Why we do not push the ACCTDETAILS email via message queue?
Hi all, I was wondering why we do not push the ACCTDETAILS email via the message queue. Is it just one of those cases of "as things have always been done" OR there is a reason that I'm missing out? cheers indranil. Indranil Das Gupta L2C2 Technologies Phone : +91-98300-20971 Blog : http://blog.l2c2.co.in IRC : indradg on irc://irc.freenode.net Twitter : indradg
Maybe because for this message you're expecting it is sent immediately while message_queue table could be processed more occasionally ? Best regards S. Meynieux -- Responsable support BibLibre + 33 (0)4 91 81 35 08 http://www.biblibre.com Le 15/06/2018 à 12:40, Indranil Das Gupta a écrit :
Hi all,
I was wondering why we do not push the ACCTDETAILS email via the message queue.
Is it just one of those cases of "as things have always been done" OR there is a reason that I'm missing out?
cheers indranil.
Indranil Das Gupta L2C2 Technologies
Phone : +91-98300-20971 Blog : http://blog.l2c2.co.in IRC : indradg on irc://irc.freenode.net <http://irc.freenode.net> Twitter : indradg
_______________________________________________ Koha-devel mailing list Koha-devel@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
Considering that the borrower’s password is typically in the ACCTDETAILS email, I think using the message_queue for ACCTDETAILS would be a bad idea and would probably violate the GDPR in Europe. Just imagine looking through your database and seeing all those plain text passwords, especially for people who re-use the same password for everything. I think it would be a security and privacy nightmare. David Cook Systems Librarian Prosentient Systems 72/330 Wattle St Ultimo, NSW 2007 Australia Office: 02 9212 0899 Direct: 02 8005 0595 From: koha-devel-bounces@lists.koha-community.org [mailto:koha-devel-bounces@lists.koha-community.org] On Behalf Of Sophie Meynieux Sent: Friday, 15 June 2018 9:33 PM To: koha-devel@lists.koha-community.org Subject: Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue? Maybe because for this message you're expecting it is sent immediately while message_queue table could be processed more occasionally ? Best regards S. Meynieux -- Responsable support BibLibre + 33 (0)4 91 81 35 08 http://www.biblibre.com Le 15/06/2018 à 12:40, Indranil Das Gupta a écrit : Hi all, I was wondering why we do not push the ACCTDETAILS email via the message queue. Is it just one of those cases of "as things have always been done" OR there is a reason that I'm missing out? cheers indranil. Indranil Das Gupta L2C2 Technologies Phone : +91-98300-20971 Blog : http://blog.l2c2.co.in IRC : indradg on irc://irc.freenode.net <http://irc.freenode.net> Twitter : indradg _______________________________________________ Koha-devel mailing list Koha-devel@lists.koha-community.org <mailto:Koha-devel@lists.koha-community.org> http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
Considering that email is plaintext (AKA "postcard") mail, I'm surprised we would send a user's password in an email in any case. On Mon, Jun 18, 2018 at 4:14 AM, David Cook <dcook@prosentient.com.au> wrote:
Considering that the borrower’s password is typically in the ACCTDETAILS email, I think using the message_queue for ACCTDETAILS would be a bad idea and would probably violate the GDPR in Europe.
Just imagine looking through your database and seeing all those plain text passwords, especially for people who re-use the same password for everything. I think it would be a security and privacy nightmare.
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia
Office: 02 9212 0899
Direct: 02 8005 0595
*From:* koha-devel-bounces@lists.koha-community.org [mailto: koha-devel-bounces@lists.koha-community.org] *On Behalf Of *Sophie Meynieux *Sent:* Friday, 15 June 2018 9:33 PM *To:* koha-devel@lists.koha-community.org *Subject:* Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue?
Maybe because for this message you're expecting it is sent immediately while message_queue table could be processed more occasionally ?
Best regards
S. Meynieux
--
Responsable support
BibLibre
+ 33 (0)4 91 81 35 08
Le 15/06/2018 à 12:40, Indranil Das Gupta a écrit :
Hi all,
I was wondering why we do not push the ACCTDETAILS email via the message queue.
Is it just one of those cases of "as things have always been done" OR there is a reason that I'm missing out?
cheers
indranil.
Indranil Das Gupta L2C2 Technologies
Phone : +91-98300-20971 Blog : http://blog.l2c2.co.in IRC : indradg on irc://irc.freenode.net Twitter : indradg
_______________________________________________
Koha-devel mailing list
Koha-devel@lists.koha-community.org
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
_______________________________________________ Koha-devel mailing list Koha-devel@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
It has been reported (by David) on our bug tracker already (20796, security area, which does no longer make sense at it is public now...) For information this notice contains the password in clear for... 10 years now (bug 2149) and the behavior is turned off by default (AutoEmailOpacUser). On Mon, 18 Jun 2018 at 10:11 Christopher Nighswonger < chris.nighswonger@gmail.com> wrote:
Considering that email is plaintext (AKA "postcard") mail, I'm surprised we would send a user's password in an email in any case.
On Mon, Jun 18, 2018 at 4:14 AM, David Cook <dcook@prosentient.com.au> wrote:
Considering that the borrower’s password is typically in the ACCTDETAILS email, I think using the message_queue for ACCTDETAILS would be a bad idea and would probably violate the GDPR in Europe.
Just imagine looking through your database and seeing all those plain text passwords, especially for people who re-use the same password for everything. I think it would be a security and privacy nightmare.
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia
Office: 02 9212 0899 <02%2092%2012%2008%2099>
Direct: 02 8005 0595 <02%2080%2005%2005%2095>
*From:* koha-devel-bounces@lists.koha-community.org [mailto: koha-devel-bounces@lists.koha-community.org] *On Behalf Of *Sophie Meynieux *Sent:* Friday, 15 June 2018 9:33 PM *To:* koha-devel@lists.koha-community.org *Subject:* Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue?
Maybe because for this message you're expecting it is sent immediately while message_queue table could be processed more occasionally ?
Best regards
S. Meynieux
--
Responsable support
BibLibre
+ 33 (0)4 91 81 35 08 <04%2091%2081%2035%2008>
Le 15/06/2018 à 12:40, Indranil Das Gupta a écrit :
Hi all,
I was wondering why we do not push the ACCTDETAILS email via the message queue.
Is it just one of those cases of "as things have always been done" OR there is a reason that I'm missing out?
cheers
indranil.
