[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

re bobs comments

Bob + All,

>Yes, unfortunately I think we're going to have to at least consider >having
>the ability to keep the info as it may at a later stage be forced on us. >I
>_do_ think that access to those records be highly secured and >need, for
>instance, an official request from police and ok from a management
>committee to retrieve all the data.

Yes, we need to cooperate fully with the police. They have a habit of making
life tough for those who don't. Besides they do have that $200 000 000

>As to the nicked video card I don't see any problem in just replacing > the
>card with similar. In fact I don't think we'd have any choice, the police
>would require delivery of  the goods and the user would be left with >an
>unuseable machine, something would need to be done. Once the >process of
>receiving donations is up and running I can see us being "flush" with >some
>components, video cards being one, from DOA machines that are >stripped for

OK if we need to contact the people who recieved the dodgy machine, we would
have to keep at least a phone number on record. This will be entered by data
entry people but SELECT rights will only be given to the admin. That way
only one person can view the data as a whole.

> _don't_ think that stolen property is going to be a big problem for .
> However it needs to be thought about in advance so the issues can > be met
> with reasoned responses :).

Yes, it would look very professional if the police track us down and we can
just pull up details as requested. I also think this data should not be
given to police without a warrant.

>> Should we be storing the serial number of all devices? Each >>device has
>> serial number on it, even RAM chips, this can all be added.

>Yes, as long as such can be managed without too much effort. ( >some older
>RAM ie 30 pin may not be serial numbered though)

OK but this would be a pain if an assembled computer is donated, it would
require opening it up and taking out the parts if needed and recording all
serial numbers.

>This next bit may go beyond the scope that you were envisaging for >the
>database but I think it could be a usefull tool for the techs building
> machines too :).

> Are you thinking of allowing mass postings to the database via a  flat
>text file format ( CSV or TSV etc) ? That way a large donation can be
>broken down to component IDs and logged using paper or a spreadsheet (or
> even an editor [dare I say VI ]:) and tossed to a front end to update
> things without having to be net accessible and log each item one at > a
> time.

If it is in the correct format, this could be done quite easily. I have
written perl scripts to do similar things before. But it would be best if
you send this information to the admin (someone who actually has shell
access) and we import it that way.

> Loging as much info about components as we can is going to be  very
> (at least initially) for further IDing of similar components particularly
> where it comes to RAM where chip specs are difficult to find in > some
> cases. ( ie a machine boots with 16Mb ram, I'd like to tear the >machine
> down, slip out the RAM and note the chip info) We need to build expertise
> in IDing wacky hardware as we're going to be dealing with some _real_
>bueats :)

OK this is where PostgreSQL and Object Orientation really shines. We could
knock the Part Type on the head and define a Class called Part. From Part
you could create HardDisk, RAM, Case, CPU, MotherBoard etc. ANd even further
down if we needed to. This was my reason for choosing PostgreSQL, Relational
Objects, a mix of two very useful strategies.

> d for the donation admins, some sort of "one way" system of >enquiry to
>lookup who's received equipment would be usefull too (ie a query >can be
>made on recipients name and a reply would come back yes( has >received) or
>no, not " tell me the names of the last X reciepients). It would >probably
>need to treated as confidential info but be available more widely >than
>full disclosure of name address etc so that some management of >outbound
>donations can be made ( stop us being scammed in other words)

Yes, that can be done, see my idea above, allowing data entry by
certain users, but data retrieval only by the admin.

Ohh I see now, you want to check if someone has already received a computer.
Yes That can be done too.

> I can see a requirement for NDAs for members with access to        >
> material.

Yes that too. Another thing is requesting info from the admin. We need some
way to be sure that the requests information are actually coming from
trusted sources and not being spoofed. A PGP setup might be useful.