[Standards] Expected behavior when blocking all unknown JIDs
flo at geekplace.eu
Sun Jan 15 12:10:06 UTC 2017
On 13.01.2017 20:36, Kim Alvefur wrote:
> First, I think we're better off if we think of blocking strangers by
> default as a privacy protection measure, instead of a SPAM prevention
Exactly, as far as I see it, there are three scenarios:
- An entity sends you messages in order to sell you something
- An entity sends you unwanted messages (harassment, stalking, …)
- An entity receives sensitive data from you (usually presence)
- A malicious entity is able to make you consume resources (battery,
data volume, …)
I strongly agree with Kim that blocking should be seen as primary
measure for privacy protection, not SPAM prevention.
That said, I do believe that the three scenarios need to interact with
each other by using common protocol mechanisms.
I think it's possible to deal with message SPAM without restricting the
sender by their presence subscription status of the receiver. I do not
want to live in a world where users have to be subscribed to my presence
in order to send me messages. After all, XMPP is a communications
protocol, and that approach limits communication. I really wonder why
this does come up once in a while.
Presence SPAM is a hard problem right now. I don't found a good solution
yet. It only become clear to me that users receiving presence
subscription requests should be presented with a third option in the UI,
besides 'accept' and 'reject', there should also be "ignore, report and
block spammer". Maybe presence pre-approving could be helpful here.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 610 bytes
Desc: OpenPGP digital signature
More information about the Standards