Indranil Das Gupta L2C2 Technologies
Phone : +91-98300-20971 <+91%2098300%2020971> Blog : http://blog.l2c2.co.in IRC : indradg on irc://irc.freenode.net Twitter : indradg
_______________________________________________
Koha-devel mailing list
Koha-devel@lists.koha-community.org
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
_______________________________________________ Koha-devel mailing list Koha-devel@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
_______________________________________________ Koha-devel mailing list Koha-devel@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
Cheers, Jonathan. I had totally forgotten about that. Yikes. Good call, Chris. While I think many mail servers these days use TLS to secure the email between the mail servers, an unscrupulous administrator could still certainly take advantage of people on either end. The best idea probably is to just not use AutoEmailOpacUser, as Jonathan seems to suggest. David Cook Systems Librarian Prosentient Systems 72/330 Wattle St Ultimo, NSW 2007 Australia Office: 02 9212 0899 Direct: 02 8005 0595 From: Jonathan Druart [mailto:jonathan.druart@bugs.koha-community.org] Sent: Tuesday, 19 June 2018 12:07 AM To: Christopher Nighswonger <chris.nighswonger@gmail.com> Cc: David Cook <dcook@prosentient.com.au>; Koha Devel <koha-devel@lists.koha-community.org> Subject: Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue? It has been reported (by David) on our bug tracker already (20796, security area, which does no longer make sense at it is public now...) For information this notice contains the password in clear for... 10 years now (bug 2149) and the behavior is turned off by default (AutoEmailOpacUser). On Mon, 18 Jun 2018 at 10:11 Christopher Nighswonger <chris.nighswonger@gmail.com <mailto:chris.nighswonger@gmail.com> > wrote: Considering that email is plaintext (AKA "postcard") mail, I'm surprised we would send a user's password in an email in any case. On Mon, Jun 18, 2018 at 4:14 AM, David Cook <dcook@prosentient.com.au <mailto:dcook@prosentient.com.au> > wrote: Considering that the borrower’s password is typically in the ACCTDETAILS email, I think using the message_queue for ACCTDETAILS would be a bad idea and would probably violate the GDPR in Europe. Just imagine looking through your database and seeing all those plain text passwords, especially for people who re-use the same password for everything. I think it would be a security and privacy nightmare. David Cook Systems Librarian Prosentient Systems 72/330 Wattle St Ultimo, NSW 2007 Australia Office: 02 9212 0899 <tel:02%2092%2012%2008%2099> Direct: 02 8005 0595 <tel:02%2080%2005%2005%2095> From: koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> [mailto:koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> ] On Behalf Of Sophie Meynieux Sent: Friday, 15 June 2018 9:33 PM To: koha-devel@lists.koha-community.org <mailto:koha-devel@lists.koha-community.org> Subject: Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue? Maybe because for this message you're expecting it is sent immediately while message_queue table could be processed more occasionally ? Best regards S. Meynieux -- Responsable support BibLibre + 33 (0)4 91 81 35 08 <tel:04%2091%2081%2035%2008> http://www.biblibre.com Le 15/06/2018 à 12:40, Indranil Das Gupta a écrit : Hi all, I was wondering why we do not push the ACCTDETAILS email via the message queue. Is it just one of those cases of "as things have always been done" OR there is a reason that I'm missing out? cheers indranil. Indranil Das Gupta L2C2 Technologies Phone : +91-98300-20971 <tel:+91%2098300%2020971> Blog : http://blog.l2c2.co.in IRC : indradg on irc://irc.freenode.net <http://irc.freenode.net> Twitter : indradg _______________________________________________ Koha-devel mailing list Koha-devel@lists.koha-community.org <mailto:Koha-devel@lists.koha-community.org> http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/ _______________________________________________ Koha-devel mailing list Koha-devel@lists.koha-community.org <mailto:Koha-devel@lists.koha-community.org> http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/ _______________________________________________ Koha-devel mailing list Koha-devel@lists.koha-community.org <mailto:Koha-devel@lists.koha-community.org> http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
I feel like instead of sending people a password, we should send them to the "forgot password reset page" with a couple of slight changes for new account holders, so they can set their own passwords. Seems better than sending the password in the clear in an email. Cheers, Liz On 19/06/18 12:21, David Cook wrote:
Cheers, Jonathan. I had totally forgotten about that. Yikes.
Good call, Chris. While I think many mail servers these days use TLS to secure the email between the mail servers, an unscrupulous administrator could still certainly take advantage of people on either end. The best idea probably is to just not use AutoEmailOpacUser, as Jonathan seems to suggest.
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia
Office: 02 9212 0899
Direct: 02 8005 0595
From: Jonathan Druart [mailto:jonathan.druart@bugs.koha-community.org] Sent: Tuesday, 19 June 2018 12:07 AM To: Christopher Nighswonger <chris.nighswonger@gmail.com> Cc: David Cook <dcook@prosentient.com.au>; Koha Devel <koha-devel@lists.koha-community.org> Subject: Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue?
It has been reported (by David) on our bug tracker already (20796, security area, which does no longer make sense at it is public now...)
For information this notice contains the password in clear for... 10 years now (bug 2149) and the behavior is turned off by default (AutoEmailOpacUser).
On Mon, 18 Jun 2018 at 10:11 Christopher Nighswonger <chris.nighswonger@gmail.com <mailto:chris.nighswonger@gmail.com> > wrote:
Considering that email is plaintext (AKA "postcard") mail, I'm surprised we would send a user's password in an email in any case.
On Mon, Jun 18, 2018 at 4:14 AM, David Cook <dcook@prosentient.com.au <mailto:dcook@prosentient.com.au> > wrote:
Considering that the borrower’s password is typically in the ACCTDETAILS email, I think using the message_queue for ACCTDETAILS would be a bad idea and would probably violate the GDPR in Europe.
Just imagine looking through your database and seeing all those plain text passwords, especially for people who re-use the same password for everything. I think it would be a security and privacy nightmare.
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia
Office: 02 9212 0899 <tel:02%2092%2012%2008%2099>
Direct: 02 8005 0595 <tel:02%2080%2005%2005%2095>
From: koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> [mailto:koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> ] On Behalf Of Sophie Meynieux Sent: Friday, 15 June 2018 9:33 PM To: koha-devel@lists.koha-community.org <mailto:koha-devel@lists.koha-community.org> Subject: Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue?
Maybe because for this message you're expecting it is sent immediately while message_queue table could be processed more occasionally ?
