[LEDE-DEV] anonymous stats / was: Release Candidate Test Plan - first draft
Magnus Kroken
mkroken at gmail.com
Tue Feb 7 08:38:34 PST 2017
On 07.02.2017 16.40, Bastian Bittorf wrote:
> * Etienne Champetier <champetier.etienne at gmail.com> [07.02.2017 16:27]:
>> not a fan of leaking revision number on public network by default (if
>> you are connected to public wifi or ...)
>
> This is a valid point somehow, but:
> because model and revision number can/must be encoded with e.g. base64
> it is at least not plaintext, but far from encrypted 8-)
>
> Is it really an issue sending the revision-number/model over wire?
> Is an opt-out (uci-var) thinkable?
Because of all the popularity questions that inevitably occur in
communities like LEDE ("what router is most popular?", "what package is
most popular?" ...), I've been thinking of a statistics counter thing
for a while. A simple client with configuration to make various data
points optional, a server to receive reports from clients and a pretty
web page that shows aggregated statistics to answer (some) such
questions. I'll try to write out my thoughts later today or tomorrow, so
we can see what interest there is. (Sorry for being just an idea guy at
the moment, but I do actually intend to do some of the work involved if
there is interest, I promise).
>> If someone do something, can this be over https?
>
> it's about sending via DNS, so no http/https involved here.
>
> bye, bastian
Are there any compelling reasons to do this via DNS or raw UDP? To me,
doing this with HTTP(S) seems really straightforward both on the client
and server side. Use uclient-fetch on the client to send a HTTP POST
message to a web server, where a relatively simple script can record the
message in whatever way that is meaningful (put it in a database,
increment a counter or whatever). It will be a few more packets sure,
but compared to a user visiting the lede-project.org frontpage it's
minimal. I know it is possible to have something receive DNS queries for
arbitrary domain names, it just seems to be a very specialised solution
where HTTP is a straightforward solution for the purpose.
There will be concerns about such a phone-home feature for many reasons,
so if this is built-in and default we should make it easily visible to
the public - what it does and doesn't do.
Regards
/Magnus
More information about the Lede-dev
mailing list