If this happens with Gentoo then I'm gone

[nokilli]

https://www.phoronix.com/scan.php?page= ... r-Proposal

Ugly that this happens just after IBM buys RedHat.

Uglier still? Almost nobody is talking about it.

[Muso]

The Internet was a mistake.

Monetizing users is the only reason why I could see them implementing this. Facebook/Google model.

[pjp]

the proposal is quick to acknowledge the intent isn't for tracking users but only counting and this UUID wouldn't be re-used by other systems.

Well, at least we know that's exactly what they're intending. Obviously they aren't going to reuse it, otherwise they wouldn't be tracking accurately. Counting. I meant counting.

[erm67]

A package manager UUID isn't entirely new as openSUSE already leverages a similar approach for providing metrics on their install base.

Unless of course Pooottttereing uses something similar to what openSUSE already does which is without any bias perfectly ok

[bunder]

ubuntu mate already does install-time telemetry

edit: actually, so does ubuntu standard https://www.howtogeek.com/349844/how-to ... t-your-pc/

[Fitzcarraldo]

edit: actually, so does ubuntu standard https://www.howtogeek.com/349844/how-to ... t-your-pc/

Presumably the Ubuntu case is different from a unique package-manager UUID per installation? Personally speaking, the functionality described in the article you referenced appears reasonable to me. Providing transmission of information on the system, packages installed, and bugs can all be disabled easily by the user and are anonymous (not traceable to a specific machine), I personally would not have a problem with them.

[erm67]

The intent is counting, not tracking, so I'd like the UUID to rotate monthly — long enough to tell the difference between short-lived instances and long-running ones, but not useful for tracking.

I wonder how the uuid really works on OpenSUSE...

[Fitzcarraldo]

I wonder how the uuid really works on OpenSUSE...

https://en.opensuse.org/openSUSE:Statistics

[sao98021]

"For those not comfortable with a DNF UUID, there would be a "easy" means of opting out of this data collection."

makes it a little more tolerable, i guess?

also, wouldn't it be... much more difficult for gentoo to do this? As no one system is built the same, aside from the minimal install iso, your first boot after installation and what is installed on it is going to differ than your friends in most cases, compared to say installing ubuntu on this pc, and then installing it on the next pc, were it'll be nearly identical.

how could gentoo insure a dnf uuid(or something similar) is used on every single install, wouldnt that require drastic changes, whos making the decisions here? i thought i was the installer? how could they force you to keep it on your system?

what would be easier is just adding a unique key to each downloaded iso, which wouldn't really yield the point fedora is trying to make 'just getting an accurate userbase'

ofc someone could always be like 'you must have this or your system will break', but remember gentoo hasn't folded before in the face of such changes even when a lump sum of distrobutions accept them, i doubt it would now. plus, how would they really do that based on the points made above.

to me what they're trying to do seems reasonable, but it would/could be the foundations for a backdoor that could possibly be built upon/exploited in the future, if no nefarious intentions are accompanying it now, wouldn't it just be a matter of time. Thats my paranoia talking, would it happen? 50/50

and again, there's the opting out, but we all know that when you choose to opt out of something... just how opt out are you? Sometime's its not so clear cut as our peace of mind would like it to be.

what could they do, add a key to your computer after your first --sync in the new world? It would have to be kept server side, but something would also have to be on your side that matches up with the key on the server like gpg or something? how could they brand your system to make sure its the same system everytime.. this is a rabbit hole i'm ill-prepared for via lack of coffee.

[nokilli]

how could gentoo insure a dnf uuid(or something similar) is used on every single install, wouldnt that require drastic changes? how could they force you to keep it on your system?

systemd-machineidd

Wait, lemme retitle the thread, should it be "If this happens with eudev then I'm gone"?

[sao98021]

how could gentoo insure a dnf uuid(or something similar) is used on every single install, wouldnt that require drastic changes? how could they force you to keep it on your system?

systemd-machineidd

Wait, lemme retitle the thread, should it be "If this happens with eudev then I'm gone"?

that makes much more sense lol, i was tripping out for a minute

the very reason why eudev was brought into existence, or atleast how i understand it, is that they cared enough that people had an option other than systemd and udev and older machine compatibility. so to me part of the train of thought that created eudev seems counter-intuitive to now do this to it, so i dont know... ¯\_(ツ)_/¯

[pjp]

A package manager UUID isn't entirely new as openSUSE already leverages a similar approach for providing metrics on their install base.

Unless of course Pooottttereing uses something similar to what openSUSE already does which is without any bias perfectly ok ;-)

Whatever floats your boat. You're free to make decisions using whatever methodology you like.

[erm67]

sour grapes still hurts apparently


that's actually smarter than Ubuntu counting ntp requests or openSUSE's fixed uuid:

As these privacy and other problems with the UUID scheme were being discussed, Poettering came up with a scheme that alleviated most of the problems that were identified. He proposed that a "countme" flag simply be added to a single mirror-list query each week. The sum of all such queries over a week's time should provide an accurate estimate of the number of Fedora systems. That way, UUIDs need not be stored, which removes much of the concern—data that is not stored cannot be misused.

[Naib]

If Gentoo did it would get patched out (by end users at the extreme) and remember if it was it would be around the use of portage as this really is the only unique thing (even then not 100%)

Such inclusion into portage would hopefully be via the council (who one would hope would reject)

Now if systemd incorporated to track sysd users well... Could still be patched out by end Gentoo users


Also there was a project some time ago feeding back (anonymous ) package install stats

[NeddySeagoon]

There was a Google Summer of Code project for users to install a package and use it to report back.

It never made it into portage.

I don't think Gentoo is organised enough to make use of any data that was returned anyway.
Its not likely to find any support until the why? question can be answered.

If systemd does it, well, that's a user choice.

[ChrisJumper]

Hi nokilli,

no, i think gentoo will not do this, we have a fine place here, because gentoo is no main-stream os.

However, just read the Book from a 67 year old Lady, Shoshane Zuboff to understand why this companies do this and how they earn money with it. And why this is some kind of issue for us.

It seems to work like telemetry on windows systems and is used to tracking consumers over device borders.

Regards

Chris

[swathe]

I cannot see where this would be of any benefit to Gentoo and without that benefit I doubt there is going to be much motivation by anyone to implement such a thing.

[pjp]

Split off the [topic=1092196]state level tracking post[/topic] to its own thread.

[erm67]

Fedora's FESCo Approves Of A "Sane" Approach For Counting Fedora Users Via DNF

https://www.phoronix.com/scan.php?page= ... -DNF-Count

Let the non sense party begin, let's go.....

[wuzzerd]

I remember when I messed around with systumd for a week trying to get it to work like my openrc install. It would give me a 32byte user id, which I always changed to 00000000000000000000000000000001.