Show only region & country in geolocation information?
By request, I am working on a new admin tab called "Users" that will summarize all user connections during the time the server has been running. Sort of like an extraction and summary of the current "(ARRIVED)" and "(LEAVING)" log messages. Among other things this will help us with our problem of identifying and blocking the bot connections.
But the question has come up: Would now be a good time to eliminate recording the city and just show the geolocated country? Because the city from the geolocation databases are often so terribly wrong (it seems like they were better in the past?).
Geolocation of course doesn't help with bots since they all use virtual private servers (VPS) located all over the world. But a localized list of the name/callsign idents and IP addresses used will be very helpful.
Opinions about this anyone before I make a change?
Comments
More specifically: The geolocation records often store city, region and country. So I would propose continuing to use the region information. That way you'd still get USA states for example which are encoded as a region.
Personally I'm not that fussed, but Geolocation generally seems to work OK for me, and is usually pretty good with UK based users, other countries perhaps less so.
I can usually 'spot' my regular users from their location information, even if they are not actually at that location.
Maybe a revised login feature would work better (as long as it could be disabled by the admin), but that could also be misused.
But I'd go along with pretty much any decision.
Regards,
Martin
Hello.
Thank you very much for asking this question.
For my part, the name of the city is useful for identifying regular users, because very few people provide their identifier. Even if the name of the city is not exact (always big problems with geolocation from IP addresses), it doesn't matter, because it's still an easy marker to use and remember. I can't easily remember an IP address.
Best regards, Philippe
Thanks for the feedback. Maybe that needs to be (yet another) admin option to keep everyone happy.
Also, v1.666 has a new admin option that forces users to enter a non-blank name/callsign before allowing a connection. It replaces the "Click to start..." dialog since a keyboard entry counts as a "user interaction" that will allow the audio to proceed. The name/callsign is saved in browser storage as usual so you'll only get the "Click to start..." next time (unless you've whitelisted the Kiwi site for audio autoplay in your browser).
This possibility is excellent. A very nice option. Thank you so much.
v1.666 has many user-suggested improvements. I'm just waiting until the NA eclipse is over before releasing it. Don't want to disturb anyone's Kiwi before that..
For the next release I've made including the city an admin checkbox option since there were requests on both sides.
To store the name/call of a visitor with their IP address, the consent of the user is required to comply with GPDR/DSGVO. It would be good if this could be added.
A bit of feedback on the forced username option to start the KiWi session.
I've found that some folks are just filling up the entry box with junk (or worse), so I've turned it off.
Most sensible users seem to ID themselves voluntarily, and those that wouldn't anyway, if forced, will just enter anything.
Another comment was made about the European data protection laws, could be an issue, and I also seem to remember there was a similar discussion some time about publicly exposing users IP addresses.
Just my observations, your mileage may vary.
Regards,
Martin
As far as I could find out, and as far as I understand, the IP address alone does not qualify as personal data, since it can change over time. (And it is technically required to be processed, for example to prevent abuse)
If a user identifies himself, it would count as personal data, which would require his permission to be allowed to be stored.
But to make matters more complicated, different countries do also have different regulations.
I got leaned on pretty heavily to include the forced name/callsign feature (by the owner of KiwiSDR NZ no less, lol). I wasn't real happy about including it, but these days there are some battles I've given up on. Perhaps the real problem is having it enabled by default.
I'd agree, don't enable it by default.
That will protect folks who are nervous of data protection laws and forget to turn it off.
Regards,
Martin
Yes, and now some people will be upset (Peter, lol) that I'm forcibly disabling it. Requiring them to explicitly turn it on if they want it.
In the past I simply refused to add things like this when it was clear there was going to be two opposing camps each making demands. It simply wasn't worth my time.
What about the mobile interface? The user preferences / subscription service? The inclusion of the Fldigi decoders as an extension? Will any of those things get done before I expire? I'm beginning to doubt it..