[Slackbuilds-users] Repology a public emailaddress repository; SlackBuilds-users Digest, Vol 147, Issue 3

David Spencer idlemoor at slackbuilds.org
Mon Jul 2 22:10:04 UTC 2018

> That's not the issue; the fact that personal details get transferred
> from SBo to another site who actively advertises these details 
> on the basis of a facebook-like argumentation is
> something that can no longer be accepted as normal.

Let me make this absolutely clear: Repology has those 'unscrambled'
email addresses not because SBo gave those addresses to Repology -- we
simply don't have them in 'unscrambled' format -- but because (as Arnaud
explained) it is trivially easy to make a script that removes the
variants of [at] [NO] [SPAM] etc. And that's what Repology has done, not
because they want to expose people to risk, but because of people who
invent multiple 'scrambled' variations of their names and email
addresses, which cannot be correlated without removing the "spam traps".

> According to eu laws people should be informed about this and asked to
> opt out if they want to. I do not see the need why repology should be
> able to publish my details without such provisions.

SBo is operated in the USA, and Repology is operated in the Russian
Federation. Each jurisdiction comes with its own obligations. In the
case of Github, there's the DMCA :(

> And I think Sbo should think much harder than to make these
> details so publicly available. If they do, it should be via a layer in
> between; that is, for example, via an SBo-email address that represents
> the maintainer so that email-requests can be moderated/filtered. I do
> not want that details that have been in good faith passed on to SBo, are
> brought onto a platform that, when big and popular enough, will be
> sold/mined by agencies we are not thinking of as yet. 

You can organise your own layer in between.

Unlike almost every other software project, SBo tolerates pseudonyms for
maintainers. We want you to read and reply to email at that address, and
we can give your packages to somebody else if you don't. But we don't
check proactively and it could even be a mailinator address.

(The email address you use in the submission form is checked, but it
does not need to be the same as the address in the .info file.)

I'm pretty sure that the amount of spam I've had from participating at
SBo is very close to zero -- whereas I once had a death threat from
opposing The SCO Group. So please have a sense of proportion. Frankly,
"spam trapping" your email is mostly pointless. If you're worried about
"agencies we are not thinking of as yet", or death threats, you need a
pseudonym, not a spam trap.

And please can I say, it has sometimes been a significant pain for me
when people have multiple variants of 'scrambled' email, because it
makes it difficult to query git to discover whether a maintainer
silently stopped maintaining eight years ago...


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.slackbuilds.org/pipermail/slackbuilds-users/attachments/20180702/2ab2e435/attachment.asc>

More information about the SlackBuilds-users mailing list