Turning it into a hash doesn't solve the tracking problem. It only prevents the attacker from knowing a list of serial numbers. I suspect keeping hashes of identifying information will likely cause controversy. On Thu, Nov 9, 2017 at 2:12 PM, Chris Murphy <lists@xxxxxxxxxxxxxxxxx> wrote: > On Thu, Nov 9, 2017 at 7:27 AM, Don Zickus <dzickus@xxxxxxxxxx> wrote: >> On Thu, Nov 09, 2017 at 09:19:04AM -0500, Nathaniel McCallum wrote: >>> Agreed completely. But I still need someone with experience using lshw >>> to write a data processor (json => SQL) for that data. Also, we will >>> need to sanitize the lshw output to ensure we omit identifying >>> information. For example, ip addresses on the network interfaces need >>> to be filtered out. It might be better to write an option for upstream >>> lshw to anonymize the output. >> >> You mean like 'lshw -sanitize'? :-) > > I haven't looked at how sanitize works, but it's probably useful for > the database to avoid duplicate entries. I think it'd be better to > turn something like the product serial number into a hash, and then > use the hash to avoid duplicate entries. > > -- > Chris Murphy > _______________________________________________ > kernel mailing list -- kernel@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to kernel-leave@xxxxxxxxxxxxxxxxxxxxxxx _______________________________________________ kernel mailing list -- kernel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to kernel-leave@xxxxxxxxxxxxxxxxxxxxxxx
