|
|
Subscribe / Log in / New account

Fedora, UUIDs, and user tracking

Fedora, UUIDs, and user tracking

Posted Jan 16, 2019 14:56 UTC (Wed) by amarao (guest, #87073)
In reply to: Fedora, UUIDs, and user tracking by sgallagh
Parent article: Fedora, UUIDs, and user tracking

To be honest, I don't feel that this is a public interest. It's nice to have, but in modern privacy war there are too many victims to think that any tracking would benefit users. In some ideal society where private data are sacred and never is violated by secret services and other bad guys, it may give some benefits.

In our current society, any tracking information is against user. Any. Why? Because there is always a third party actor nearby, gathering this information. You think it helps you to check distro momentum, but in reality it's an excellent way for the man in the middle to join together two independent connection log entries from different IPv6 addresses. Privacy extension had randomized IPv6, and two Fedora machines had became indistinguishable from a single machine... Until it send count-me-in packet with a specific number which clearly give an answer that those two machines are the same.

Do we really want this?

to post comments

Fedora, UUIDs, and user tracking

Posted Jan 16, 2019 16:23 UTC (Wed) by mattdm (subscriber, #18) [Link]

The information is sent over SSL so the man-in-the-middle would have to compromise that. At that point, there's much stronger, more effective, and more likely attacks to worry about.

But even then, I'm proposing a granularity of one week, with a maximum number of, say, 60 — covering the expected lifecycle of a single Fedora release. That means the number wouldn't provide much by way of useful disambiguation for an attacker.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds