[spam-stopper] Privacy boondoggle
error10 at gmail.com
Wed Oct 26 19:17:08 UTC 2005
All right, we should get this whole privacy thing settled right now, before
either Akismet becomes any larger, or the problem becomes any larger.
Matt, the WordPress plugin sends pretty much everything to the server,
including many things which don't seem to be particularly necessary, like as
Dirk pointed out, the server version.
What do we NEED to be sending, and what can be omitted?
On 10/26/05, Dirk Haun <dirk at haun-online.de> wrote:
> is there a list of required fields that have to be included when sending
> a request to the Akismet web service?
> I've managed to produce a working plugin for Geeklog by reverse-
> engineering the WordPress plugin, but on closer inspection, it does seem
> to send quite a lot of information over the wire.
> I can understand that you probably don't want to specify exactly what
> Akismet is looking for in a spam post, but the current implementation
> (copied and pasted from the WordPress plugin) does send a lot of
> obviously unnecessary information, as well as some that raises privacy
> and even security concerns.
> For example, I assume Akismet doesn't really need to know that my
> webserver has PDFlib installed, or in fact, anything about my webserver.
> I'm also going to filter out the cookies (session cookies, for example,
> are a touchy subject) and would suggest that the WordPress plugin does
> the same.
> Other than that, I'm pretty excited about this new spam filter and am
> eagerly awaiting the next wave of spam posts ;-)
> bye, Dirk
> spam-stopper mailing list
> spam-stopper at lists.automattic.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the spam-stopper