8000 PHONEHOME too Revealing? · Issue #70 · bugsink/bugsink · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

PHONEHOME too Revealing? #70

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
k----n opened this issue Apr 1, 2025 · 1 comment
Open

PHONEHOME too Revealing? #70

k----n opened this issue Apr 1, 2025 · 1 comment

Comments

@k----n
Copy link
k----n commented Apr 1, 2025

The docs state the following:

PHONEHOME: (a boolean, whether to phone home to bugsink.com). This is used for the “phone home” feature, which sends some basic information about your installation to Bugsink.com. This is useful for us to know how many people are using Bugsink, and what versions they are using. Default: True.

Relevant code: https://github.com/bugsink/bugsink/blob/bb3740ed127e5010c2a0e96a43d1b76dccc57802/phonehome/tasks.py#L82C13-L82C35

It looks like the DEFAULT_FROM_EMAIL is also sent back to Bugsink.com which can be personally identifying information.

To me, it seems like that is more than basic information about your installation and can potentially reveal more information than a user wants to reveal.
@vanschelven
Copy link
Contributor

DEFAULT_FROM_EMAIL is indeed sent, as documented in the privacy policy. At the very least I'll link the full policy from the settings page (already done, will be visible next release of the website)

Admittedly, this is a bit of a leftover from the times when Bugsink's license was tied to production/non-production use; at the time I assumed that to determine whether you were using it "for real", this was an important piece of information. However, licensing is now based on the usage of "ee" features, so the email-settings is becoming less relevant from that perspective.

Other than that, I'm going to think about this for a while. One option could be to just send a boolean "is this a non-default EMAIL or not"?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vanschelven @k----n
0