Best regards
S. Meynieux
_______________________________________________ Koha-devel mailing list Koha-devel@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
-- -- Liz Rea Catalyst.Net Limited Level 6, Catalyst House, 150 Willis Street, Wellington. P.O Box 11053, Manners Street, Wellington 6142 04 803 2265 GPG: B149 A443 6B01 7386 C2C7 F481 B6c2 A49D 3726 38B7
I think that would probably be the best way of going about it, but I’m sure there are a lot of libraries that wouldn’t be happy about it. David Cook Systems Librarian Prosentient Systems 72/330 Wattle St Ultimo, NSW 2007 Australia Office: 02 9212 0899 Direct: 02 8005 0595 From: koha-devel-bounces@lists.koha-community.org [mailto:koha-devel-bounces@lists.koha-community.org] On Behalf Of Liz Rea Sent: Tuesday, 19 June 2018 12:26 PM To: koha-devel@lists.koha-community.org Subject: Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue? I feel like instead of sending people a password, we should send them to the "forgot password reset page" with a couple of slight changes for new account holders, so they can set their own passwords. Seems better than sending the password in the clear in an email. Cheers, Liz On 19/06/18 12:21, David Cook wrote: Cheers, Jonathan. I had totally forgotten about that. Yikes. Good call, Chris. While I think many mail servers these days use TLS to secure the email between the mail servers, an unscrupulous administrator could still certainly take advantage of people on either end. The best idea probably is to just not use AutoEmailOpacUser, as Jonathan seems to suggest. David Cook Systems Librarian Prosentient Systems 72/330 Wattle St Ultimo, NSW 2007 Australia Office: 02 9212 0899 Direct: 02 8005 0595 From: Jonathan Druart [mailto:jonathan.druart@bugs.koha-community.org] Sent: Tuesday, 19 June 2018 12:07 AM To: Christopher Nighswonger <mailto:chris.nighswonger@gmail.com> <chris.nighswonger@gmail.com> Cc: David Cook <mailto:dcook@prosentient.com.au> <dcook@prosentient.com.au>; Koha Devel <mailto:koha-devel@lists.koha-community.org> <koha-devel@lists.koha-community.org> Subject: Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue? It has been reported (by David) on our bug tracker already (20796, security area, which does no longer make sense at it is public now...) For information this notice contains the password in clear for... 10 years now (bug 2149) and the behavior is turned off by default (AutoEmailOpacUser). On Mon, 18 Jun 2018 at 10:11 Christopher Nighswonger <chris.nighswonger@gmail.com <mailto:chris.nighswonger@gmail.com> <mailto:chris.nighswonger@gmail.com> <mailto:chris.nighswonger@gmail.com> > wrote: Considering that email is plaintext (AKA "postcard") mail, I'm surprised we would send a user's password in an email in any case. On Mon, Jun 18, 2018 at 4:14 AM, David Cook <dcook@prosentient.com.au <mailto:dcook@prosentient.com.au> <mailto:dcook@prosentient.com.au> <mailto:dcook@prosentient.com.au> > wrote: Considering that the borrower’s password is typically in the ACCTDETAILS email, I think using the message_queue for ACCTDETAILS would be a bad idea and would probably violate the GDPR in Europe. Just imagine looking through your database and seeing all those plain text passwords, especially for people who re-use the same password for everything. I think it would be a security and privacy nightmare. David Cook Systems Librarian Prosentient Systems 72/330 Wattle St Ultimo, NSW 2007 Australia Office: 02 9212 0899 <tel:02%2092%2012%2008%2099> Direct: 02 8005 0595 <tel:02%2080%2005%2005%2095> From: koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> <mailto:koha-devel-bounces@lists.koha-community.org> <mailto:koha-devel-bounces@lists.koha-community.org> [mailto:koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> <mailto:koha-devel-bounces@lists.koha-community.org> ] On Behalf Of Sophie Meynieux Sent: Friday, 15 June 2018 9:33 PM To: koha-devel@lists.koha-community.org <mailto:koha-devel@lists.koha-community.org> <mailto:koha-devel@lists.koha-community.org> <mailto:koha-devel@lists.koha-community.org> Subject: Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue? Maybe because for this message you're expecting it is sent immediately while message_queue table could be processed more occasionally ? Best regards S. Meynieux _______________________________________________ Koha-devel mailing list Koha-devel@lists.koha-community.org <mailto:Koha-devel@lists.koha-community.org> http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/ -- -- Liz Rea Catalyst.Net Limited Level 6, Catalyst House, 150 Willis Street, Wellington. P.O Box 11053, Manners Street, Wellington 6142 04 803 2265 GPG: B149 A443 6B01 7386 C2C7 F481 B6c2 A49D 3726 38B7
We could make a list of them. It could be the "libraries who don't care about their users privacy" list. I'm only mostly joking Chris On June 20, 2018 12:06:52 PM GMT+12:00, David Cook <dcook@prosentient.com.au> wrote:
I think that would probably be the best way of going about it, but I’m sure there are a lot of libraries that wouldn’t be happy about it.
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia
Office: 02 9212 0899
Direct: 02 8005 0595
From: koha-devel-bounces@lists.koha-community.org [mailto:koha-devel-bounces@lists.koha-community.org] On Behalf Of Liz Rea Sent: Tuesday, 19 June 2018 12:26 PM To: koha-devel@lists.koha-community.org Subject: Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue?
I feel like instead of sending people a password, we should send them to the "forgot password reset page" with a couple of slight changes for new account holders, so they can set their own passwords.
Seems better than sending the password in the clear in an email.
Cheers, Liz
On 19/06/18 12:21, David Cook wrote:
Cheers, Jonathan. I had totally forgotten about that. Yikes.
Good call, Chris. While I think many mail servers these days use TLS to secure the email between the mail servers, an unscrupulous administrator could still certainly take advantage of people on either end. The best idea probably is to just not use AutoEmailOpacUser, as Jonathan seems to suggest.
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia
Office: 02 9212 0899
Direct: 02 8005 0595
From: Jonathan Druart [mailto:jonathan.druart@bugs.koha-community.org] Sent: Tuesday, 19 June 2018 12:07 AM To: Christopher Nighswonger <mailto:chris.nighswonger@gmail.com> <chris.nighswonger@gmail.com> Cc: David Cook <mailto:dcook@prosentient.com.au> <dcook@prosentient.com.au>; Koha Devel <mailto:koha-devel@lists.koha-community.org> <koha-devel@lists.koha-community.org> Subject: Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue?
It has been reported (by David) on our bug tracker already (20796, security area, which does no longer make sense at it is public now...)
For information this notice contains the password in clear for... 10 years now (bug 2149) and the behavior is turned off by default (AutoEmailOpacUser).
On Mon, 18 Jun 2018 at 10:11 Christopher Nighswonger <chris.nighswonger@gmail.com <mailto:chris.nighswonger@gmail.com> <mailto:chris.nighswonger@gmail.com> <mailto:chris.nighswonger@gmail.com> > wrote:
Considering that email is plaintext (AKA "postcard") mail, I'm surprised we would send a user's password in an email in any case.
On Mon, Jun 18, 2018 at 4:14 AM, David Cook <dcook@prosentient.com.au <mailto:dcook@prosentient.com.au> <mailto:dcook@prosentient.com.au> <mailto:dcook@prosentient.com.au> > wrote:
Considering that the borrower’s password is typically in the ACCTDETAILS email, I think using the message_queue for ACCTDETAILS would be a bad idea and would probably violate the GDPR in Europe.
Just imagine looking through your database and seeing all those plain text passwords, especially for people who re-use the same password for everything. I think it would be a security and privacy nightmare.
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia
Office: 02 9212 0899 <tel:02%2092%2012%2008%2099>
Direct: 02 8005 0595 <tel:02%2080%2005%2005%2095>
From: koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> <mailto:koha-devel-bounces@lists.koha-community.org> <mailto:koha-devel-bounces@lists.koha-community.org> [mailto:koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> <mailto:koha-devel-bounces@lists.koha-community.org> ] On Behalf Of Sophie Meynieux Sent: Friday, 15 June 2018 9:33 PM To: koha-devel@lists.koha-community.org <mailto:koha-devel@lists.koha-community.org> <mailto:koha-devel@lists.koha-community.org> <mailto:koha-devel@lists.koha-community.org> Subject: Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue?
