As discussed in the security space, and in SecurityHandling, TiddlySpace includes many features that could be dangerous in the hands of a mischievous or malicious person. It is expected that both technical and social measures will be taken to tackle the issues without losing the benefits that TiddlySpace provides.
One class of social measures is preventing untrusted people from sharing dangerous stuff. This could be done by requiring some level of user account accreditation or payment before allowing users to become members of other spaces, create new spaces, or have their spaces included into other spaces.
The general idea is to keep untrusted users in a sandbox where they don't have access to any unsafe features, but letting them buy their way out. Instead of payment, it may be sufficient for them to just provide enough information for them to be personally identified, so that they can be held accountable for any bad stuff. In practice, malicious code often spreads through people you trust who have been tricked or whose machines have been compromised, so trusting individuals isn't enough.
Another potential defence is for separate servers to be be provisioned and federated for whatever size of group that does have the right level of trust for each other, and can afford collectively to defend themselves by taking backup precautions and paying the core team for clean updates. Somewhere between guilds and cliques, perhaps with the idea that these groups buy services from a combination of a computing and communications infrastructure supplier like Amazon or BT and an intellectual property centre like Osmosoft.
One class of social measures is preventing untrusted people from sharing dangerous stuff. This could be done by requiring some level of user account accreditation or payment before allowing users to become members of other spaces, create new spaces, or have their spaces included into other spaces.
The general idea is to keep untrusted users in a sandbox where they don't have access to any unsafe features, but letting them buy their way out. Instead of payment, it may be sufficient for them to just provide enough information for them to be personally identified, so that they can be held accountable for any bad stuff. In practice, malicious code often spreads through people you trust who have been tricked or whose machines have been compromised, so trusting individuals isn't enough.
Another potential defence is for separate servers to be be provisioned and federated for whatever size of group that does have the right level of trust for each other, and can afford collectively to defend themselves by taking backup precautions and paying the core team for clean updates. Somewhere between guilds and cliques, perhaps with the idea that these groups buy services from a combination of a computing and communications infrastructure supplier like Amazon or BT and an intellectual property centre like Osmosoft.