Comments (10)
Can you clarify the problem?
The apps do not report locations to a broker/endpoint per default, hence there is no documentation about that.
from booklet.
It seems that some other apps do report to demo servers by default. So adding a line in the security section that says:
"Both the Android and iOS apps will not report location to anywhere until the user explicitly configures a server to publish location to."
would address what I am asking. I'm glad to hear that this sounds true.
from booklet.
Which 'some other apps'?
Which 'demo servers'?
This is OwnTracks. There are no surprises. You get what you ask for when you configure it, and you get it where you tell the apps to send it to.
from booklet.
See the text at https://apps.apple.com/us/app/traccar-client/id843156974
That's great that there are no surprises. I would just like to see affirmative documentation of security properties, and nothing configured by default seems on a par with TLS and access control.
from booklet.
Why do you bring Traccar into this? This is OwnTracks.
from booklet.
I avoided doing so until you asked.
Once one is aware that an app might have a preconfigured server, it is a fair question to ask if owntracks does. Many people in the world seem to think that convenience and immediate demo are a good thing. Obviously you think that sending data without permission isn't ok, and owntracks behaves correctly. I am simply asking that the security documentation, which has the purpose of explaining the security properties of the system, note that this desirable security property holds. (Most of my motivation is to understand owntracks behavior, but I also would like the app world to have security specifications.) I don't understand why asking for a sentence to be added where it might help others is an objectionable request.
from booklet.
I don't understand why asking for a sentence to be added where it might help others is an objectionable request
It is not, we were just a bit puzzled about the issue. It read as if we were sending location data without the user consent ;)
The booklet is also on Github, we're very happy to accept PRs for any improvement to it.
from booklet.
Thanks - see #47
from booklet.
Merged, thanks.
from booklet.
Thanks for the discussion and for merging my change. Sorry if I sounded accusing -- I was just trying to point out something missing from the docs without presuming which way it actually was.
from booklet.
Related Issues (20)
- Security section does not address reverse geocoding
- Update iOS TLS to current iOS screenshots and mention extra steps
- locatorDisplace default value - code 500m vs documentation 0m HOT 3
- Missing Friend Bookmark Feature HOT 2
- Please clarify documentation on HTTP vs MQTT HOT 2
- GDPR and google fonts HOT 1
- Add TOURS paragraph
- Add requests/tour JSON to Booklet
- Mosquitto version used in docs outdated HOT 2
- Link to openHAB integration outdated HOT 1
- Remove "share" flag for regions and clarify "Region Monitoring and Waypoints"
- Update pkcs12 steps for newer openssl binary HOT 1
- Describe Recorder's republishing with Lua plugins
- Describe hidden yaml configuration HOT 1
- Faces for a CARD can be taken on iOS app
- Mention and demonstrage _lr user
- Publish waypoints to devices HOT 14
- Hey I made a thing... HOT 2
- Some JSON settings not explained in the booklet HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from booklet.