[LEDE-DEV] anonymous stats / was: Release Candidate Test Plan - first draft

Magnus Kroken mkroken at gmail.com
Tue Feb 7 08:38:34 PST 2017 

On 07.02.2017 16.40, Bastian Bittorf wrote:
> * Etienne Champetier <champetier.etienne at gmail.com> [07.02.2017 16:27]:
>> not a fan of leaking revision number on public network by default (if
>> you are connected to public wifi or ...)
>
> This is a valid point somehow, but:
> because model and revision number can/must be encoded with e.g. base64
> it is at least not plaintext, but far from encrypted 8-)
>
> Is it really an issue sending the revision-number/model over wire?
> Is an opt-out (uci-var) thinkable?

Because of all the popularity questions that inevitably occur in 
communities like LEDE ("what router is most popular?", "what package is 
most popular?" ...), I've been thinking of a statistics counter thing 
for a while. A simple client with configuration to make various data 
points optional, a server to receive reports from clients and a pretty 
web page that shows aggregated statistics to answer (some) such 
questions. I'll try to write out my thoughts later today or tomorrow, so 
we can see what interest there is. (Sorry for being just an idea guy at 
the moment, but I do actually intend to do some of the work involved if 
there is interest, I promise).

>> If someone do something, can this be over https?
>
> it's about sending via DNS, so no http/https involved here.
>
> bye, bastian

Are there any compelling reasons to do this via DNS or raw UDP? To me, 
doing this with HTTP(S) seems really straightforward both on the client 
and server side. Use uclient-fetch on the client to send a HTTP POST 
message to a web server, where a relatively simple script can record the 
message in whatever way that is meaningful (put it in a database, 
increment a counter or whatever). It will be a few more packets sure, 
but compared to a user visiting the lede-project.org frontpage it's 
minimal. I know it is possible to have something receive DNS queries for 
arbitrary domain names, it just seems to be a very specialised solution 
where HTTP is a straightforward solution for the purpose.

There will be concerns about such a phone-home feature for many reasons, 
so if this is built-in and default we should make it easily visible to 
the public - what it does and doesn't do.

Regards
/Magnus

More information about the Lede-dev mailing list