be done with it.

In addition, in the current context of NSA aggregating data, I think
 it'd be a bad PR move to start shipping out most of our DB for the
sake of it.

Certain agencies illegally collecting private or public information is one 
thing.
Me wanting to package information which is already public is another.
Hinting that the two are somehow similar is, in my humble opinion, spreading 
FUD.

Also note that the goal is not to publish the public information "for the sake of 
it",
but to make hacking on GNU Savannah easier, and to encourage people to find 
interesting statistics on public Free Software projects.

Discussion with Savannah users: yes there are a lot of users, but we
can still initiate a discussion, e.g. on planet.gnu.org or on
savannah-users.  Covering enough users to get a representative
feedback.


I have initiated a discussion. With the people most relevant: Savannah Hackers.
And in this preliminary discussion I have asked for a specific feedback:
Which fields/tables/projects/entries in the database do you consider private, 
or even remotely sensitive? and which are public?
It's a technical question, and even as simple as it is - it hasn't been 
answered.

So to make this discussion even more public with more people who are not 
familiar with GNU Savannah, and before I actually have a good feedback on what 
is private in the database - I feel that would be counter productive at best.

-Assaf





reply via email to

[Prev in Thread] Current Thread [Next in Thread]