Fedora, UUIDs, and user tracking
Fedora, UUIDs, and user tracking
Posted Jan 16, 2019 13:33 UTC (Wed) by sgallagh (guest, #80524)In reply to: Fedora, UUIDs, and user tracking by jhoblitt
Parent article: Fedora, UUIDs, and user tracking
This is exactly the same mechanism used by iOS and Android (and Windows and OSX I think).
This information is not really useful for the information we want to gather, which is basically
* Trends in the number of active users (this is *not* the same as an exact user count)
* Identifying which Edition, Spin or Lab is in use (this information isn't transmitted and also this package is only installed on the Workstation Edition by default; it's not really useful on Server or Cloud)
* Identifying whether the system is short- or long-lived (this information also isn't transmitted)
The best we could possibly get from those logs would be "This number of unique IP addresses accessed this site". That's meaningless when you figure in that most Workstation systems are behind NAT devices (especially those at universities which probably results in a massive under-counting).
Posted Jan 16, 2019 14:06 UTC (Wed)
by ibukanov (subscriber, #3942)
[Link] (1 responses)
Posted Jan 16, 2019 14:37 UTC (Wed)
by excors (subscriber, #95769)
[Link]
Posted Jan 16, 2019 18:58 UTC (Wed)
by jccleaver (guest, #127418)
[Link] (5 responses)
And if anyone cared about privacy, it wouldn't do that by default. Opt-in for this kind of stuff.
You don't even need place any sort of HTTP call as your initial primary detection mechanism; there are other ways to do it, including comparing host records for disparate DNS entries and looking for sudden RFC space responses in a cached value. And final validation could always ask for approval before an HTTP request, and pick something innocuous (example.com) since you're only going to hit it once, not 12x/hour from all connected clients. Or make it GUI-configurable, or import the homepage setting from common browsers, or any number of other options...
Posted Jan 16, 2019 19:11 UTC (Wed)
by sgallagh (guest, #80524)
[Link] (4 responses)
That's a significant overstatement. Many of us in the Fedora Project care very deeply about privacy. Which is why this information isn't kept and stored or used in any way to identify individuals. It is, however, so extremely useful that having it enabled by default is in the best interests of the users of the Fedora Workstation. We document how you can disable it if you're so inclined (read: paranoid). Honestly, the only things we can learn from this is that there exists at least one Fedora Workstation connected to the Internet at that IP address. We cannot (and would not) collate this information with anything else and we don't send any information across this connection. And, frankly, we don't even actually know that it must be Fedora, because it's just a configuration setting available to anyone using Linux. If another distro decided to use our site for this connectivity test, we would have zero way to tell (though if we saw a sudden massive uptick in bandwidth usage, we might have to find a way to address that somehow for purely economic reasons).
Lastly, it's a trivial config setting. Don't want to use our site? Great! Set up your own site. Point /usr/lib/NetworkManager/conf.d/20-connectivity-fedora.conf at any website that returns a 200 HTTP message and you're done.
Posted Jan 16, 2019 23:34 UTC (Wed)
by jbicha (subscriber, #75043)
[Link]
Maybe you can help get the Connectivity Checking switch in to the GNOME Settings > Privacy panel. It's been in Ubuntu for over a year. I think I've done about as much as I can do to push it forward (including updating the patch today). It's being held up by what feels to me like unfair design hurdles.
https://gitlab.gnome.org/GNOME/gnome-control-center/merge...
Posted Jan 28, 2019 2:41 UTC (Mon)
by Garak (guest, #99377)
[Link] (2 responses)
Posted Jan 28, 2019 3:24 UTC (Mon)
by rahulsundaram (subscriber, #21946)
[Link] (1 responses)
It is not a slur. I have seen it used as a functional description is many software settings.
Posted Jan 30, 2019 13:22 UTC (Wed)
by codeofdrama (guest, #127444)
[Link]
Perhaps it would be less divisive to call the setting itself "paranoid" instead of the people.
Posted Jan 16, 2019 20:00 UTC (Wed)
by johannbg (guest, #65743)
[Link]
Fedora, UUIDs, and user tracking
Fedora, UUIDs, and user tracking
Fedora, UUIDs, and user tracking
Fedora, UUIDs, and user tracking
Fedora, UUIDs, and user tracking
> We document how you can disable it if you're so inclined (read: paranoid).
clue: when it's not opt-in it's a $cam
We document how you can disable it if you're so inclined (read: paranoid).
You shouldn't have used of the slur 'paranoid' there if you are really trying to be an honest broker in this debate.
clue: when it's not opt-in it's a $cam
clue: when it's not opt-in it's a $cam
Fedora, UUIDs, and user tracking