On 7/7/24 16:49, Marc Deop i Argemí wrote:
With that statement you are showing that many here do not understand the concern: nobody (I daresay) believes the proponents of this want to spy on Fedora users or sell the data. The concern is that the data is available at all!
I haven't heard WHY is the existence of this data dangerous. The proponents have stated that the data will not be aggregated, which I understand to mean that the pieces (which CPU, what memory, what localization) will be kept separately and as an accumulated total count; this means that they cannot be leveraged to identify their source.
We all know that privacy can be compromised in spite of safeguards like private browsers and VPNs by looking at a signature formed by a combination of features like the browser window size, fonts, video extensions and whatnot. This is because those features can be tied to a specific connection, and the privacy-busting attacker can see them all together, and use that ensemble signature as an identifier. But when the features are disaggregated, this privacy attack is not possible.
So, I ask the questioners what is the exact scenario they are contesting? why is the data on distribution of memory sizes privacy-relevant?
At the same time, I ask the proponents to confirm that there will be no way to re-aggregate the data by any means (timestamps, Fedora account cookies, load factor on the server, etc).
-- _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue