Hi Jussi, > Now that we're talking about the online check... I've talked to people > who considered this behaviour "calling home" and thought it > unreasonable that > a) it's not possible to prevent the online check from happening via > configuration and
an actual HTTP request is needed no matter what. That is how WISPr is specified. So that check happens and it needs to be in a way that we can tell if we are on a portal or not. If you actually have a better technical solution than calling a server that is specifically set up to do just that, let me know. Let me put it this way, there is actual software that really calls home and transmits tons of private data that nobody knows about. What do you think Android or iOS are doing for example. Or you Facebook or pick your favorite service that sends you notifications if you log in from a new machine or change the country. I think that kernel.org knows more about my location than the ConnMan servers. So everybody labeling this as "calling home" should really think hard about what they are talking about. The code we are using is open source. You can look into exactly what we are sending. The only extra meta information we are sending is the ConnMan version number. Nothing else. There is no machine id or any kind of information to associate this HTTP request with another one from the same source IP. And honestly the ConnMan version number gets only included so that in case of a broken brown-paper-bag release, we can stop that version from breaking the server. That is about it. The whole thing is designed to be as anonymous as possible. We put a lot of thought into this since the HTTP request for the online check is technically required. > b) it's not possible to set the checked URL in the configuration I would argue that any user of ConnMan who wants to change the URL is in the business of actually calling home and tracking you. If everybody uses the same service then it is fully anonymous since nobody can tell you apart from the other ConnMan on your network. If we start fragmenting, then this looses its anonymous status where everybody is equal. Also I have no intention to debug faulty online checks from servers that run badly or are not returning the correct HTTP headers to allow us clear identification of the status. Think about what happens if we add a new header on the server that newer versions of ConnMan use. Everybody hacking in a different URL is on their own to deal with that change. > Would you guys be willing to change the above (or at least willing to > take patches)? As outlined above, there are reasons why things the way they are. We have good reasons for it. So unless someone really comes with a good argument, I do not think we need changes here. Regards Marcel _______________________________________________ connman mailing list [email protected] https://lists.connman.net/mailman/listinfo/connman
