|
Grex > Coop > #284: Grex Town Hall -- How do we move forward? - Fall, 2010 |  |
|
| Author |
Message |
| 25 new of 334 responses total. |
richard
|
|
response 144 of 334:
| 
Nov 24 23:30 UTC 2010 |
Can't you just do automatic verification. Say you have to provide a
valid email address, a link is then automatically sent there that you
have to click on to validate. Then the system notes that email and ip
and in the future automatically rejects any other newuser request that
ever comes from those details. No humans or human judgement is
involved. You have a valid email, you get in.
|
kentn
|
|
response 145 of 334:
|
Nov 24 23:41 UTC 2010 |
E-mail isn't in the current list of acceptable forms of ID for
verification. PayPal has pre-validated accounts, where you link a
credit card or bank account to the PayPal account and they make sure
it's real. So, that gives use more confidence that the person with the
PayPal account is real and gives us a better audit trail if there are
issues.
To allow e-mail verification of the type you suggest would require more
Board actions and potentially a member vote (although it appears that
PayPal verification was added only via a Board vote). We certainly can
discuss this at an upcoming meeting.
I would be concerned that someone using a fake name could create a
free e-mail account and get verified, cause problems, and we'd have no
recourse to identify them if the govt. came calling.
|
cross
|
|
response 146 of 334:
|
Nov 24 23:46 UTC 2010 |
resp:144 What's the point? Kent understood exactly what I was getting at
in resp:142. There's no humans involved there, either (other than the
person getting an account).
|
cross
|
|
response 147 of 334:
|
Nov 24 23:49 UTC 2010 |
As a matter of fact, we talked about doing this at a board meeting in, I
think, 2008. It just hasn't been done yet.
|
richard
|
|
response 148 of 334:
|
Nov 25 00:07 UTC 2010 |
I'd think email verification is preferable to paypal. Grex is a non-
profit site and need not be in the business of encouraging or requiring
prospective new users to use a corporate site, PayPal, that has no
ownership stake here. Why solicit hits for PayPal unless Paypal is
paying Grex to do that?
Grex staff also doesn't need to get into storing personal information
about users. Email verification obviously isn't foolproof as kent
points out, but if it is done with Grex blocking future new user
requests from both that email address *and* the ip address it came
from, it at least makes it more difficult.
|
cross
|
|
response 149 of 334:
|
Nov 25 00:11 UTC 2010 |
We already know that the likes of Chad will give fake email addresses; they
did it to get around the *current* validation scheme. Richard, are you
willing to clean up after another attack from Chad or someone like him?
My suspicion is that your real objection to the validation scheme is that I
put it into place.
|
cross
|
|
response 150 of 334:
|
Nov 25 00:13 UTC 2010 |
Oh, yes, and it's really not about paypal per se. Any service that did
something similar, but could track a user down to a human being, would do just
as well.
Grex already stores personal information about users. It has since its
inception.
Trying to block on email address and IP address is a) useless when one
considers something like tor and how trivial it is to create a throw-away
email account, and b) more invasive for legitimate users who want multiple
accounts than what we're currently doing.
|
richard
|
|
response 151 of 334:
|
Nov 25 00:19 UTC 2010 |
No I object to the validation scheme based on what it is, not that you
came up with it. And re #150 I think limiting users to one login is
okay, who needs multiple logins here these days anyway?
The overriding point is that grex does not and should not be in any way
encouraging or promoting use of outside commercial services. Doing so
would just outsiders question grex's mission and whether grex is being
paid off by these commercial services to encourage its users to sign up
there in order to validate here.
|
richard
|
|
response 152 of 334:
|
Nov 25 00:30 UTC 2010 |
In fact I believe that Grex encouraging validating via a micro-payment
through PayPal is essentially promoting use of a for-profit service and
could be a violation of the rules for a 501(3)(c). This sort of thing
could threaten Grex's tax status.
|
mary
|
|
response 153 of 334:
|
Nov 25 00:49 UTC 2010 |
Oh, God, Richard. You better get right on the phone to The Red Cross,
Kiva and a host of other charitable non-profits and let them know about
this right away.
|
cross
|
|
response 154 of 334:
|
Nov 25 03:36 UTC 2010 |
resp:151 What if a user *wants* multiple logins? Why should we restrict
that? Have you *really* thought this through?
|
rcurl
|
|
response 155 of 334:
|
Nov 25 05:24 UTC 2010 |
Don't all online bbses, forums, etc "argue endlessly about [one or more
of] conservative vs liberal, republican vs democrat, atheism vs
religion, pro-choice vs pro-life, gun control, oil, wars, and all the
usual stuff"?
|
nharmon
|
|
response 156 of 334:
|
Nov 25 13:42 UTC 2010 |
I can not think of a single other forum I participate in that allows
political or religious arguments. So no, not all. But I'm sure many do.
|
cross
|
|
response 157 of 334:
|
Nov 25 13:44 UTC 2010 |
resp:155 That's my point. Grex is no longer unique; it's now a small fish
in a very, very big pond.
|
keesan
|
|
response 158 of 334:
|
Nov 25 15:10 UTC 2010 |
Last I looked at the Puppy Linux chat area two people were discussing
marijuana. Some linux forums have a 'general' area where people talk
about anything they like. SDF has a general forum.
|
kentn
|
|
response 159 of 334:
|
Nov 25 15:36 UTC 2010 |
If we can get the PayPal verification system working, would we also
credit their micropayment after we've assured ourselves the account
is okay? Any payment could be considered a donation and stated as
such several times during the verification process, if we cannot do a
credit. What is the smallest payment you can make via PayPal?
|
kentn
|
|
response 160 of 334:
|
Nov 25 17:04 UTC 2010 |
I see where PayPal offers micropayments and that might actually save
some fees as the rates are lower than if you send a small payment via
regular PayPal (the example I saw was that usually a $1 payment would
incur a 33c fee, but with micropayments the fee would be lower, 10c).
