On Di, 08.01.19 16:22, Lennart Poettering (mzerq...@0pointer.de) wrote: > On Di, 08.01.19 07:49, Stephen John Smoogen (smo...@gmail.com) wrote: > > > The additional information could be > > > > 10.5.124.209 - - [31/Dec/2018:09:07:21 +0000] "GET > > /metalink?repo=fedora-28&arch=x86_64&uuid=<blah>&edition=<blah> > > HTTP/1.1" 200 62200 "-" "dnf/2.7.5" > > If all you want to do is count, then it should be entirely sufficient > to do it like this: > > GET /metalink?repo=fedora-28&arch=x86_64&edition=<blah>&countme=1 HTTP/1.1 > > the first time within each one-week window and a simple > > GET /metalink?repo=fedora-28&arch=x86_64&edition=<blah> HTTP/1.1 > > all other times. > > Then, sum up how many "countme=1" GET requests we get per week, and > you have a good count, without tracking individual clients, without > inventing new uuids¹. > > Such a form of counting is so minimal that I think you don't even have > to query the user whether he agrees with that in the installer UI. And > the user knows that with the one additional bit of info he grants you > every week there's very little you can do you couldn't do in the > status quo ante. > > Morever, doing accumulation like the proposed also makes things > extremely simple to account for, as you don't have to store per-client > info in a huge database on the server. Instead it's entirely > sufficient to have a single counter for each subset of distro you want > to count. > > In the interest of privacy the valid desire to have statistics > about the use of our distro needs to be implemented with data > frugality in mind. Keeping a full database of all uuids of all clients > on a Fedora server somewhere is definitely not data frugality if all > you want is count. Even if Fedora wouldn't misuse the data, somebody > might exploit the server and steal the database and there you go. Not > even having the database is hence the much better approach, and you > really need neither the database nor the uuid concept to do proper > counting. > > So yeah, in the interest of privacy and simplicity, please don't got > the uuid way, there are simpler and better approaches.
And let me also stress that if you do it this way there's a better chance that people will leave this on, since you won't raise red flags all over the place that you can track individual users with this. Lennart -- Lennart Poettering, Red Hat _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
