[JDEV] Kid-safe messaging: [was buddy icons]
jens at mac.com
Wed Apr 11 11:45:49 CDT 2001
On Wednesday, April 11, 2001, at 09:02 AM, Thomas Parslow (PatRat) wrote:
>> why do you think it will become an issue if the user itself is careful
>> enough? It definitely isn't easy to guess the account names on Jabber,
>> as it
>> is the case with ICQ.
> But that relies on every user knowing what they're doing ;)
Precisely, which brings us back to the subject of this thread. I guess
the conclusion here is that clients should either default to blocking
messages from non-buddies, or should when first run ask the user if s/he
wants to accept messages from non-buddies, with the default answer being
> Also, many users wish to be listed in online directories so that
> people can find them.
This is a wider issue. Blocking all non-buddies is pretty severe. It
might be enough to also accept messages from people who have you on
their buddy list, since you presumably approved their doing so. The
loophole I can see here is that you could end up getting spammed with
subscription requests like "The user hotbabe at sexxx.com wants to add you
to their buddy list. Do you approve this?"
One big vague architectural solution is to establish some kind of "web
of trust" where transitive buddyhood (foo at bar.com is unknown to me but
is on one of my buddy's buddy lists) is used as a heuristic to guess
that someone is legit and therefore not block their messages. The
problem is how to trawl through the directed graph of buddy lists
without privacy concerns coming up, since I don't necessarily want all
my buddies knowing who else is on my buddy list.
Here's a quick thought: Allow each user to keep a private server-side
list that rates other users positively or negatively. Other users can
then send special messages to your server to query for your rating of a
single other user. By sending such a query to your whole buddy list, you
can compute an aggregate ranking that gives you an idea of whether or
not to trust or block some unknown user. Should be quite simple to
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 2380 bytes
Desc: not available
More information about the JDev