Re: Metrics and your privacy

On Wed, Nov 22, 2006 at 10:06:03 +0000,
Andy Green <andy@xxxxxxxxxxx> wrote:

If there is a gratuitous connection action for statistic-collecting
purposes, it would be best to ask. But then you lose some information
from the people who for whatever reason said no.

And since they don't want to provide that information, that is appropiate.

Whereas if you collect via yum mirrors, there is a transaction going on
initiated by the user that he benefits from. It seems hard for anyone
to object to your IP getting used for anonymous aggregated stats in such
a case, in fact if I visit any website I expect to have the same done
for my visit from their logs (esp if they are on Google Analytics).

The data can't just be stored as anonymous aggregated data since you need to
check for unique IP addresses. You could do hashing, but that wouldn't buy
very much privacy until ip6 is common. Still it would be nice if Fedora
had an official policy on when the IP data (as opposed to the aggragate data)
would be deleted.

It would be cool to generate a GUID per machine and attach it to yum
download URLs, eg, http://mirror.org/blah/thing.rpm?GUID=123-123-123..
so it is ignored by the server but is present in the logs. But the logs
are still useful without it.

Definitely don't do this.

Making a new machine check for updates at least once as soon as it saw
the network was up would be a friendly and non-privacy threatening
action that would solve this...

No it wouldn't be friendly. I don't like that yum checks for updates on first
boot before I have a chance to turn it off.

3. Machines behind a local yum cache

Whatever tools are provided to run the yum cache should have the repo
log processing stuff folded into them, and report stats up to Fedora HQ
by default. But a user should be able to turn it off.

Definitely not, but especially not by default.

One of the reasons I like free software is that it doesn't (normally) try to
spy on you.

Currently Fedora is a pretty good fit for me, but if it turns into spyware,
I will be looking at other options. (Though in the short run I would probably
look at respinning the install DVD to include modified packages without the
spyware.)

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

Relevant Pages

  • Re: Metrics and your privacy
    ... It seems hard for anyone to object to your IP getting used for anonymous aggregated stats in such a case, in fact if I visit any website I expect to have the same done for my visit from their logs. ... Whatever tools are provided to run the yum cache should have the repo log processing stuff folded into them, and report stats up to Fedora HQ by default. ... Currently Fedora is a pretty good fit for me, but if it turns into spyware, ... The other information we discuss is if you took update packages, ...
    (Fedora)
  • Re: Metrics and your privacy
    ... from the people who for whatever reason said no. ... use Fedora. ... so it is ignored by the server but is present in the logs. ... I realize there are risks with my stance. ...
    (Fedora)
  • Re: Metrics and your privacy
    ... from the people who for whatever reason said no. ... use Fedora. ... so it is ignored by the server but is present in the logs. ... upgrade ("Welcome to Fedora. ...
    (Fedora)
  • Re: camera revisited
    ... >Hotplug is in Fedora. ... >> both ways made megabytes of errors in the logs. ... seconds after I turn the camera on. ...
    (Fedora)