Open jzf2101 opened 6 years ago
@tgeorgeux do you have suggestions on where to put this to make sure people read the warning?
details form https://mybinder.readthedocs.io/en/latest/faq.html#how-secure-is-mybinder-org aren't linked onto mybinder.org I don't think people know this exists. we should probably put this info somewhere people can find it.
@jzf2101 Which website are we talking about? I haven't really delved into binder-land at all yet. Are you talking about for mybinder.org?
Yeah on the website. How do you think we should convey that info design wise to make it clear to people?
(From the website instructions, I would add the bracketed copy below) Enter your repository information Provide in the above form a URL or a GitHub repository that contains Jupyter notebooks, as well as a branch, tag, or commit hash. Launch will build your Binder repository. If you specify a path to a notebook file, the notebook will be opened in your browser after building. [Binder is a free, public service that is open to the world, and you should never share sensitive or personal information within a Binder repository. This includes passwords, data that shouldn’t be public, API keys, etc.]
I would also consider giving a contextual warning when a file is uploaded, but we can look more at that when we have some time to do a little dive into the context.
I agree this is definitely important. We're gonna need to do an update of the main binder page in general, so we should add some kind of language to this effect when we do so.
I'm hesitant to add all of the text that @tgeorgeux suggests to the main page (though I agree it's good content and we want it up somewhere). The main Binder landing page needs to be as simple and word-free as possible.
I think we could do something along those lines - like a contextual warning when people begin to enter a URL into the form?
Would it be fair to say the desire message is: "Do not upload sensitive or personal information!" or some iteration of that?
yes i think so
You can have that copy appear directly above above the URL window in red regular weight font (more intrusive), or you could put that copy inside the url area when it's not been filled out yet (less intrusive).
another thought is to add this not to the main mybinder.org
landing page, but instead to the "loading" page that people see when they click a binder link. Those cases are more likely to be seen by users who might be "vulnerable" to this.
e.g.:
Wouldn't people also be pushing vulnerable info to the repo itself? I was thinking it could also be in the form itself?
ohhh interesting, I hadn't thought of that. Could you give an example of what you're talking about? Do you imagine something in urlpath
or something?
I was thinking we could put a warning in the repo2docker form to tell them not to build images with personal content
ahh - from my perspective, I'm less worried about people building images with personal content because they'll already have everything online in GitHub. I'm more worried about built images asking people for personal content after people click on a Binder link :-/
both are true i think we can include two warnings
In addition to permanent changes that are discussed above should we create a specific page (or use the FAQ entry?) that explains the reasoning behind this? Could also mention other forms of data that you should not use (cc @ctb).
Once we have this, what do you think of having a Binder-and-your-secrets-awareness week? Tweets, some kind of "fork this on github" like ribbon in the corner of mybinder.org pages, short jupyter blog post?
that's a cool idea :-)
We got a lot of questions regarding putting private information eg private repos on binder. we should probably have more documentation on this on the website and the docs. @betatim