[OSM-talk] Why doesn't OSM implement a simple measure to protect it's users and passwords?

[Frederik Ramm]

Hi,

John Smith wrote:
>> The UK government can, at any time, force access to our servers which are
>> located within its jurisdiction, and download your every private traces from
>> these servers.
> 
> Correct, so when are the servers shipping out of the UK into a
> jurisdiction that actually respects privacy?

I don't value privacy above all else. Name a jurisdiction you think 
respects privacy, and then let us evaluate

* how would OSM servers be funded there
* how would we get expert admins nearby like we have now
* how would we make sure we have similar network performance and reliability
* what downtime and other unwanted consequences would a move imply

and then we can discuss whether anyone wants to afford the extra 
privacy. I'm unlikely to be in favour.

> So adding comments to trac and sending emails on this topic is doing nothing?

Nothing of value anyway.

> So what exactly is it in your opinion that I could be doing that I'm
> not already?

Raise funds for better hardware that seamlessly handles encryption; or 
start modifying editors to support OAuth so that they can use SSL for 
the login part only - that would be a start. Write How-Tos etc. that 
explain OAuth to users.

Bye
Frederik