h2g2 The Hitchhiker's Guide to the Galaxy: Earth Edition

Hello. I just added a couple of facts to the Stephen Hawking article (the symposium to celebrate his 60th birthday and the "each equation halves the sales" quote). I hope I followed all the correct procedures. I may come back and add more sometime when I'm not so busy.
Ekaterin.

Thank you for contributing! You have followed the procedures just fine.

OK, I've contributed all I can without doing some *real* research (which I'm too lazy to do). Is it all right to start a new collaborative article on any topic I like? I'm thinking of starting one on the fantasy author Michael Moorcock, because I'm a fan of his Elric books but haven't read enough of his other books to write the whole article myself.
Ekaterin.

Of course. Go ahead and create it.

By the way, what would you think if this Collaborative project idea was altered slightly so that you had to receive an e-mail containing the password for the account instead of it being publicly available? The reason I ask is because if somebody abuses this account (or abuses someone/something using this account) - not you, of course, but somebody unscrupulous - then Traveller in Time and I are held responsible, and so we need a slightly more secure way of doing things.

I just wondered what your thoughts on that might be.

I've created the Moorcock article - I hope I followed all the correct procedures for that. Incidentally, is there any way that the procedures could be simplified or automated? Ideally a "registered collaborator" would be able to edit a collaborative article from their own account, and the cutting and pasting to the correct Journal Entry would be done for them. The project also needs to be better advertised, IMHO - at the moment it feels as though it's just you and me, and I only discovered it by chance when you mentioned it in a PR thread (IIRC).

As for emailed passwords, I assume that the instructions on Collaborator's personal space would be "send an email to (your email address)" rather than "post your email address and the password will be emailed to you" - many people don't like to post their email addresses because of spam. You'd probably want to pick a more secure password as well, so that people couldn't guess it. I don't know whether there's any way of making it really secure (so that all use of the Collaborator account can be traced to the actual person using it at the time). Wikipedia have some way of dealing with vandalism - I think it involves blocking IP addresses which have caused trouble.
Ekaterin.

Thank you for your thoughts.

Yes, my idea was that people send an e-mail and the reply they receive contains the password - I would not expect anybody here to post their own e-mail address.

I have discussed different methods of setting up a more organised version of this account in the other conversation on Collaborator's personal space, including the idea of having people create entries on their own account, which the 'registered collaborators' take and put into collaborative entries on this space. One advantage of this is that they can do a spelling/grammar check as they transfer it; after all, the main goal of the project is to speed up the entry-writing process.

I believe that the h2g2 researchers are, on the whole, very trustworthy people, which is why this account has started as 'open to all'. The only reason for suggesting ways to secure it is because of doubts placed on the security of my own account (and Traveller in Time's) in the unlikely event of any abuse occurring. Therefore, whatever security restraints that are put on the system, a certain degree of trust will still be present, and so I shan't be so bothered about going down the routes of IP blocking and other net security methods.

In other words, I don't think it's necessary to make the account 'as secure as possible' because we can trust each other; I just think we need a simple way to stop people abusing the account without jeopardising the effect and popularity of the project, but more seriously, without jeopardising the accounts of its creators.

Thanks again.

and of course, the dna engine isn't set up for the extra security needed, so it would take massive amounts of programmer time (always in short supply). hopefully this will become popular enough that the time needed would be worth it.

In the other thread, Traveller in Time says something about how this account needs to keep a low profile in order to keep functioning the way we want it to. Among computer people this is known as "security through obscurity" and is generally not regarded as a very effective way of keeping things secure. It also means that a lot of people who could make useful contributions don't know about this project and so aren't able to contribute.

Still, it's your account, so I'll follow your rules. Does the "low profile" rule mean that I can't tell anyone at all about the project, I can only tell close personal friends that I trust not to cause trouble, or what? I've seen a few unfinished Moorcock-related articles on h2g2, and I was thinking about inviting them to help with my Moorcock article at some point.
Ekaterin.

I agree with you that "security through obscurity" is a bad idea, as can be seen by the regular occurances of security breaches through known holes in microsoft windows.

however there are a couple of different bits of security and obscurity being talked about here.

The fact is that the DNA codebase just isn't set up to do what we are trying to do, so we have to use various work around solutions.

specifically this involves us having a shared account in one person's name, which if some nincompoop gets access and abuses it, could lead not only to the closure of this account, but also the banning of the person who kindly offered to be the administrative contact for the account, and set it up with their contact details.

we can by all means invite contributers to come here and add comments to the threads, but we have to be more carefull about giving out the password details to the account.

If this project works in any significant amount, there will start to be quite a few entries which as well as including the "contributers" who actually contributed, will also include "collaborator" as one of the contributers due to the creation of the article in collaborators name.

some people will then hop over and see who this "collaborator" is, thus finding the project.

as I said, we just have to be a little carefull who we give the account details to.

I agree with xyroth.

Once the system is changed from open-to-all to password-via-e-mail (I'll do that tomorrow?) then we needn't worry about Traveller in Time's over-advertising concern so much. But we do need to be careful nonetheless.

Okay I've done it. The only thing left to do is change the password.

Please tell me your thoughts on the revamped Collaborator Project, and follow the instructions on the page to receive the password.

That was me by the way! Baryonic Being.

I should also say that I think advertising the project more is now a feasible option. Additionally, do you think that the new system is too complex? Do you think it's secure enough and do you reckon that changing the password periodically would increase security (and sending e-mails to all members with details of the change, of course)?

I have asked to join in another thread. It feels rather like a job interview having to give details about myself before I'm allowed in. I suppose you think that's preferable to letting in just anyone though?

Asking about writing experience is particularly discouraging, and might make people feel that this project is only open to published authors. (Actually, maybe I should have mentioned my thesis and scientific papers in the other thread, but they're probably even more boring to most people than my website.)
Ekaterin.