Maybe because for this message you're expecting it is sent immediately while message_queue table could be processed more occasionally ?
Best regards
S. Meynieux
_______________________________________________ Koha-devel mailing list Koha-devel@lists.koha-community.org <mailto:Koha-devel@lists.koha-community.org> http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
-- -- Liz Rea Catalyst.Net Limited Level 6, Catalyst House, 150 Willis Street, Wellington. P.O Box 11053, Manners Street, Wellington 6142 04 803 2265
GPG: B149 A443 6B01 7386 C2C7 F481 B6c2 A49D 3726 38B7
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.
I think that’s not a bad way of looking at it. If people do complain, we can say that the change away was because of a commitment to patron security and privacy. I would hope that people would find that difficult to argue against. If I recall correctly, I think DSpace does it this way. When you create a new user, I think it sends an email containing a URL with a token to the user, and then they set their own password from there. It works pretty well. Surely we could say “everybody else is doing it” as well. But I know that there are a lot of libraries using this feature, and it would be disruptive to their existing workflows for it to go away. But… that’s also progress for you. So long as people have notice that it’s going away before the upgrade, they’d have time to change their workflows and adapt to a safer way of doing things? David Cook Systems Librarian Prosentient Systems 72/330 Wattle St Ultimo, NSW 2007 Australia Office: 02 9212 0899 Direct: 02 8005 0595 From: Chris Cormack [mailto:chrisc@catalyst.net.nz] Sent: Wednesday, 20 June 2018 10:12 AM To: koha-devel@lists.koha-community.org; David Cook <dcook@prosentient.com.au>; 'Liz Rea' <liz@catalyst.net.nz> Subject: Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue? We could make a list of them. It could be the "libraries who don't care about their users privacy" list. I'm only mostly joking Chris On June 20, 2018 12:06:52 PM GMT+12:00, David Cook <dcook@prosentient.com.au <mailto:dcook@prosentient.com.au> > wrote: I think that would probably be the best way of going about it, but I’m sure there are a lot of libraries that wouldn’t be happy about it. David Cook Systems Librarian Prosentient Systems 72/330 Wattle St Ultimo, NSW 2007 Australia Office: 02 9212 0899 Direct: 02 8005 0595 From: koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> [mailto:koha-devel-bounces@lists.koha-community.org] On Behalf Of Liz Rea Sent: Tuesday, 19 June 2018 12:26 PM To: koha-devel@lists.koha-community.org <mailto:koha-devel@lists.koha-community.org> Subject: Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue? I feel like instead of sending people a password, we should send them to the "forgot password reset page" with a couple of slight changes for new account holders, so they can set their own passwords. Seems better than sending the password in the clear in an email. Cheers, Liz On 19/06/18 12:21, David Cook wrote: Cheers, Jonathan. I had totally forgotten about that. Yikes. Good call, Chris. While I think many mail servers these days use TLS to secure the email between the mail servers, an unscrupulous administrator could still certainly take advantage of people on either end. The best idea probably is to just not use AutoEmailOpacUser, as Jonathan seems to suggest. David Cook Systems Librarian Prosentient Systems 72/330 Wattle St Ultimo, NSW 2007 Australia Office: 02 9212 0899 Direct: 02 8005 0595 From: Jonathan Druart [mailto:jonathan.druart@bugs.koha-community.org] Sent: Tuesday, 19 June 2018 12:07 AM To: Christopher Nighswonger <mailto:chris.nighswonger@gmail.com> <chris.nighswonger@gmail.com> Cc: David Cook <mailto:dcook@prosentient.com.au> <dcook@prosentient.com.au>; Koha Devel <mailto:koha-devel@lists.koha-community.org> <koha-devel@lists.koha-community.org> Subject: Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue? It has been reported (by David) on our bug tracker already (20796, security area, which does no longer make sense at it is public now...) For information this notice contains the password in clear for... 10 years now (bug 2149) and the behavior is turned off by default (AutoEmailOpacUser). On Mon, 18 Jun 2018 at 10:11 Christopher Nighswonger <chris.nighswonger@gmail.com <mailto:chris.nighswonger@gmail.com> <mailto:chris.nighswonger@gmail.com> <mailto:chris.nighswonger@gmail.com> > wrote: Considering that email is plaintext (AKA "postcard") mail, I'm surprised we would send a user's password in an email in any case. On Mon, Jun 18, 2018 at 4:14 AM, David Cook <dcook@prosentient.com.au <mailto:dcook@prosentient.com.au> <mailto:dcook@prosentient.com.au> <mailto:dcook@prosentient.com.au> > wrote: Considering that the borrower’s password is typically in the ACCTDETAILS email, I think using the message_queue for ACCTDETAILS would be a bad idea and would probably violate the GDPR in Europe. Just imagine looking through your database and seeing all those plain text passwords, especially for people who re-use the same password for everything. I think it would be a security and privacy nightmare. David Cook Systems Librarian Prosentient Systems 72/330 Wattle St Ultimo, NSW 2007 Australia Office: 02 9212 0899 <tel:02%2092%2012%2008%2099> Direct: 02 8005 0595 <tel:02%2080%2005%2005%2095> From: koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> <mailto:koha-devel-bounces@lists.koha-community.org> <mailto:koha-devel-bounces@lists.koha-community.org> [mailto:koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> <mailto:koha-devel-bounces@lists.koha-community.org> ] On Behalf Of Sophie Meynieux Sent: Friday, 15 June 2018 9:33 PM To: koha-devel@lists.koha-community.org <mailto:koha-devel@lists.koha-community.org> <mailto:koha-devel@lists.koha-community.org> <mailto:koha-devel@lists.koha-community.org> Subject: Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue? Maybe because for this message you're expecting it is sent immediately while message_queue table could be processed more occasionally ? Best regards S. Meynieux _______________________________________________ Koha-devel mailing list Koha-devel@lists.koha-community.org <mailto:Koha-devel@lists.koha-community.org> http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/ -- -- Liz Rea Catalyst.Net Limited Level 6, Catalyst House, 150 Willis Street, Wellington. P.O Box 11053, Manners Street, Wellington 6142 04 803 2265 GPG: B149 A443 6B01 7386 C2C7 F481 B6c2 A49D 3726 38B7 -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
The easy answer is : leave it alone for existing installs, default it on for new ones. On 20/06/18 12:19, David Cook wrote:
I think that’s not a bad way of looking at it. If people do complain, we can say that the change away was because of a commitment to patron security and privacy. I would hope that people would find that difficult to argue against.
If I recall correctly, I think DSpace does it this way. When you create a new user, I think it sends an email containing a URL with a token to the user, and then they set their own password from there. It works pretty well. Surely we could say “everybody else is doing it” as well.
But I know that there are a lot of libraries using this feature, and it would be disruptive to their existing workflows for it to go away. But… that’s also progress for you. So long as people have notice that it’s going away before the upgrade, they’d have time to change their workflows and adapt to a safer way of doing things?
