User:Ms7821/Security theatre: Difference between revisions

From London Hackspace Wiki
No edit summary
Line 4: Line 4:


{|
{|
| Montyphy || Monty
| Montyphy || ?
|-
|-
| TheHypnotist || Morris
| TheHypnotist || Morris

Revision as of 18:52, 24 April 2011

Currently webcams are easy to access on any device, simply by knowing the URL.

The following people requested for it to be members only
Montyphy ?
TheHypnotist Morris
SamLR Sam Cook
Russss Russ Garrett
layer1gfx Chris
SheraDreaming Lauren
roberthl Robert Leverington
The following people requested it be left public
Renski Darren McDonald
ms7821 Mark Steward
dmi David Ingram
Paul2 Paul Dart
elliot_w Elliot West
solexious Charles Yarnold
earthshine Mike McRoberts
srimech Jim MacArthur
dirkx Dirk-Willem van Gulik
tajasel Katie Sutton
tomwyatt Tom Wyatt
Phil Phil Roy
v21 George Buckenham
varoudis Tasos Varoudis


The following people requested a new shareable URL
Sunkzero Darren Hubbard
eb4890 Will Pearson
Eithin Sam Kelly
TheHypnotist Morris


Roberthl has already suggested a rearrangement of the cameras[1].

I hope that's enough, but if not, here's how the members-only limit might work without causing too much disruption:

  • Logged in user visits webcam page
  • Auth cookie is checked; user is given a long-lived cookie with auth details
  • User is redirected to current URL with key (random)
  • Current URL with key can be distributed

Periodically, current URL changes

  • When current URL key is wrong, long-lived cookie is checked and user reauthenticated
  • If user is still active, user is redirected to current URL with key
  • If not, user is invited to ask on IRC


This of course does nothing to protect against a member who forwards the streams, or writes an API to make the URL available to the wider world. But hey, it might stop a tiny bit of trolling.