[Operators] Remove old unused accounts?

Peter Saint-Andre stpeter at stpeter.im
Thu Dec 10 13:24:41 CST 2009


On 12/10/09 12:19 PM, Mathias Ertl wrote:
> Peter Saint-Andre wrote:
>> That said, there is a minor security concern here. MUC rooms and PubSub
>> nodes could garbage-collect owners and admins/publishers, just as core
>> XMPP services do. This is another reason to put such entities in the
>> user's roster.
> 
> It wouldn't however be the only one. What happens if, say, some other
> mathias.ertl at jabber.org posts a lot of warez (or anything illegal for
> that matter... child porn?) into a forum and then also posts his JID for
> some reason. Then years later I register that same ID (works, because
> the old one has been deleted). Then I apply for a Job somewhere and
> someone googles my name... shit just happened :-P
> 
> Come to think of it, the same would happen if that other guy still uses
> that ID... hmm, maybe its not so much a problem.

It can happen. Sometimes I receive a request to delete from the archives
at http://logs.jabber.org/ some chatroom messages that someone sent
years ago. However, such events are quite rare.

I don't see that this is any more dangerous than, say, expired domain names.

Peter

-- 
Peter Saint-Andre
https://stpeter.im/


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6820 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/operators/attachments/20091210/10ac2a1d/attachment.bin>


More information about the Operators mailing list