[wp-hackers] Revisiting phone home and privacy
Austin Matzko
if.website at gmail.com
Wed Dec 9 18:01:27 UTC 2009
On Wed, Dec 9, 2009 at 11:21 AM, Otto <otto at ottodestruct.com> wrote:
> If you don't want to send a
> list of the plugins, then *disable plugin update checks*. I mean, you
> can't have it both ways. To do update checks, you *must* send a list
> of the plugins. This seems rather obvious, yeah?
No, that is not the case. As I already explained there is a big
difference between
- Sending a site's URL and all associated plugins at a URL
- Requesting from an IP address with perhaps a hashed URL the status
of a particular plugin.
With the former, you are revealing all the plugins at a particular
URL. With the latter, you reveal only that a client at a particular
IP address has requested information on the status of a particular
plugin. *Both* accomplish update checks, but only *one* is intrusive.
*The update checks could be done without privacy intrusions.* *We
could collect aggregate data on MySQL and PHP versions without privacy
intrusions.* I apologize for not being able to make it any clearer.
This discussion is moot; Matt decided the issue over two years ago, so
I'm not going to continue offending the sensitivities of iPhone
wp-hackers subscribers. However, I'd be happy to continue to discuss
this off-list with anybody.
More information about the wp-hackers
mailing list