To all:
Please reread Randy's thoughts below. This gels so well with what I
have been thinking, I just want to see if anyone else is spurred on
by this. I think this may be a REAL solution to some of the problems
and to future potential problems with security.
Randy Hall wrote [@solutions to lost boxes]:
> ...set up a database ala ILC; e) check the web server logs to
> see who is accessing particular clues -- at least you can know *if* anyone
> read the clue, and can often determine their geographical location and
> whether they exist outside this group -- for Dan to do this, he would have
> to coordinate with his ISP (most do this for free if they are on the ball).
> ...While I favor openness, I am against general promotion, as was disussed
> at various times previously. I want the sort of person that seeks out
> or discovers letterboxing on their own to be drawn into the hobby. That
> sort of person may need to see maps and clues on a web site to get hooked, > but that sort of person most likely will not be the jerk who would
> vandalize.
I agree very strongly that general (indiscrete) promotion is bad for the hobby.
In that regard I have always supported the sort of "people network"
approach passing information along by word of mouth to people we know and
trust. I'm sure the hobby will grow more slowly that way, but at least we
will have some security in knowing our main audience is a trusted group.
And some of the security measures above that Randy has mentioned will go a long
way toward protecting us from indescrete web users who are bound to stumble onto
clues information. I'm not convinced yet that the web has contributed anything
to vandalism. And even if it has (though let's find that out first) I feel that
there are ways to deal with it that would not require us to remove our clues
from the web. Chief among them (and in contrast to what Mitch and Randy are
saying) is that we could lean more toward the Letterbook concept and toward
keeping boxes closer to the population (in plain public view) rather than having
them be in remote places. If a place is real clear and open to public view
(like downtown) its good -- lots of people around to watch whats going on. If
it is real remote and secluded that may deter detection from thieves (or will
it?), but it will eliminate the appeal for 95% of people. Somebody said that a
"concerned" vandal will leave no stone unturned, so even if the box is far away
he will go after it nonetheless. But if the box is in your front yard or in
your neigbor's front yard the thief will be very weary indeed.
But the thing I like about Randy's suggestion above is that it would make the
web to operate for us in a similar fashion to the e-mail list. The members on
our e-mail list are disclosed to other members who want to see who's on it. It
is NOT exclusive. There is NO anonymity. Its COMPLETELY OPEN. You can't just
lay back in the weeds and gather information and have nobody know who you are.
And that's good. But we want to see who is accessing our clues on the web
also. That way we will know (within a certain group) who has viewed the clues
and who may then vandalize our boxes through that information. It greatly
reduces (and perhaps it will almost eliminate) abuses on the web.
Also, boxes should be hidden so that people don't just discover them by
accident. Your intent should be to make it so that working the clues is
necessary to discover the box. That's the main gist of the game.
Yet I want to be clear. And I don't want to be premature. Let's find out if
these boxes were stumbled upon or not. If they were stumbled upon no amount of
web security will help our cause and we will just be spinning our wheels as
reactionaries with a delusional cause. I think we should wait with this until
we know more. And I think it would be a gross over-reaction to start removing
your clues from the web without knowing more. If we discover problems that we
know are the result of a lack of web security then we can install security
features to protect our clues without losing the convenience and the openess
the web affords ( Thanks in large part to Randy pointing out the availability of
the security ).
Like I said, One step at a time.
In the mean time I will check with my ISP to see what can be done in the way of
passwords, etc. in case we need to go that route. But let's see what happens
first.
Thank you,
Dan'l
------------------------------------------------------------------------
eGroup home: http://www.eGroups.com/list/letterbox-usa
Free Web-based e-mail groups by eGroups.com
Don't lose hope...
4 messages in this thread |
Started on 1999-01-09
[L-USA] Re: Don't lose hope...
From: Daniel Servatius (elf@pclink.com) |
Date: 1999-01-09 12:22:49 UTC-06:00
[L-USA] Re: Don't lose hope...
From: Thom Cheney (tcgrafx@imagina.com) |
Date: 1999-01-09 11:09:34 UTC-08:00
Daniel Servatius wrote:
> Randy Hall wrote [@solutions to lost boxes]:
> > ...set up a database ala ILC; e) check the web server logs to
> > see who is accessing particular clues -- at least you can know *if* anyone
> > read the clue, and can often determine their geographical location and
> > whether they exist outside this group --
To what end? Are we to become the letterbox police?
I still have trouble believing that someone looking for trouble zeroes
in on letterboxing on a www search, just HAPPENS to find clues that are
near enough to his/her location, travels to said location and vandalizes
the box just for the merry heck of it. Although the stamps are art,
they don't have much value to anyone other than us letterboxers.
While I don't believe we should be posting clues on telephone poles
around our sites, I think that posting them on the internet is still
relatively safe. A gee-whiz-bang-big-brother-is-watching-you server
won't take away all the risk. I suppose if you want to spend the time,
efort & bandwidth to make it happen, go ahead, but I don't really see
the point.
