[Operators] Prosody vs. spammers - security measures?

Alexander Holler holler at ahsoftware.de
Tue Feb 4 15:42:11 UTC 2014


Am 04.02.2014 15:35, schrieb Evgeny Khramtsov:
> Mon, 03 Feb 2014 21:25:23 +0100
> Alexander Holler <holler at ahsoftware.de> wrote:
>
>> Am 03.02.2014 20:57, schrieb Evgeny Khramtsov:
>>
>>> We're thinking to switch to SMS-based verification for
>>> jabber.ru: we have it currently and it works fine and is pretty
>>> cheap, just need to disable email verification completely.
>>
>> Hmm, nice way to collect users phone numbers.
>>
>> I'm not sure if such should be done as it requires that users have to
>> provide more datas than they usually want.
>>
>> And if such becomes a common requirement, privacy has become a bit
>> more eroded, if such even still exists on the net.
>>
>> Regards,
>>
>> Alexander Holler
>>
>
> It's up to you. I just shared my experience. Nobody is going to make it
> a requirement. I don't even think there will be any proposal. We have
> such discussions from time to time here and they end up nowhere. I
> don't think this discussion will be an exception.

Hmm, I think you misunderstood me. I haven't assumed it will become a 
requirement dictated by any XEP or similiar, and if someone would be 
silly enough trying to do such, it will be likely a politican or spook.

The keyword above was 'common', that means if more service-providers do
think that this is a good idea (because it might work), it might become
finally accepted by users too. And then people will have to leave their 
phone numbers everywhere (e.g. to login to some bugzilla) and the phone 
numbers will be conserved in logs, DBs and similiar for future 
generations, besides all the stuff which can already be done if you know 
someones phone number.

Regards,

Alexander Holler




More information about the Operators mailing list