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia
Office: 02 9212 0899
Direct: 02 8005 0595
*From:*Chris Cormack [mailto:chrisc@catalyst.net.nz] *Sent:* Wednesday, 20 June 2018 10:12 AM *To:* koha-devel@lists.koha-community.org; David Cook <dcook@prosentient.com.au>; 'Liz Rea' <liz@catalyst.net.nz> *Subject:* Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue?
We could make a list of them. It could be the "libraries who don't care about their users privacy" list.
I'm only mostly joking
Chris
On June 20, 2018 12:06:52 PM GMT+12:00, David Cook <dcook@prosentient.com.au <mailto:dcook@prosentient.com.au>> wrote:
I think that would probably be the best way of going about it, but I’m sure there are a lot of libraries that wouldn’t be happy about it.
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia
Office: 02 9212 0899
Direct: 02 8005 0595
*From:*koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> [mailto:koha-devel-bounces@lists.koha-community.org] *On Behalf Of *Liz Rea *Sent:* Tuesday, 19 June 2018 12:26 PM *To:* koha-devel@lists.koha-community.org <mailto:koha-devel@lists.koha-community.org> *Subject:* Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue?
I feel like instead of sending people a password, we should send them to the "forgot password reset page" with a couple of slight changes for new account holders, so they can set their own passwords.
Seems better than sending the password in the clear in an email.
Cheers, Liz
On 19/06/18 12:21, David Cook wrote:
Cheers, Jonathan. I had totally forgotten about that. Yikes.
Good call, Chris. While I think many mail servers these days use TLS to secure the email between the mail servers, an unscrupulous administrator could still certainly take advantage of people on either end. The best idea probably is to just not use AutoEmailOpacUser, as Jonathan seems to suggest.
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia
Office: 02 9212 0899
Direct: 02 8005 0595
From: Jonathan Druart [mailto:jonathan.druart@bugs.koha-community.org]
Sent: Tuesday, 19 June 2018 12:07 AM
To: Christopher Nighswonger<chris.nighswonger@gmail.com> <mailto:chris.nighswonger@gmail.com>
Cc: David Cook<dcook@prosentient.com.au> <mailto:dcook@prosentient.com.au>; Koha Devel<koha-devel@lists.koha-community.org> <mailto:koha-devel@lists.koha-community.org>
Subject: Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue?
It has been reported (by David) on our bug tracker already (20796, security area, which does no longer make sense at it is public now...)
For information this notice contains the password in clear for... 10 years now (bug 2149) and the behavior is turned off by default (AutoEmailOpacUser).
On Mon, 18 Jun 2018 at 10:11 Christopher Nighswonger <chris.nighswonger@gmail.com <mailto:chris.nighswonger@gmail.com> <mailto:chris.nighswonger@gmail.com> <mailto:chris.nighswonger@gmail.com> > wrote:
Considering that email is plaintext (AKA "postcard") mail, I'm surprised we would send a user's password in an email in any case.
On Mon, Jun 18, 2018 at 4:14 AM, David Cook <dcook@prosentient.com.au <mailto:dcook@prosentient.com.au> <mailto:dcook@prosentient.com.au> <mailto:dcook@prosentient.com.au> > wrote:
Considering that the borrower’s password is typically in the ACCTDETAILS email, I think using the message_queue for ACCTDETAILS would be a bad idea and would probably violate the GDPR in Europe.
Just imagine looking through your database and seeing all those plain text passwords, especially for people who re-use the same password for everything. I think it would be a security and privacy nightmare.
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia
Office: 02 9212 0899 <tel:02%2092%2012%2008%2099>
Direct: 02 8005 0595 <tel:02%2080%2005%2005%2095>
From:koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> <mailto:koha-devel-bounces@lists.koha-community.org> <mailto:koha-devel-bounces@lists.koha-community.org> [mailto:koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> <mailto:koha-devel-bounces@lists.koha-community.org> ] On Behalf Of Sophie Meynieux
Sent: Friday, 15 June 2018 9:33 PM
To:koha-devel@lists.koha-community.org <mailto:koha-devel@lists.koha-community.org> <mailto:koha-devel@lists.koha-community.org> <mailto:koha-devel@lists.koha-community.org>
Subject: Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue?
Maybe because for this message you're expecting it is sent immediately while message_queue table could be processed more occasionally ?
Best regards
S. Meynieux
_______________________________________________
Koha-devel mailing list
Koha-devel@lists.koha-community.org <mailto:Koha-devel@lists.koha-community.org>
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel
website :http://www.koha-community.org/
git :http://git.koha-community.org/
bugs :http://bugs.koha-community.org/
--
--
Liz Rea
Catalyst.Net Limited
Level 6, Catalyst House,
150 Willis Street, Wellington.
P.O Box 11053, Manners Street,
Wellington 6142
04 803 2265
GPG: B149 A443 6B01 7386 C2C7 F481 B6c2 A49D 3726 38B7
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.
The way we do this is having a syspref to choose between both ways, and a big sign ok to of the release notes asking users to switch. El mar., 19 de jun. de 2018 9:25 p. m., Liz Rea <liz@catalyst.net.nz> escribió:
The easy answer is : leave it alone for existing installs, default it on for new ones.
On 20/06/18 12:19, David Cook wrote:
I think that’s not a bad way of looking at it. If people do complain, we can say that the change away was because of a commitment to patron security and privacy. I would hope that people would find that difficult to argue against.
If I recall correctly, I think DSpace does it this way. When you create a new user, I think it sends an email containing a URL with a token to the user, and then they set their own password from there. It works pretty well. Surely we could say “everybody else is doing it” as well.
But I know that there are a lot of libraries using this feature, and it would be disruptive to their existing workflows for it to go away. But… that’s also progress for you. So long as people have notice that it’s going away before the upgrade, they’d have time to change their workflows and adapt to a safer way of doing things?
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia
Office: 02 9212 0899
Direct: 02 8005 0595
*From:*Chris Cormack [mailto:chrisc@catalyst.net.nz] *Sent:* Wednesday, 20 June 2018 10:12 AM *To:* koha-devel@lists.koha-community.org; David Cook <dcook@prosentient.com.au>; 'Liz Rea' <liz@catalyst.net.nz> *Subject:* Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue?
We could make a list of them. It could be the "libraries who don't care about their users privacy" list.
I'm only mostly joking
Chris
On June 20, 2018 12:06:52 PM GMT+12:00, David Cook <dcook@prosentient.com.au <mailto:dcook@prosentient.com.au>> wrote:
I think that would probably be the best way of going about it, but I’m sure there are a lot of libraries that wouldn’t be happy about it.
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia
Office: 02 9212 0899
Direct: 02 8005 0595
*From:*koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> [mailto:koha-devel-bounces@lists.koha-community.org] *On Behalf Of *Liz Rea *Sent:* Tuesday, 19 June 2018 12:26 PM *To:* koha-devel@lists.koha-community.org <mailto:koha-devel@lists.koha-community.org> *Subject:* Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue?