--
Thom Cheney
tcgrafx... among other things
------------------------------------------------------------------------
eGroup home: http://www.eGroups.com/list/letterbox-usa
Free Web-based e-mail groups by eGroups.com
> Randy Hall wrote [@solutions to lost boxes]:
> > ...set up a database ala ILC; e) check the web server logs to
> > see who is accessing particular clues -- at least you can know *if* anyone
> > read the clue, and can often determine their geographical location and
> > whether they exist outside this group --
To what end? Are we to become the letterbox police?
I still have trouble believing that someone looking for trouble zeroes
in on letterboxing on a www search, just HAPPENS to find clues that are
near enough to his/her location, travels to said location and vandalizes
the box just for the merry heck of it. Although the stamps are art,
they don't have much value to anyone other than us letterboxers.
While I don't believe we should be posting clues on telephone poles
around our sites, I think that posting them on the internet is still
relatively safe. A gee-whiz-bang-big-brother-is-watching-you server
won't take away all the risk. I suppose if you want to spend the time,
efort & bandwidth to make it happen, go ahead, but I don't really see
the point.
--
Thom Cheney
tcgrafx... among other things
------------------------------------------------------------------------
eGroup home: http://www.eGroups.com/list/letterbox-usa
Free Web-based e-mail groups by eGroups.com
[L-USA] Re: Don't lose hope...
From: Daniel Servatius (elf@pclink.com) |
Date: 1999-01-09 14:46:12 UTC-06:00
Thom Cheney wrote:
> Daniel Servatius wrote:
> > Randy Hall wrote [@solutions to lost boxes]:
> > > ...set up a database ala ILC; e) check the web server logs to
> > > see who is accessing particular clues -- at least you can know *if* anyone
> > > read the clue, and can often determine their geographical location...
> To what end? Are we to become the letterbox police?...
> ...A gee-whiz-bang-big-brother-is-watching-you server
> won't take away all the risk. I suppose if you want to spend the time,
> efort & bandwidth to make it happen, go ahead, but I don't really see
> the point.
I don't see it as big brother Thom. The truth is I hope it is not necessary to
do this. But certainly if we have to we have to, esp. if the alternative is to
watch
our hard work be destroyed. But like I said, let's wait and see if we need to
take this step. We may not have to take it. Let's wait and see.
Dan
------------------------------------------------------------------------
eGroup home: http://www.eGroups.com/list/letterbox-usa
Free Web-based e-mail groups by eGroups.com
> Daniel Servatius wrote:
> > Randy Hall wrote [@solutions to lost boxes]:
> > > ...set up a database ala ILC; e) check the web server logs to
> > > see who is accessing particular clues -- at least you can know *if* anyone
> > > read the clue, and can often determine their geographical location...
> To what end? Are we to become the letterbox police?...
> ...A gee-whiz-bang-big-brother-is-watching-you server
> won't take away all the risk. I suppose if you want to spend the time,
> efort & bandwidth to make it happen, go ahead, but I don't really see
> the point.
I don't see it as big brother Thom. The truth is I hope it is not necessary to
do this. But certainly if we have to we have to, esp. if the alternative is to
watch
our hard work be destroyed. But like I said, let's wait and see if we need to
take this step. We may not have to take it. Let's wait and see.
Dan
------------------------------------------------------------------------
eGroup home: http://www.eGroups.com/list/letterbox-usa
Free Web-based e-mail groups by eGroups.com
[L-USA] Re: Don't lose hope...
From: erik/susan davis (davisarc@wcvt.com) |
Date: 1999-01-09 14:15:49 UTC-08:00
I feel that the solution posed by Randy (if I understand it clearly)
will work if we decide that we need it - but I agree with Dan that we
should not jump to conclusions too soon.
Right now, if any idividual feels concerned enough to react
protectively, (s)he can always remove clues and send clues via to
requests only. I suggest we leave it alone until we know more, altho
preparing a method as Randy and Dan discuss is also a prudent measure.
I'd just hope that, if we need to institute some sort of web-protective
measures, we keep it simple - needing to register ala some early ILC
proposals might deter some potential letterboxers that we'd like to keep
involved. KISS
BTW, I greatly enjoyed Thom's and Mitch's recent humor - ROFLMAO Big
Time.
Erik
------------------------------------------------------------------------
eGroup home: http://www.eGroups.com/list/letterbox-usa
Free Web-based e-mail groups by eGroups.com
will work if we decide that we need it - but I agree with Dan that we
should not jump to conclusions too soon.
Right now, if any idividual feels concerned enough to react
protectively, (s)he can always remove clues and send clues via to
requests only. I suggest we leave it alone until we know more, altho
preparing a method as Randy and Dan discuss is also a prudent measure.
I'd just hope that, if we need to institute some sort of web-protective
measures, we keep it simple - needing to register ala some early ILC
proposals might deter some potential letterboxers that we'd like to keep
involved. KISS
BTW, I greatly enjoyed Thom's and Mitch's recent humor - ROFLMAO Big
Time.
Erik
------------------------------------------------------------------------
eGroup home: http://www.eGroups.com/list/letterbox-usa
Free Web-based e-mail groups by eGroups.com