launchpad-dev team mailing list archive
-
launchpad-dev team
-
Mailing list archive
-
Message #05391
Re: RFD: Should Launchpad lie to its users?
On 01.11.2010 15:23, Curtis Hovey wrote:
> On Mon, 2010-11-01 at 18:00 +1100, Steve McInerney wrote:
>> Basically, by information gathering from publicly available sources,
>> you
>> can gather ALL sorts of amazing info and draw inferences from that,
>> that
>> will horrify those who don't want you to know those things. [1]
>> Individually, the items may be "unclassified", but collectively, the
>> entire database can give an incredibly accurate picture of a nation's
>> war fighting capability. Which is um... Secret Squirrel - ie peoples
>> lives really are on the line.
>>
>> ie Sensitivity in the Confidential side of Security, via Aggregation
>> of
>> Information. (vs Integrity or Availability)
>
> This is the primary concern that commercial projects have. Some projects
> have reported that Launchpad leaked information and pointed to sites
> that explain how the author used public information to make an
> inference. Consider that Launchpad is not the only site hinting that
> private information exists. Other do as well. Learning just a few pieces
> of information of who, when, and where on a combination of sites is
> enough for a savvy journalist to deduce that a company is enabling
> software for a new chip to be released in 90 days.
>
> We do not want to disclose that private information exists when we can.
> When Launchpad has private projects, the UI will make it clear to
> project owners that who has access to their projects and summarise the
> information that is disclosed.
I agree in general. But Henning's case is somewhat special: The
translations page of a project can be accessed by people who do not have
access to the "translation sync branch". I assume that persons who have
access to the main translation page can also view all the strings that
can translated -- and this gives away quite more details about a project
than the branch name or the "eposition" of the fact that a translation
branch exists.
And while reviewing Henning's branch, I simply wondered if we should
display a text like "there exists import/export branches for the
translations, but sorry, you can't view them" instead of claiming that
no such branch exists. After all, knowing that/if new translations are
automatically synchronized gives translators an idea how fast/how
reliably their work is merged with the other development work, how long
it takes until users/testers can see the translations etc.
Abel
References