I feel like instead of sending people a password, we should send them to the "forgot password reset page" with a couple of slight changes for new account holders, so they can set their own passwords.
Seems better than sending the password in the clear in an email.
Cheers, Liz
On 19/06/18 12:21, David Cook wrote:
Cheers, Jonathan. I had totally forgotten about that. Yikes.
Good call, Chris. While I think many mail servers these days use
TLS to secure the email between the mail servers, an unscrupulous administrator could still certainly take advantage of people on either end. The best idea probably is to just not use AutoEmailOpacUser, as Jonathan seems to suggest.
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia
Office: 02 9212 0899
Direct: 02 8005 0595
From: Jonathan Druart [mailto:
jonathan.druart@bugs.koha-community.org]
Sent: Tuesday, 19 June 2018 12:07 AM
To: Christopher Nighswonger<chris.nighswonger@gmail.com>
<mailto:chris.nighswonger@gmail.com>
Cc: David Cook<dcook@prosentient.com.au> <mailto:
dcook@prosentient.com.au>; Koha Devel<koha-devel@lists.koha-community.org>
<mailto:koha-devel@lists.koha-community.org>
Subject: Re: [Koha-devel] Why we do not push the ACCTDETAILS
email via message queue?
It has been reported (by David) on our bug tracker already
(20796, security area, which does no longer make sense at it is public now...)
For information this notice contains the password in clear
for... 10 years now (bug 2149) and the behavior is turned off by default (AutoEmailOpacUser).
On Mon, 18 Jun 2018 at 10:11 Christopher Nighswonger <
chris.nighswonger@gmail.com <mailto:chris.nighswonger@gmail.com> <mailto: chris.nighswonger@gmail.com>
<mailto:chris.nighswonger@gmail.com> > wrote:
Considering that email is plaintext (AKA "postcard") mail, I'm
surprised we would send a user's password in an email in any case.
On Mon, Jun 18, 2018 at 4:14 AM, David Cook <
dcook@prosentient.com.au <mailto:dcook@prosentient.com.au> <mailto: dcook@prosentient.com.au>
<mailto:dcook@prosentient.com.au> > wrote:
Considering that the borrower’s password is typically in the
ACCTDETAILS email, I think using the message_queue for ACCTDETAILS would be a bad idea and would probably violate the GDPR in Europe.
Just imagine looking through your database and seeing all those
plain text passwords, especially for people who re-use the same password for everything. I think it would be a security and privacy nightmare.
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia
Office: 02 9212 0899 <tel:02%2092%2012%2008%2099>
Direct: 02 8005 0595 <tel:02%2080%2005%2005%2095>
From:koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> <mailto:
koha-devel-bounces@lists.koha-community.org>
<mailto:koha-devel-bounces@lists.koha-community.org> [mailto:
koha-devel-bounces@lists.koha-community.org <mailto: koha-devel-bounces@lists.koha-community.org>
<mailto:koha-devel-bounces@lists.koha-community.org> ] On
Behalf Of Sophie Meynieux
Sent: Friday, 15 June 2018 9:33 PM
To:koha-devel@lists.koha-community.org <mailto:koha-devel@lists.koha-community.org> <mailto:
koha-devel@lists.koha-community.org>
<mailto:koha-devel@lists.koha-community.org>
Subject: Re: [Koha-devel] Why we do not push the ACCTDETAILS
email via message queue?
Maybe because for this message you're expecting it is sent
immediately while message_queue table could be processed more occasionally ?
Best regards
S. Meynieux
_______________________________________________
Koha-devel mailing list
Koha-devel@lists.koha-community.org <mailto:Koha-devel@lists.koha-community.org>
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel
website :http://www.koha-community.org/
git :http://git.koha-community.org/
bugs :http://bugs.koha-community.org/
--
--
Liz Rea
Catalyst.Net Limited
Level 6, Catalyst House,
150 Willis Street, Wellington.
P.O Box 11053, Manners Street,
Wellington 6142
04 803 2265
GPG: B149 A443 6B01 7386 C2C7 F481 B6c2 A49D 3726 38B7
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.
_______________________________________________ Koha-devel mailing list Koha-devel@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
-- Tomás Cohen Arazi Theke Solutions (https://theke.io <http://theke.io/>) ✆ +54 9351 3513384 GPG: B2F3C15F
Yeah, I keep thinking that people won’t do something more secure if it’s less convenient for them. I suppose that’s their choice in the end though… and we can provide better options for those that do care more. David Cook Systems Librarian Prosentient Systems 72/330 Wattle St Ultimo, NSW 2007 Australia Office: 02 9212 0899 Direct: 02 8005 0595 From: koha-devel-bounces@lists.koha-community.org [mailto:koha-devel-bounces@lists.koha-community.org] On Behalf Of Tomas Cohen Arazi Sent: Wednesday, 20 June 2018 11:02 AM To: koha-devel <koha-devel@lists.koha-community.org> Subject: Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue? The way we do this is having a syspref to choose between both ways, and a big sign ok to of the release notes asking users to switch. El mar., 19 de jun. de 2018 9:25 p. m., Liz Rea <liz@catalyst.net.nz <mailto:liz@catalyst.net.nz> > escribió: The easy answer is : leave it alone for existing installs, default it on for new ones. On 20/06/18 12:19, David Cook wrote:
I think that’s not a bad way of looking at it. If people do complain, we can say that the change away was because of a commitment to patron security and privacy. I would hope that people would find that difficult to argue against.
If I recall correctly, I think DSpace does it this way. When you create a new user, I think it sends an email containing a URL with a token to the user, and then they set their own password from there. It works pretty well. Surely we could say “everybody else is doing it” as well.
But I know that there are a lot of libraries using this feature, and it would be disruptive to their existing workflows for it to go away. But… that’s also progress for you. So long as people have notice that it’s going away before the upgrade, they’d have time to change their workflows and adapt to a safer way of doing things?
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia
Office: 02 9212 0899
Direct: 02 8005 0595
*From:*Chris Cormack [mailto:chrisc@catalyst.net.nz <mailto:chrisc@catalyst.net.nz> ] *Sent:* Wednesday, 20 June 2018 10:12 AM *To:* koha-devel@lists.koha-community.org <mailto:koha-devel@lists.koha-community.org> ; David Cook <dcook@prosentient.com.au <mailto:dcook@prosentient.com.au> >; 'Liz Rea' <liz@catalyst.net.nz <mailto:liz@catalyst.net.nz> > *Subject:* Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue?
We could make a list of them. It could be the "libraries who don't care about their users privacy" list.
I'm only mostly joking
Chris
On June 20, 2018 12:06:52 PM GMT+12:00, David Cook <dcook@prosentient.com.au <mailto:dcook@prosentient.com.au> <mailto:dcook@prosentient.com.au <mailto:dcook@prosentient.com.au> >> wrote:
I think that would probably be the best way of going about it, but I’m sure there are a lot of libraries that wouldn’t be happy about it.
