Wikinews:Water cooler/technical/archives/2014/February

Recover access to Wikinews YouTube account
I've asked around, and we're down to one email address to regain access to our YouTube account. However, it is a bit of a puzzler:
 * e••••••••s@k•••••••••.com

Anyone able to guess who that might be?

I managed to figure out that b****.*****l@o*.**.** was one of my old @o2.co.uk accounts; but, O2 have closed email services for all but broadband customers. If we can work out who the other (above) email address might be, and contact them, then we can recover the account. --Brian McNeil / talk 12:06, 10 February 2014 (UTC)


 * Water_cooler/miscellaneous/Archive/17 → User:Symode09? Gryllida 13:48, 14 February 2014 (UTC)
 * Then we're, possibly, stuffed without help from the WMF. --Brian McNeil / talk 15:37, 14 February 2014 (UTC)

JavaScript updates
See MediaWiki talk:Ticker.js. Helder.wiki (talk) 10:44, 13 February 2014 (UTC)

wikinewsie.org emails and use of 3rd-party collectors known to collaborate with intelligence services
The problem of using Google's email services as an auto-collector on wikinewsie.org email addresses caused more friction than I would've liked last time it was raised; however, in forwarding a substantial document to the reporters' list I've - once again - discovered that my request people avoid the likes of gmail has been ignored.

Before I act, and so this cannot be said to be done in a unilateral manner, which of the following options do people believe might be reasonable:


 * 1) Delist from scoop/reporters distribution lists when found to be using Gmail to auto-collect email?
 * 2) Closure of email addresses until given assurances Gmail will not be used?

We're not, currently, handling anything suitably sensitive to have this as a major concern. But, it is the fact this was a point of conflict previously &mdash; one I assumed everyone was clear on being unacceptable &mdash; which is most-irksome. We should be amongst the groups who get fresh stuff from WikiLeaks; that'll never happen if we have to work on the assumption someone will use google email services and put their convenience ahead of the security of our sources. --Brian McNeil / talk 18:36, 16 February 2014 (UTC)


 * Absolutely not in regards to deactivating the addresses entirely; no telling what people might use those for. I (probably inappropriately) use mine as my primary email address, and can't remember the password for, nor when I last logged into, the free webmail account I used before that. The question I have to ask is, given just how much data is hoovered and stored, can we realistically have any faith any emails we send using any account are private from NSA, GCHQ etc?


 * There also lacks an alternative to amalgamating via Google etc, unless people log straight into the webmail part of Wikinewsie.org. The setup page lists settings available to hook up Wikinewsie to a local client like Thunderbird (which I used, before fire claimed my old laptop, God have mercy on its soul) but they aren't helpful to those who struggle with technical biz. Adding an exception is well-explained, but that's the easy bit. The mail protocols, and use of ports, will fly over many heads. BRS  (Talk)   (Contribs) 18:48, 16 February 2014 (UTC)
 * As soon as an email from a non-USian passes through a US-based mail server (eg Google) the entire message is considered "fair game". In contrast, email between US correspondents is - allegedly - only mined for metadata (i.e. the headers). One can assume that email wholly between non-US correspondents is mined for metadata whether we like it or not.
 * Since this information came to my attention due to Gmail bouncing a large attachment, the temptation is to drop such people from scoop/reporters. Taking technical steps to put message content largely beyond snooping is far further beyond the average person than the instructions you make reference to.
 * I've been warning people about Google since long before the Snowden revelations; in fact, since before most people had even heard of WikiLeaks. It is that there was some conflict on this matter previously, and my cautions on the matter have "been used as toilet paper" is most-annoying. --Brian McNeil / talk 18:59, 16 February 2014 (UTC)


 * The list seems to me to serve two distinguishable functions, one of which is much more demanding than the other. The simpler function is handling materials that should not be publicized; the more demanding, handling materials that should not be allowed to reach parties who might do serious harm with them.  Stuff that oughtn't be publicized includes copyrighted materials, which can be viewed privately but can't legally be put on the wiki; embargoed press materials; email addresses that might draw spam (or other bothersomely unwelcome traffic) if publicized.  Material that needs to be kept away from parties who might to real harm with it is most often going to be identities (such as real names, emails, addresses) of informants or, in some cases, victims, where the consequences of the information getting out could be rather more than spam.  Yes, at the far upper end of that is stuff the likes of NSA shouldn't get hold of, but there's plenty of stuff falling into this class without (hopefully) going quite that far, just as Google's behavior toward the NSA may be expected to reflect other aspects of their behavior as well (making them untrustworthy for more than just things the NSA shouldn't get their hands on).  A while ago we had someone claiming to file an original report from inside a war zone, who refused to send any documentation to scoop on the grounds that if xyr identity got out they'd be hunted down and killed.  Now, I lack confidence that wasn't a hoax, but the point is valid:  information that sensitive could not safely be sent to scoop, then or, presumably, now.


 * So should there should be two lists, one for stuff that oughtn't be made public, and one for stuff that truly needs to be kept confidential? --Pi zero (talk) 19:41, 16 February 2014 (UTC)
 * Ideally, we need more than just kludged-together distribution lists. That requires the ability to run mailing list software on a server we control. Given my new broadband connection, I could probably run that from home (as, say, lists.wikinewsie.org). Not ideal, but more-sophisticated than anything currently at our disposal on shared hosting. --Brian McNeil / talk 19:46, 16 February 2014 (UTC)