Re: [gentoo-dev] Adding hw-probe in Gentoo
On Sat, 2020-03-28 at 00:15 +0100, Conrad Kostecki wrote: > a longer time ago, there were some concerns about privacy reasons > discussed here. It took a long time, but there is now a new version > released with lot's of changes. Since all results are still by default > uploaded, It should be noted, that hw-probeuploads a 32-byte prefix of > salted SHA512 hash of MAC addresses and serial numbers to properly > identify unique computers and hard drives. Here is one example report of > one of my devices https://linux-hardware.org/?probe=6bc7d86b9c. FWICS, > sensetive informtion seems not to be present. I would like to gather > some opinion about here, if there are any objections about adding > hw-probe to Gentoo. > If: 1. it doesn't do this automatically after installing (i.e. install an enabled cronjob or alike), and 2. users are made aware what it does (i.e. because it's obvious that the program's purpose is to upload, or they're warned in postinst), I don't see a problem with it. -- Best regards, Michał Górny signature.asc Description: This is a digitally signed message part
Re: [gentoo-dev] Adding hw-probe in Gentoo
Hi, [2020-03-28 00:15:41+0100] Conrad Kostecki: > a longer time ago, there were some concerns about privacy reasons > discussed here. It took a long time, but there is now a new version > released with lot's of changes. Since all results are still by default > uploaded, It should be noted, that hw-probeuploads a 32-byte prefix of > salted SHA512 hash of MAC addresses and serial numbers to properly > identify unique computers and hard drives. Here is one example report of > one of my devices https://linux-hardware.org/?probe=6bc7d86b9c. FWICS, > sensetive informtion seems not to be present. I would like to gather > some opinion about here, if there are any objections about adding > hw-probe to Gentoo. BSD systems also have a similar thing with posting a filtered dmesg but IIRC their dmesg have much better information in them htan what you can get on linux. This one has a huge bunch of information but it's basically hardware and bits of software configuration that most people already put on their websites and I'm pretty sure this kind of program is opt-in anyway. You could have the same kind of issue with stuff like e-file or whatever was that third-party "Gentoo Social Compiling" thing which posted your compile time and error logs automatically.