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia
Office: 02 9212 0899
Direct: 02 8005 0595
*From:*koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> <mailto:koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> > [mailto:koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> ] *On Behalf Of *Liz Rea *Sent:* Tuesday, 19 June 2018 12:26 PM *To:* koha-devel@lists.koha-community.org <mailto:koha-devel@lists.koha-community.org> <mailto:koha-devel@lists.koha-community.org <mailto:koha-devel@lists.koha-community.org> > *Subject:* Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue?
I feel like instead of sending people a password, we should send them to the "forgot password reset page" with a couple of slight changes for new account holders, so they can set their own passwords.
Seems better than sending the password in the clear in an email.
Cheers, Liz
On 19/06/18 12:21, David Cook wrote:
Cheers, Jonathan. I had totally forgotten about that. Yikes.
Good call, Chris. While I think many mail servers these days use TLS to secure the email between the mail servers, an unscrupulous administrator could still certainly take advantage of people on either end. The best idea probably is to just not use AutoEmailOpacUser, as Jonathan seems to suggest.
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia
Office: 02 9212 0899
Direct: 02 8005 0595
From: Jonathan Druart [mailto:jonathan.druart@bugs.koha-community.org <mailto:jonathan.druart@bugs.koha-community.org> ]
Sent: Tuesday, 19 June 2018 12:07 AM
To: Christopher Nighswonger<chris.nighswonger@gmail.com <mailto:chris.nighswonger@gmail.com> > <mailto:chris.nighswonger@gmail.com <mailto:chris.nighswonger@gmail.com> >
Cc: David Cook<dcook@prosentient.com.au <mailto:dcook@prosentient.com.au> > <mailto:dcook@prosentient.com.au <mailto:dcook@prosentient.com.au> >; Koha Devel<koha-devel@lists.koha-community.org <mailto:koha-devel@lists.koha-community.org> > <mailto:koha-devel@lists.koha-community.org <mailto:koha-devel@lists.koha-community.org> >
Subject: Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue?
It has been reported (by David) on our bug tracker already (20796, security area, which does no longer make sense at it is public now...)
For information this notice contains the password in clear for... 10 years now (bug 2149) and the behavior is turned off by default (AutoEmailOpacUser).
On Mon, 18 Jun 2018 at 10:11 Christopher Nighswonger <chris.nighswonger@gmail.com <mailto:chris.nighswonger@gmail.com> <mailto:chris.nighswonger@gmail.com <mailto:chris.nighswonger@gmail.com> > <mailto:chris.nighswonger@gmail.com <mailto:chris.nighswonger@gmail.com> > <mailto:chris.nighswonger@gmail.com <mailto:chris.nighswonger@gmail.com> > > wrote:
Considering that email is plaintext (AKA "postcard") mail, I'm surprised we would send a user's password in an email in any case.
On Mon, Jun 18, 2018 at 4:14 AM, David Cook <dcook@prosentient.com.au <mailto:dcook@prosentient.com.au> <mailto:dcook@prosentient.com.au <mailto:dcook@prosentient.com.au> > <mailto:dcook@prosentient.com.au <mailto:dcook@prosentient.com.au> > <mailto:dcook@prosentient.com.au <mailto:dcook@prosentient.com.au> > > wrote:
Considering that the borrower’s password is typically in the ACCTDETAILS email, I think using the message_queue for ACCTDETAILS would be a bad idea and would probably violate the GDPR in Europe.
Just imagine looking through your database and seeing all those plain text passwords, especially for people who re-use the same password for everything. I think it would be a security and privacy nightmare.
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia
Office: 02 9212 0899 <tel:02%2092%2012%2008%2099>
Direct: 02 8005 0595 <tel:02%2080%2005%2005%2095>
From:koha-devel-bounces@lists.koha-community.org <mailto:From%3Akoha-devel-bounces@lists.koha-community.org> <mailto:koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> > <mailto:koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> > <mailto:koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> > [mailto:koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> <mailto:koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> > <mailto:koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> > ] On Behalf Of Sophie Meynieux
Sent: Friday, 15 June 2018 9:33 PM
To:koha-devel@lists.koha-community.org <mailto:To%3Akoha-devel@lists.koha-community.org> <mailto:koha-devel@lists.koha-community.org <mailto:koha-devel@lists.koha-community.org> > <mailto:koha-devel@lists.koha-community.org <mailto:koha-devel@lists.koha-community.org> > <mailto:koha-devel@lists.koha-community.org <mailto:koha-devel@lists.koha-community.org> >
Subject: Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue?
Maybe because for this message you're expecting it is sent immediately while message_queue table could be processed more occasionally ?
Best regards
S. Meynieux
_______________________________________________
Koha-devel mailing list
Koha-devel@lists.koha-community.org <mailto:Koha-devel@lists.koha-community.org> <mailto:Koha-devel@lists.koha-community.org <mailto:Koha-devel@lists.koha-community.org> >
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel
website :http://www.koha-community.org/
git :http://git.koha-community.org/
bugs :http://bugs.koha-community.org/
--
--
Liz Rea
Catalyst.Net Limited
Level 6, Catalyst House,
150 Willis Street, Wellington.
P.O Box 11053, Manners Street,
Wellington 6142
04 803 2265
GPG: B149 A443 6B01 7386 C2C7 F481 B6c2 A49D 3726 38B7
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.
_______________________________________________ Koha-devel mailing list Koha-devel@lists.koha-community.org <mailto:Koha-devel@lists.koha-community.org> http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/ -- Tomás Cohen Arazi Theke Solutions (https://theke.io <http://theke.io/> ) ✆ +54 9351 3513384 GPG: B2F3C15F
Is it really any less convenient to click a link and fill in your own password vs getting a random password in your mail and having to manually navigate to the site and login if you want to change it? Devils advocate, I personally think this is a case where we can justifiably break the old functionality as there is a clear and near seamless alternative that doesn't result in any real lose and only leads to a more secure and privacy-conscious system. Martin *Martin Renvoize* Development Manager *T:* +44 (0) 1483 378728 *F:* +44 (0) 800 756 6384 *E:* martin.renvoize@ptfs-europe.com www.ptfs-europe.com <https://www.ptfs-europe.com> Registered in the United Kingdom No. 06416372 VAT Reg No. 925 7211 30 The information contained in this email message may be privileged, confidential and protected from disclosure. If you are not the intended recipient, any dissemination, distribution or copying is strictly prohibited. If you think that you have received this email message in error, please email the sender at info@ptfs-europe.com On 20 June 2018 at 02:53, David Cook <dcook@prosentient.com.au> wrote:
Yeah, I keep thinking that people won’t do something more secure if it’s less convenient for them. I suppose that’s their choice in the end though… and we can provide better options for those that do care more.
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia
Office: 02 9212 0899
Direct: 02 8005 0595
*From:* koha-devel-bounces@lists.koha-community.org [mailto: koha-devel-bounces@lists.koha-community.org] *On Behalf Of *Tomas Cohen Arazi *Sent:* Wednesday, 20 June 2018 11:02 AM *To:* koha-devel <koha-devel@lists.koha-community.org>
*Subject:* Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue?
