[OSM-talk] anonymous edits
Serge Wroclawski
emacsen at gmail.com
Fri May 27 10:17:51 BST 2011
Martijn, I'm going to re-arange the sentences here to make it easier to respond.
On Thu, May 26, 2011 at 1:51 PM, Martijn van Exel <m at rtijn.org> wrote:
> Hi all,
>
> Consider the following applicaton scheme:
> * a twitter user sends a geo-located tweet containing a specified
> hashtag, say #addosm and key-value pairs like "amenity:pub;name:Red
> Devil;smoking:yes"
> This would be an easy way to add POIs on the go, and could be an
> interface for mobile applications to post new POIs.
I see technical issues here.
First, it seems like you'd only be able to add nodes. This would be
pretty sloppy, offer no mechanism for checking existing nodes, etc.
Secondly, if you have a smart phone with twitter and geo-coding, why
aren't you using a real POI collector app?
> * a twitter scraper picks up the tweet, archives it and posts a new
> point using the twitter coordinate and the decoded k-v pairs, plus an
> additional tag source:twitter[@twitteruser] or something like that.
This is okay, in my opinion if you've pre-authenticated this web
application to do edits on your user behalf, ie used OAuth.
> This would not be
> totally anonymous but it's close.
Why should it be anonymous?
Let's image such a web application.
It looks for twitter feeds and does what you suggest. I think it must
be per user. And if it's per user, then it can accept OAuth and act on
the user's behalf. And if it does that, then it doesn't need to be
anonymous.
> What do you think, is this acceptable?
If it's taking random user data from Twitter, no way.
If it's taking data from users who have authorized it to do so, I
think it's still a bad idea for technical reasons, but I see no issue
with it from that standpoint.
> A similar level of anonymity is reached by WheelMap.org
> that allows anonymous OSM edits through their web site via the OSM
> account wheelmap_visitor[2].
This pattern has been tried before in OSM and is generally considered a problem.
WheelMap.org takes huge precautions but even that, I think, isn't enough.
We're making it increasingly easy to have users sign up to OSM. We
have OAuth for external editors, and we'll likely have OpenID soon for
external authentication. If you see a way to simplify signup further,
then you should be trying to code it up and show it to people.
As your link points out, OSM had anonymous edits, and got rid of them.
Those arguments still hold, and so I think that instead of
anonymizing, it's better to focus on ways of getting the data in and
out easily.
- Serge
More information about the talk
mailing list