Matthew Miller wrote:
> Since there is no personal information attached, I don't see how on the
> face of it this is a privacy violation. I want to take this concern
> seriously, but I need more to go on than "this is inherent". Can you
> elaborate?
I detailed it further down my message: my concern is that the UUID can
theoretically be used to track users, to build personas out of them from the
packages downloaded by the UUID, and in the extreme case even to identify
the person owning the UUID by name (e.g., if a package downloaded by the
UUID is downloaded only by 1 person and you find some bug report for it in
Bugzilla). I don't care that you promise that you won't do it, the fact is
that you *can*. And possibly others can too, depending on how exactly this
is implemented.
> Like I said, tracking is a non-goal. And, we want a design that is
> resistant to tracking -- but I don't think we need to go overboard.
If you take privacy seriously, you have to assume the worst. It is always
safer to send less data rather than more.
Kevin Kofler
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