The way we do this is having a syspref to choose between both ways, and a big sign ok to of the release notes asking users to switch.
El mar., 19 de jun. de 2018 9:25 p. m., Liz Rea <liz@catalyst.net.nz> escribió:
The easy answer is : leave it alone for existing installs, default it on for new ones.
On 20/06/18 12:19, David Cook wrote:
I think that’s not a bad way of looking at it. If people do complain, we can say that the change away was because of a commitment to patron security and privacy. I would hope that people would find that difficult to argue against.
If I recall correctly, I think DSpace does it this way. When you create a new user, I think it sends an email containing a URL with a token to the user, and then they set their own password from there. It works pretty well. Surely we could say “everybody else is doing it” as well.
But I know that there are a lot of libraries using this feature, and it would be disruptive to their existing workflows for it to go away. But… that’s also progress for you. So long as people have notice that it’s going away before the upgrade, they’d have time to change their workflows and adapt to a safer way of doing things?
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia
Office: 02 9212 0899
Direct: 02 8005 0595
*From:*Chris Cormack [mailto:chrisc@catalyst.net.nz] *Sent:* Wednesday, 20 June 2018 10:12 AM *To:* koha-devel@lists.koha-community.org; David Cook <dcook@prosentient.com.au>; 'Liz Rea' <liz@catalyst.net.nz> *Subject:* Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue?
We could make a list of them. It could be the "libraries who don't care about their users privacy" list.
I'm only mostly joking
Chris
On June 20, 2018 12:06:52 PM GMT+12:00, David Cook <dcook@prosentient.com.au <mailto:dcook@prosentient.com.au>> wrote:
I think that would probably be the best way of going about it, but I’m sure there are a lot of libraries that wouldn’t be happy about it.
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia
Office: 02 9212 0899
Direct: 02 8005 0595
*From:*koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> [mailto:koha-devel-bounces@lists.koha-community.org] *On Behalf Of *Liz Rea *Sent:* Tuesday, 19 June 2018 12:26 PM *To:* koha-devel@lists.koha-community.org <mailto:koha-devel@lists.koha-community.org> *Subject:* Re: [Koha-devel] Why we do not push the ACCTDETAILS email via message queue?
I feel like instead of sending people a password, we should send them to the "forgot password reset page" with a couple of slight changes for new account holders, so they can set their own passwords.
Seems better than sending the password in the clear in an email.
Cheers, Liz
On 19/06/18 12:21, David Cook wrote:
Cheers, Jonathan. I had totally forgotten about that. Yikes.
Good call, Chris. While I think many mail servers these days use
TLS to secure the email between the mail servers, an unscrupulous administrator could still certainly take advantage of people on either end. The best idea probably is to just not use AutoEmailOpacUser, as Jonathan seems to suggest.
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia
Office: 02 9212 0899
Direct: 02 8005 0595
From: Jonathan Druart [mailto:jonathan.druart@bugs.
koha-community.org]
Sent: Tuesday, 19 June 2018 12:07 AM
To: Christopher Nighswonger<chris.nighswonger@gmail.com>
<mailto:chris.nighswonger@gmail.com>
Cc: David Cook<dcook@prosentient.com.au> <mailto:
dcook@prosentient.com.au>; Koha Devel<koha-devel@lists.koha-community.org>
<mailto:koha-devel@lists.koha-community.org>
Subject: Re: [Koha-devel] Why we do not push the ACCTDETAILS
email via message queue?
It has been reported (by David) on our bug tracker already
(20796, security area, which does no longer make sense at it is public now...)
For information this notice contains the password in clear
for... 10 years now (bug 2149) and the behavior is turned off by default (AutoEmailOpacUser).
On Mon, 18 Jun 2018 at 10:11 Christopher Nighswonger <
chris.nighswonger@gmail.com <mailto:chris.nighswonger@gmail.com> <mailto: chris.nighswonger@gmail.com>
<mailto:chris.nighswonger@gmail.com> > wrote:
Considering that email is plaintext (AKA "postcard") mail, I'm
surprised we would send a user's password in an email in any case.
On Mon, Jun 18, 2018 at 4:14 AM, David Cook <
dcook@prosentient.com.au <mailto:dcook@prosentient.com.au> <mailto: dcook@prosentient.com.au>
<mailto:dcook@prosentient.com.au> > wrote:
Considering that the borrower’s password is typically in the
ACCTDETAILS email, I think using the message_queue for ACCTDETAILS would be a bad idea and would probably violate the GDPR in Europe.
Just imagine looking through your database and seeing all those
plain text passwords, especially for people who re-use the same password for everything. I think it would be a security and privacy nightmare.
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia
Office: 02 9212 0899 <tel:02%2092%2012%2008%2099
<02%2092%2012%2008%2099>>
Direct: 02 8005 0595 <tel:02%2080%2005%2005%2095
<02%2080%2005%2005%2095>>
From:koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@lists.koha-community.org> <mailto:
koha-devel-bounces@lists.koha-community.org>
<mailto:koha-devel-bounces@lists.koha-community.org> [mailto:
koha-devel-bounces@lists.koha-community.org <mailto:koha-devel-bounces@ lists.koha-community.org>
<mailto:koha-devel-bounces@lists.koha-community.org> ] On
Behalf Of Sophie Meynieux
Sent: Friday, 15 June 2018 9:33 PM
To:koha-devel@lists.koha-community.org <mailto:koha-devel@lists.koha-community.org> <mailto:
koha-devel@lists.koha-community.org>
<mailto:koha-devel@lists.koha-community.org>
Subject: Re: [Koha-devel] Why we do not push the ACCTDETAILS
email via message queue?
Maybe because for this message you're expecting it is sent
immediately while message_queue table could be processed more occasionally ?
Best regards
S. Meynieux
_______________________________________________
Koha-devel mailing list
Koha-devel@lists.koha-community.org <mailto:Koha-devel@lists.koha-community.org>
koha-devel
website :http://www.koha-community.org/
git :http://git.koha-community.org/
bugs :http://bugs.koha-community.org/
--
--
Liz Rea
Catalyst.Net Limited
Level 6, Catalyst House,
150 Willis Street, Wellington.
P.O Box 11053, Manners Street,
Wellington 6142
04 803 2265
GPG: B149 A443 6B01 7386 C2C7 F481 B6c2 A49D 3726 38B7
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.
_______________________________________________ Koha-devel mailing list Koha-devel@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
--
Tomás Cohen Arazi
Theke Solutions (https://theke.io <http://theke.io/>) ✆ +54 9351 3513384 GPG: B2F3C15F
_______________________________________________ Koha-devel mailing list Koha-devel@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
participants (9)
-
Chris Cormack -
Christopher Nighswonger -
David Cook -
Indranil Das Gupta -
Jonathan Druart -
Liz Rea -
Renvoize, Martin -
Sophie Meynieux -
Tomas Cohen Arazi