[Mailman-Developers] full anonymisation

[Abhilash Raj]

Hi Rashi,

On 28 February 2015 at 12:39, Rashi Karanpuria <2013165 at iiitdmj.ac.in> wrote:
> Trying to hide things from list moderator may be a futile approach in case
> of mailman, though allowing list moderator to be the supreme boss
> decreases the no of user cases it serves for eg. a complaint/suggestion
> list in organization mailing lists may end up useless as the head would
> know who criticized him but it still covers many critical use cases.
> Coming to the present approach we were wondering if trust was more
> important than being anonymous I listed the use cases [1] and concluded
> that being anonymous is a major feature than being creditable. As in the
> whistle blower use case we were discussing, the concern was if we don't
> keep the same fake id for an exposer, people won't believe her. But in my
> opinion even if she keeps the same fake identity people won't believe her
> until she proves or shows that she is telling the truth because the matter
> she is exposing is critical and delicate and works on proofs.


First thing, I guess you have used list-admin and list-moderator
interchangeably.
You should know that there are three roles:

1. List Admin
2. List Moderator
3. Site Admin

You should be clear about the differences between these three. Next,
try to answer
four questions for each use case that Steve mentioned:

1. Who can be trusted?
2. Who needs to be anonymous?
3. What are the social threats if anonymity is breached?
4. What are the technical threats to anonymity (ie, how can it be breached)?


> [1]:
> 1. *Alcoholics list*:
>         Here alcoholics suffering and willing to give it up share their issues
> and seek help from the community and people of the same type. Trust
> though could act as a plus point here as we are handling a social issue.
> But it still meets its purpose without involving trust as the major work
> is to arrive to a solution and meet people of your type and share the
> pain and get cured.

Answers:

1. The list-admin needs to be trustworthy for starters. The situation could be
that there is one single person who can be contacted to join this  list
(who knows the original email of each user).

2. All the subscribers are anonymous among themselves.

3. Social implications of breach may be loosing your job?

4. The list-admin can be threatened to reveal the identities of subscribers
  (or single subscriber).


Can you try to answer similarly for the other cases?

> 2. *therapy group*:
>         Controlled by the doctor and as he knows everything being the list
> moderator he can better help his patients allowing them to mingle
> anonymously and as above it serves the causes aimed at.
> 3. *Drug Peddlers group or mafia asso.*:
>         Although we are not aiming at helping this section of people but just a
> thought! The king pin is the head and so is supposed to know everything
> but the workers below him need not know him or the co workers.
> 4. *Whistle Blowers*:
>         As mentioned it works on proofs and not trust.
> 5. *Pope Confessions*:
>         Similar functioning to therapy group.
> 6. *Battered wives*:
>         Suffers as if the list moderator knows the users (here wives not
> interested in revealing identities to any one) who will she be so that
> the wives (users) should trust her.
> 7. *Tax Evaders*:
>         Trust here is not required as people believe if the method worked. If you
> need trustworthy methods why would you subscribe to such a list. And even
> if this list has trust in the form of permanent fake ids the person after
> suggesting correct methods first and then lay the traps so people still
> can't trust anyone here.
> 8. *Teacher Student feedback and discussions*:
>         College/School authorities are the list admins and moderators here. And
> in such a list lesser the trust better the feedback ;)
>



-- 
thanks,
Abhilash Raj