The RISC OS Open Web site stores various pieces of information when you browse its pages.
Web site Hub accounts
The RISC OS Open Web site is built using Ruby On Rails applications. Normally, the applications “Typo” (running the news pages), “RForum” (running the Forum pages), “Collaboa” (running the Subversion browser and ticket management system) and “Instiki” (running the Wiki) allow people to make comments, forum posts, edit Wiki pages and so-on without logging on. Some other web sites that use these applications in this insecure configuration suffer, unsurprisingly, from large volumes of advertising material (“spam”). To stop this from happening, the RISC OS Open site asks users to create an account, for actions involving writing information to the site rather than just reading it. If all you want to do is read things, you don’t need an account.
Accounts are created using a specially written application called “Hub”. The Hub database stores the e-mail address, real name and password that you provide, along with some state management information that related to your Hub account but not the personal details within that account. Using the control panel you can manage your account, including deleting it entirely. When you delete an account, all data within it is removed, including the record of your name and e-mail address. We do not retain this information within the account database for any purpose, though your name may still be associated with other parts of the site, as described below.
Forum posts, news article comments, ticket comments and Wiki page edits
When you perform any of the above actions using a web site account, usually your name will be associated with the information that you write. The name comes from the real name stored in your account. It is important to be aware that as you send information to the site, you potentially associate your name with quite a lot of things; comments and forum posts are fairly straightforward, but Wiki page edits can be more involved. Changes you make within any Wiki pages become part of the ongoing editing history of those pages and potentially persist for all time.
When you delete your RISC OS Open Web site (“Hub”) account, forum posts, page edits and so-on are not automatically deleted. In the highly unlikely event that you decide you want all information relating to yourself (including references to your name) completely and utterly removed from the web site, please contact RISC OS Open Limited directly. We would prefer to avoid having to take such actions wherever possible because, particularly with the Wiki, it can be a particularly time consuming job; however, we will of course comply with any such requests if you feel compelled to make them.
Your web browser must support cookies to use this site. Cookies are a way of storing information on your computer about a previous page you viewed. Cookies allow the applications that comprise this web site to recognise your web browser when it requests a page as the same, or as a different web browser, from one that fetched a page a moment ago.
This site is built using Ruby On Rails applications. These applications all store a session cookie to maintain state across page fetches; these cookies do not store personal information unless you explicitly log in to the site. Session cookies store only a session ID, which is used by the RISC OS Open web site’s server to access data stored only on that server. Consequently, they are relatively secure, containing in themselves no useful information to the outside world, personal or otherwise.
For reference, the names of the session cookies set for the RISC OS Open Web site Rails application session management are:
typoapp_session_id. To clear the cookies, use your web browser’s cookie management interface or contact your web browser supplier for more information.
Other cookies are:
typoapp_email– the first is only used for administrative users and is a low security record of administrative privileges used only for user interface purposes (the application back-end tracks privileges independently to enforce full security should someone try to hack the cookie). The other two cookies are set if you comment on an article and decide to set a personal Home page address or e-mail address. The information is recorded in a cookie so that next time you want to add a comment, the relevant form fields can be filled in automatically. To clear the information, delete the cookies using your web browser’s cookie management interface (if it has one) or submit a new comment to any news post, making sure that you delete the URL and/or e-mail address in the comment form first.
- The Radiant application uses cookie
expanded_rowsfor administrative users when editing pages. This does not apply to normal site visitors (the cookie is used to record viewing preferences on a list of pages in the page editor).
- The Hub single sign-on mechanism uses cookie
hubapp_shared_idto hold an encrypted session key used by an internal authorisation server. This server maintains session state details while you are logged in. It works on entirely local connections to the server, with no public listening sockets. The cookie is only sent out over secure connections (for more, see below). The authorisation database details are cleared if you explicitly log out or if your session with the RISC OS Open site times out (again, for more, see below).
Your account details can only be accessed using a secure (HTTPS) connection. The Hub cookie used to identify you as logged in is set up so that your browser will only send it when a secure communications link is in place. Over insecure connections, the RISC OS Open site will believe that you are logged out at all times. This prevents the cookie from being “stolen” off the wire and used on another machine to hijack your session. The cookie holds no personal information itself but includes a key to the authorisation server and that does hold such data. This always ought to be your personal data since you are the person who logged on (!) but it still needs to be kept secure in case you, say, use a public computer (e.g. in a library) and forget to log out, leaving the cookie set on the public machine.
For this reason, the cookie is encrypted so that the actual authorisation server session ID cannot readily be retrieved by simple examination. The cookie only exists for the duration of a web browser session. Your logged in sessions with the web site also expire. If after 15 minutes of inactivity on the RISC OS Open site anyone (including yourself) tries to access the RISC OS Open site again, they will find that the authorisation data has been cleared and they will be asked to log in again.
As with all of the software driving the RISC OS Open web site, the source code to the Hub application, the HubSsoLib supporting library and the Hub authorisation server is open. Code reviews are invited. If you are technically minded and wish to conduct your own security audit of the software, please look at the Subversion repository.
RISC OS Open Limited will not share your personal information with any third parties for any reason, except to comply with legal process in the UK in the unlikely event that law enforcement authorities require us to provide information on all or part of our account database’s content. We will not send you unsolicited e-mail messages using the e-mail address you supply. E-mail messages will be sent in response to account management activities (e.g. to activate an account when you are signing up, or to help you reset your password if you forget it) or if you explicitly choose to receive notifications of certain events (e.g. replies to a forum post you made).