The problem with this is it requires a new PayPal account and is geared
more for merchants selling digital downloads. Plus, somebody in the
transaction (Grex or the user) loses those fees if you give money back
(and the credit transaction might incur a fee as well) unless PayPal
refunds the fees.
|
cross
|
|
response 161 of 334:
|
Nov 25 18:17 UTC 2010 |
Eh, I'd say ask them to donate either two or six dollars. Then you really
could make them members; if they let the membership lapse, that'd be their
decision.
|
kentn
|
|
response 162 of 334:
|
Nov 25 18:29 UTC 2010 |
Okay, then we should make it clear that using PayPal as a verification
method means making a donation for membership. That's one way to get
members :) I have a feeling that verification is a side benefit of
PayPal anyway, since you usually get there for the purpose of paying for
a membership.
|
nharmon
|
|
response 163 of 334:
|
Nov 26 13:46 UTC 2010 |
You know what, perhaps we should reconsider the whole paid membership.
Maybe being a verified person is all we should require to be a member.
If we did that, I think people would still donate to the organization.
In fact, some might feel more inclined to donate after receiving "free"
services (principle of reciprocity and all that).
|
cross
|
|
response 164 of 334:
|
Nov 26 15:40 UTC 2010 |
Hmm. That's interesting. I kind of like that....
|
veek
|
|
response 165 of 334:
|
Nov 26 18:05 UTC 2010 |
I was wondering, if someone wants to create a conference - what is the
procedure to do so? (I'm not planning such a thing, but if we have
newusers from the 'reverse engineering' community, they will need a
conference - in fact they may need multiple conferences.) Would that be
okay??
|
cross
|
|
response 166 of 334:
|
Nov 26 18:07 UTC 2010 |
Yeah, that's fine. I think they just request it from the conference admin.
|
kentn
|
|
response 167 of 334:
|
Nov 26 19:41 UTC 2010 |
One huge question is will we get enough donations to support the current
cost of running Grex and provide for system maintenance & replacement?
That holds true whether we have membership fees or not. The main issue,
as I see it, is not that we have dues for membership, as membership
essentially only gives you the right to vote and has not been tied to
user classes, as far as I know. Nor is membership expensive, so it's
not a matter of dollars ($6 will allow you to vote in the upcoming
election!).
Rather, it is that we need to "provide a system worth supporting" as
several people have said.
While making memberships free would certainly mean more members, would
they be involved in the governance of Grex? What is their stake in the
system?
Here are some things, in no particular order and not complete, that I
see we need to do beyond the current level of support we give Grex:
We need to find services to offer that agree with Grex's mission and
meet people's "worth supporting" criterion (and not worry so much if
we can compete with large commercial organizations).
We need to be responsive to users' and members' issues and fix the
"broken windows" of the system.
We need to keep our current services up to date and working as
expected.
We need to disseminate accurate and helpful information about our
system.
We need to add and maintain new services that are useful to users.
We need to publicize our existence and services and be able to
provide good service when people come here, including getting an
account to even try out the system.
We need to actively recruit new members.
We need to appreciate the members we currently have.
We need to actively encourage current members to continue their
memberships.
We need to encourage new volunteers to help.
We need to mentor and encourage new staff and ensure that we will
have staff members available to maintain the system.
We need to plan for Grex's future.
We do some of these things currently, just not enough and not fast
enough. Some of these things we don't do at all.
These are not merely a matter of the Board voting to do things. Grex
needs the time and effort of knowledgeable, motivated people to do the
work of making these changes.
We need users to be involved and willing to govern the system by
becoming members (whatever that cost). That includes coming up with
good ideas and participating in elections and member votes, things that
generally take a small amount of effort and investment--but potentially
have a big impact.
I see some of this occurring, which is a positive sign. But we need
still more involvement and effort.
What are you willing to do to help?
If you currently do not support Grex with a donation & membership, what
would make Grex "worth supporting" to you? If we made those changes, is
that really enough for you to make that donation, get a membership and
be involved in the governance of Grex? If not, why not?
If you are currently a member (thank you very much!) what will keep you
supporting Grex?
|
remmers
|
|
response 168 of 334:
|
Nov 26 19:56 UTC 2010 |
Re resp:165, resp:166 - It's been a long time since anyone requested a
new conference, so I think the procedure has kind of been forgotten.
The policy has always been that if you want a new conference you ask for
it in Coop, allow a few days for user input into the proposal, and if
you still want it after that, you get it (regardless whether people
thought it was a good idea or not). In earlier Coops there was a new
conference proposals item for that purpose, but I can't seem to find one
in the current edition - but see item:coop9,18 for an example conference
proposal item.
New conference proposals are pretty rare nowadays. Maybe the waiting
period no longer serves a useful purpose.
|