These are chat archives for ushahidi/Community

27th
Feb 2018
Brad Anthony
@INTJ_Ape_twitter
Feb 27 2018 10:16
I'm really happy to see this happening. I think we have lost a lot since our old regular developer calls years ago.
Here's one that's been bouncing around in my brain.
How does your team feel about the current security status of the platform and its ability to protect reporters in insecure environemtns? And part 2, is there a compelling opportunity for external stakeholders (like us) to put effort into plugins, etc to improve and/or build upon platform and mobile app security to keep reporters anonymous and safe.
Ushbot
@ushbot
Feb 27 2018 10:23
[Brad] There is more to that question of course; specifically in relation to platform vulnerability. Consider a hostile actor who wants to gain access to all of the data on people who reported police violence in the area for retribution...what parts of the platform are more vulnerable than others to bad actors?
[David Losada, Ushahidi] ah those are great questions, I think each deserves a blog post on their own
Ushbot
@ushbot
Feb 27 2018 10:32
[Brad] Well I have some great news. My team now includes both a security engineer/ethical hacker and one of the computer scientists who helped on the Tor project. Security is a huge concern for us and naturally we want to give back to the community so if there's a way for us to more closely collaborate and participate and discover what areas need security hardening by all means keep the discussing going.
[David Losada, Ushahidi] mm that’s great! Instead of me writing a rant here, maybe there’s a way we could work together to publish an assessment?
[David Losada, Ushahidi] I think that’s low hanging fruit that would be beneficial to all the community
Ushbot
@ushbot
Feb 27 2018 11:06
[Brad] I think so too. I'm happy with whatever channel you want to use David.
[Angela Oduor Lungati, Ushahidi] Love love love seeing these kinds of conversations happening in here :clap::skin-tone-4:
Brad Anthony
@INTJ_Ape_twitter
Feb 27 2018 11:07
Go team! For the record, I do miss the old meetings a lot. :-D
Ushbot
@ushbot
Feb 27 2018 11:08
[Angela Oduor Lungati, Ushahidi] Brad, we are going to look into reinstating them :)
Brad Anthony
@INTJ_Ape_twitter
Feb 27 2018 11:09
Waahoooooo!
Ushbot
@ushbot
Feb 27 2018 11:09
[Angela Oduor Lungati, Ushahidi] And thanks for your continued support!
David Losada
@tuxpiper
Feb 27 2018 11:11
@Brad can you ping me via PM in gitter about that security conversation? I see two Brads , but I'm not sure if you are in fact just one (it's just one David here, this is written directly from gitter :) ). Once in the PM, let's exchange background and start giving form to that assessment
Brad Anthony
@INTJ_Ape_twitter
Feb 27 2018 13:29
In my universe there is only one Brad. But alas, yes I do see here there is another. ;-)
Cam Macdonell
@cmacdonell
Feb 27 2018 22:59

Hi, I have a few questions about the v3 API:

Is the documentation up to date? I'm looking at https://github.com/ushahidi/platform/tree/develop/docs/api

I haven't seen .apib files before. They look markdown-ish, is there some kind of renderer that presents them in a more readable way? Perhaps as nicely formatted pages under readthedocs?
Googling "Ushahidi v3 api" returns some very old pages that are confusing. Can these be taken down? https://wiki.ushahidi.com/display/WIKI/Ushahidi+3.x+REST+API