On 19/10/2022 09:48, Peter Robinson wrote:
Sure but as mentioned it's public data, and the modification, and I covered that in my reply, would be picked up by the other mechanisms.
They can collect a lot of sensitive information: your IP, Fedora version, packages version, etc. This can help with recon for attackers.
There isn't actually that many mirrors left do we really want to reduce the number more for end users for no actual improvement in security?
It will improve privacy at least.
Ultimately bandwidth is expensive in a lot of parts of the world for commercial entities to provide, that's why there's mirrors.
Fedora COPR has moved to Amazon CDN. Maybe Fedora's main mirror can switch to a CDN too?
-- Sincerely, Vitaly Zaitsev (vitaly@xxxxxxxxxxxxxx) _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
