bugFreeciv - Bugs: bug #17747, Reassigned to another tracker...

 
 
Show feedback again

bug #17747: Reassigned to another tracker [was: Your gna installation leaks "private" emails.]

Submitted by:  None
Submitted on:  Wed 16 Feb 2011 03:29:58 PM UTC  
 
Category: freeciv.orgSeverity: 6 - Security
Priority: 5 - NormalStatus: None
Assigned to: NoneOriginator Email: -unavailable-
Open/Closed: ClosedRelease: n/a
Operating System: AnyPlanned Release: 

Add a New Comment (Rich MarkupRich Markup):
   

You are not logged in

Please log in, so followups can be emailed to you.

 

(Jump to the original submission Jump to the original submission)

Fri 08 Jul 2011 01:15:08 AM UTC, comment #10:

Ironically I can't, because the new bug report doesn't accept anonymous. But we are legion!?

Anonymous
Thu 07 Jul 2011 01:16:53 PM UTC, comment #9:

Please take your discussion to the reassigned bug #18310 in the Savane project.

This is not and never was a bug in Freeciv.

Daniel Markstedt <dmarks>
Project Administrator
Thu 07 Jul 2011 01:04:36 PM UTC, comment #8:

(OP here)
1) I'm not referring to the CC in the email, although admittedly BCC would be a nice idea, too.

2) I was referring to anonymous bug reports. I as "another" anonymous can find the first anonymous' contact information by just adding a comment to an anonymous bug report.

3) I am not and was not logged in as user. User accounts tend to pile up and rot plus have a tendency to have unsafe shared passwords - the fewer the better. It would be nice if gna respected this. ANYWAYS: I don't mind if the people from the project see my contact info. Not at all. They need it. If you're logged in and have this bug report assigned, by all means, do contact me. But if I am NOT logged in and don't have anything to do with the bug report, just by submitting a comment, I shouldn't be able to find out the originator's email.

4) I am not concerned about anyone intercepting this. I am concerned about a third party coming along, and adding a comment to a bug report just to find out who reported it. It's no big deal, but it's a very unexpected way of exposing one's email address, if the rest of the bug reports give you the impression that the email is actually not shared (see, e.g., the cc list, where the anonymous originator's is NOT displayed, as well as other places that give you the impression there's been some effort to guard the email address)

5) HTTPS or not is not and was never the concern.

second 5) well, fix that. I shouldn't need an account to retain privacy just because I find a bug in project XYZ and me idiot takes the time to report it. I don't know how many website / group accounts you have, but I have too many already.

Finally) Please have a look at the screenshot I posted. If you can reproduce getting my email displayed anonymously just by adding a comment here, then I continue to claim that this is a bug in GNA. It CANNOT be accepted GNA default operation to spew out its users data - anonymous or not.

I understand the points you raised, but most of them are IMO not catching the aspect about which I created the bug report. And also about not pushing out people's email: I'd really appreciate if BUG #18310 got my email address removed from its visible portion.

Anonymous
Thu 07 Jul 2011 09:58:24 AM UTC, comment #7:

1) The system really does send an email to the given address, and furthermore anyone who adds a comment will get an email that has a CC: of everyone who contributed to the discussion. So yeah, you now have my email address. Perhaps we can coax GNA to use a BCC: instead? That's the only thing i can think of that won't stifle discussion...

2) I didn't test it right now, but IIRC the banner on the web page displays a username [if Savane has one available] instead of the naked email address. If so, then posting anonymously is less secure than creating an account - the system has no other way to refer to you than by your address.

3) Similarly, bug reports always display the username of the original submitter. Where the name is 'None' [i.e., anonymous] then the additional field called Originator Email is also displayed, because we simply have to have some way to contact the OP. AFAIK, these tracker items never go away even when closed - your address is attached to this item more or less forever.

4) The web page banner is sent in a 'private' packet from the server to your browser. While it is certainly possible for that packet to be intercepted, it should be far easier for a cracker to access the email with all of our addresses in it. I suggest that is the area that could use the most attention from the administrators.

5) Right now this is being sent inside a HTTPS session. IDK if this is also true for 'anonymous' posts.

5) The project does have some responsibility for the privacy of it's community members, but arguably those users have as much or more responsibility for their own privacy. The moral of this story is that not having an account is inherently less secure than having one. If you insist on being 'anonymous' then you would be better served by getting an additional free email address and use that address only with the project.

David Lowe <doctorjlowe>
Thu 07 Jul 2011 02:55:06 AM UTC, comment #6:

See the top of :
http://img847.imageshack.us/img847/169/gna.png
Maybe that explains it better and maybe it's something absolutely natural :)

Anonymous
Thu 07 Jul 2011 02:49:04 AM UTC, comment #5:

with reassigning this bug you actually published my email address, too, dmarks - see field #36. Just made me chuckle given the nature of this bug report ;)

Anonymous
Mon 04 Jul 2011 06:11:51 PM UTC, comment #4:

THIS ITEM WAS REASSIGNED TO BUG #18310


Please, do not post any new comments to this item.

Daniel Markstedt <dmarks>
Project Administrator
Mon 04 Jul 2011 06:11:00 PM UTC, comment #3:

Testing again.

Anonymous
Thu 17 Feb 2011 09:47:59 PM UTC, comment #2:

Test anonymous comment.

Anonymous
Wed 16 Feb 2011 03:30:46 PM UTC, comment #1:

the message looks like, e.g.: "New item posted (bug #17747) CC added. Mail sent to (my email address here), -unavailable-"

Anonymous
Wed 16 Feb 2011 03:29:58 PM UTC, original submission:

THIS ITEM WAS REASSIGNED TO BUG #18310
I can see my "unavailable to non logged in" email just fine without logging in.

Submitting a change where my email's the originator email makes a overlay appear in my browser which displays my email address (message sent to : other people in the CC + original submitter) as (email address) - -unavailable-. Yes, my email address is clearly visible next to the unavailable.

Please fix your gna setup.

Anonymous

 

(Note: upload size limit is set to 1024 kB, after insertion of the required escape characters.)

Attach File(s):
   
   
Comment:
   

No files currently attached

 

Depends on the following items: None found

Items that depend on this one: None found

 

Carbon-Copy List
  • -unavailable- added by dmarks (Posted a comment)
  • -unavailable- added by doctorjlowe (Posted a comment)
  • -unavailable- added by None (Submitted the item)
  •  

    Do you think this task is very important?
    If so, you can click here to add your encouragement to it.
    This task has 0 encouragements so far.

    Only logged-in users can vote.

     

    Please enter the title of George Orwell's famous dystopian book (it's a date):

     

     

    Follows 1 latest change.

    Date Changed By Updated Field Previous Value => Replaced By
    Mon 04 Jul 2011 06:11:51 PM UTCdmarksReassign ItemFreeciv, bug #17747=>Savane, bug #18310
    Show feedback again

    Back to the top


    Powered by Savane 3.1-cleanup