User:Ms7821/Security theatre: Difference between revisions
From London Hackspace Wiki
No edit summary |
No edit summary |
||
Line 77: | Line 77: | ||
* If user is still active, user is redirected to current URL with key | * If user is still active, user is redirected to current URL with key | ||
* If not, user is invited to ask on IRC | * If not, user is invited to ask on IRC | ||
This of course does nothing to protect against a member who forwards the streams, or writes an API to make the URL available to the wider world. But hey, it might stop a tiny bit of trolling. |
Revision as of 18:50, 24 April 2011
Currently webcams are easy to access on any device, simply by knowing the URL.
The following people requested for it to be members only
Montyphy | Monty |
TheHypnotist | Morris |
SamLR | Sam Cook |
Russss | Russ Garrett |
layer1gfx | Chris |
SheraDreaming | Lauren |
roberthl | Robert Leverington |
The following people requested it be left public
Renski | Darren McDonald |
ms7821 | Mark Steward |
dmi | David Ingram |
Paul2 | Paul Dart |
elliot_w | Elliot West |
solexious | Charles Yarnold |
earthshine | Mike McRoberts |
srimech | Jim MacArthur |
dirkx | Dirk-Willem van Gulik |
tajasel | Katie Sutton |
tomwyatt | Tom Wyatt |
Phil | Phil Roy |
v21 | George Buckenham |
varoudis | Tasos Varoudis |
Sunkzero | Darren Hubbard |
eb4890 | Will Pearson |
Eithin | Sam Kelly |
TheHypnotist | Morris |
Roberthl has already suggested a rearrangement of the cameras[1].
I hope that's enough, but if not, here's how the members-only limit might work without causing too much disruption:
- Logged in user visits webcam page
- Auth cookie is checked; user is given a long-lived cookie with auth details
- User is redirected to current URL with key (random)
- Current URL with key can be distributed
Periodically, current URL changes
- When current URL key is wrong, long-lived cookie is checked and user reauthenticated
- If user is still active, user is redirected to current URL with key
- If not, user is invited to ask on IRC
This of course does nothing to protect against a member who forwards the streams, or writes an API to make the URL available to the wider world. But hey, it might stop a tiny bit of trolling.