On Wednesday 31 January 2007 11:54, Ralf Corsepius wrote: > On Wed, 2007-01-31 at 11:32 -0600, Dennis Gilmore wrote: > > it is not registration, it is not spy ware. > > It unattendedly collects various data which is not publically available > from a local machine => SPY-WARE where does it do this? right now we are wanting to add it to the default install and ask the user to submit a profile. the profile is sent ONCE ONLY you are free to not select and install smolt at all or say no to sending your profile. I generally don't install firstboot. > Connecting this information with IP-numbers opens many opportunities for > abuse => Opens many chances to privacy breaches. IP's are only stored in the web logs same as any other web service. > I don't have any reasons to trust this URL smolt sends it data too. > > it is a voluntary hardware > > profile. there is no way to know that a profile is yours unless you give > > me your unique hardware id that is generated on your system at package > > install time. > > You have this (BTW: absolutely not unique and forgable) hardware id in > connection with IP-numbers. This allows backtracking. It was never claimed that the ID will be unique where is the ip ? its not sent in the data. the only place it exists on the back end is in the web logs. > You might have heard about the fuzz HW CPU-ID had caused in the past? > > > This will help fedora in many ways. > > I guess, I don't have to mention: My opinion differs very much. Tell me how it will not help. You have not done anything to convince me that I see this the wrong way and you have done nothing to prove your point. > > it is opt-in you can choose to install or not install smolt. > > Mike asked about making installation the default. That's why I am so > embarrassed. > > Having a script that is not being run automatically (not used by first > boot), but being run at user-request as part of eg. a > bug-report (similar to bug-buddy) is a completely different topic. thats how it works. you really have not looked at this in any rational sane manner have you. the firstboot module does not just send your profile. it gives you the option to opt in. you can send your profile by yourself at any time you choose > > Feel free to look at the code. there is no package list sent, no ip, no > > anything that can be associated to you without you giving me your id. > > I'll pretty soon add an "Obsoletes: smolt" into the base package of my > local repos. you are free to not install or if you do remove smolt at any time of your choosing > > And again to re-iterate it is entirely voluntary "you choose" to submit > > or not your profile > > OK, I will have a look at the sources and look if something has changed > since it was under review. At that time I did not notice any opt-in, but > noticed a scripts being run at installation time. %post if ! [ -f %{_sysconfdir}/sysconfig/hw-uuid ] then /bin/cat /proc/sys/kernel/random/uuid > %{_sysconfdir}/sysconfig/hw-uuid /bin/chmod 0644 %{_sysconfdir}/sysconfig/hw-uuid /bin/chown root:root %{_sysconfdir}/sysconfig/hw-uuid fi the Id is generated and saved on the local system if it doesnt exist. again its not rocket science and doesnt attempt to be globally unique > In this particular case, I'll continue to be VERY stubborn. > > There is not way to convince me about such spy-ware. If you want to > collect statics with an opt-in, you can achieve the same by launching a > counter website. > > Ralf -- ,-._|\ Dennis Gilmore, RHCE /Aussie\ Proud Australian \_.--._/ | Aurora | Fedora | v -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list