From mboxrd@z Thu Jan 1 00:00:00 1970 From: Tyler Smith Subject: Re: Gmane readers - please subscribe Date: Tue, 27 Apr 2010 09:15:29 -0400 Message-ID: <87fx2hnij2.fsf@eku238261.eku.edu> References: <87wrvtkawl.fsf@benfinney.id.au> <87k4rtod4o.fsf@eku238261.eku.edu> <87ljc9jjqt.fsf@benfinney.id.au> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Return-path: Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1O6kdq-00070x-9K for emacs-orgmode@gnu.org; Tue, 27 Apr 2010 09:15:58 -0400 Received: from [140.186.70.92] (port=33673 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1O6kdo-0006yZ-Ty for emacs-orgmode@gnu.org; Tue, 27 Apr 2010 09:15:57 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.69) (envelope-from ) id 1O6kdi-0001Oi-LK for emacs-orgmode@gnu.org; Tue, 27 Apr 2010 09:15:56 -0400 Received: from lo.gmane.org ([80.91.229.12]:60052) by eggs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1O6kdi-0001Nm-Ar for emacs-orgmode@gnu.org; Tue, 27 Apr 2010 09:15:50 -0400 Received: from list by lo.gmane.org with local (Exim 4.69) (envelope-from ) id 1O6kda-0004Vu-0L for emacs-orgmode@gnu.org; Tue, 27 Apr 2010 15:15:42 +0200 Received: from 157.89.133.54 ([157.89.133.54]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 27 Apr 2010 15:15:41 +0200 Received: from tyler.smith by 157.89.133.54 with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 27 Apr 2010 15:15:41 +0200 List-Id: "General discussions about Org-mode." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: emacs-orgmode-bounces+geo-emacs-orgmode=m.gmane.org@gnu.org Errors-To: emacs-orgmode-bounces+geo-emacs-orgmode=m.gmane.org@gnu.org To: emacs-orgmode@gnu.org Ben Finney writes: > Tyler Smith writes: > >> Ben Finney writes: >> >> > A large part of my reason for reading via Gmane is to avoid yet >> > another set of authentication credentials. Especially one that I >> > never use; that's a security nightmare waiting to happen. So I'm not >> > interested in increasing my security exposure by making a Mailman >> > account on yet another site. >> >> Yikes! What nightmare awaits those of us who've foolishly gone ahead >> and subscribed? What's my exposure, beyond some nefarious cracker >> impersonating me on emacs-orgmode? > > The assumption here is that logging into the mailing list account is > something done infrequently to never for any given user. That's > certainly the case for just about any list I've subscribed to. > > For an infrequently-to-never used passphrase, one of two things is the > case: either it's unique, or it is identical to the passphrase that > accesses some other set of services for the user. > > Since it's an infrequently-to-never accessed service, it's an > unreasonable burden to expect the user to maintain unique passphrases > for every such service. If for this list, why not for every such list? You know, Firefox stores passwords automatically nowadays. Like a lot of people, I have many 'disposable' accounts with unique passwords, which are stored in Firefox. I signed up for org-mode yesterday, and if I ever need to log in again the password is stored in my Firefox profile. I don't know about other browsers, but there was exactly one extra click required for this to happen - "do you want Firefox to remember this password?". So I have to disagree about the unreasonableness of the burden here. Tyler