Skip to content

User safety & security update
Compare
Choose a tag to compare
@wmurphyrd wmurphyrd released this 10 May 03:07
· 478 commits to master since this release
v1.1.0
9c47e58

A collection of changes design to enhance safety & security for users

No longer recording e-mail addresses

In the database, plaintext emails have been replaced with their SHA-256 hash. This way we can still verify account ownership when a user re-enters their email to request a password reset, but we can no longer view (and therefore no longer risk losing in a data breach) user e-mail addresses. New configuration options have been added to offer a link to a mailing list opt-in from the registration page. For existing users, we will send one email describing the change and offering a link to our e-mail opt-in before we hash their e-mails. #30

Blocked once - blocked everywhere

The "Hide" button in the Hubs client has been upgraded to a "Block" button that also publishes a "Block" activity for the target user. When joining a room & whenever a new user connects, your blocklist is checked against the room occupants and anyone previously blocked is automatically hidden (and you are hidden from them as well). This means blocking a user one time in one Immer will remove them from your experience across all of Immers Space. immers-space/hubs#37

Users get control over how much account access to grant when visiting other Immers

image

We've added 9 individual access control scopes linked to activity types and 4 roles (bundles of scopes) to our OAuth2 authorization server. When connecting to their account from a remote Immer, the user gets to decide how much access to grant to that site so they can explore new places without jeopardizing their account security. We also changed the authorization flow to use a popup window instead of a redirect in the Hubs client, allowing users to preview (and even spectate) an Immer before connecting their account and joining the room. #29 immers-space/hubs#40

Clients can request one of the 4 role names as the scope in their OAuth2 authorization request, and this will be the default selected option when users are shown the above dialog, however users will always be able to override that choice and creators need to check the new scope hash parameter that comes alongside the token to discover which of the 9 scopes were granted and adjust their experience accordingly.

Assets 2