[development] WordPress 2.3 Spies On Users
Michael Prasuhn
mike at mikeyp.net
Tue Sep 25 19:25:57 UTC 2007
How about making it opt in, with an option for it in the installer? Maybe label it 'Enabled (more security)' and 'Disabled(more privacy).' We could tell the users to go to admin/build/modules to change it in the description.
-Mike
__________________
Michael Prasuhn
mike at mikeyp.net
mikeyp.phone at gmail.com phone
714.356.0168 cell
949.200.7670 fax
-----Original Message-----
From: Gerhard Killesreiter <gerhard at killesreiter.de>
Date: Tue, 25 Sep 2007 20:55:34
To:development at drupal.org
Subject: Re: [development] WordPress 2.3 Spies On Users
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gerhard Killesreiter schrieb:
> Khalid Baheyeldin schrieb:
>> The drupal module in 5.x sends a subset of this (site name, URI, IIRC).
>> The new update module in 6.x supersedes that, but I am not up to date
>> on the details. It includes installed modules too.
>
>> I think the data is in the DB of drupal.org.
>
>> Is it a big deal if the that info is sent? The highest rated comments so far
>> downplay that it is an issue at all.
>
> I think the main issue (and a serious one) is that this is done without
> asking the user and without the possibility to switch it off without
> extra work. Drupal's phone home feature has always been "opt in".
Apparently, update.module in D6 is not opt-in. Bad decision.
Cheers,
Gerhard
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFG+Vmmfg6TFvELooQRApXNAJ0eOIQTRktWLwcsnoAxdRVX5BdmvgCgu4Er
n4kIQNNUtg2/gFerBrQELDE=
=/QWn
-----END PGP SIGNATURE-----
More information about the development
mailing list