[Noisebridge-discuss] Access control & Safety, both personal and general space.
Jonathan Lassoff
jof at thejof.com
Wed Feb 8 21:39:56 UTC 2012
On Wed, Feb 8, 2012 at 1:31 PM, Casey Callendrello <c1 at caseyc.net> wrote:
> I like this classification, with one caveat: Only the Treasurer + Board
> should be able to define Consensed Members. If this is enshrined in some
> sort of system running on Pony, then anyone with sudo will be able to
> l33t h4x0r it, but that's probably okay.
>
> One possible issue: if this is somehow stored programatically and used
> for Caller-ID access, then there *will* be, on disk, a list of member
> pseudonyms and their phone numbers (opt-in, of course). I think the
> presence of such a list is okay, and I'm comfortable with my own number
> being there, but if someone is offended by the mere presence of such a
> list *and* has a better suggestion, I'm all ears.
Perhaps bcrypt the phone number and store that instead? That way, you
can verify that something's in there, but it can't be easily figured
out what it is.
> Otherwise, I'll try and hack this together soon.
>
> I can also think of two decent hacker tests: first, if you can spoof
> callerid to be from a specific number on the wiki, then you're okay.
> Alternatively, anyone who can generate DTMF A-D is also worthy.
Awesome! I think if we can detect 'em, KP or ST tones or a 2600 Hz
tone should get you in :p
It'd be awesome to be able to use a captain crunch whistle to get in.
I'd love for nothing more than to be able to re-capture the joy and
whimsy of trying something to hack ones way in that "just works".
--j
More information about the Noisebridge-discuss
mailing list