[OSM-talk] Why doesn't OSM implement a simple measure to protect it's users and passwords?
deltafoxtrot256 at gmail.com
Fri Dec 25 14:36:34 GMT 2009
2009/12/26 Steve Bennett <stevagewp at gmail.com>:
> I don't mean to troll, but why is security important for OSM exactly? My
> bank details, yes. My email, yes. But OSM? What am I afraid of, that someone
> will ruin my reputation by making edits under my account? Edits that can
> subsequently be reverted...?
Your account may be able to do relatively little damage, but what
about someone who has more access?
Then you also have the possibility of collecting large amounts of
account details, since almost everything is still sent in the clear,
what if they have a lot of accounts, how easy would that be to revert?
Which is the entire point of it, most of the time no one cares enough
until something bad happens...
If you want to talk about lax bank security I can give you a few
pointers there too, where banks in the UK and even in Australia aren't
doing to prevent common bot attacks already occurring, again, most
people don't care until it negatively impacts them.
If encrypted connections are so over rated, why don't people still use
telnet to manage servers?
More information about the talk