Thread: Big Brother OpenBSD
View Single Post
  #6   (View Single Post)  
Old 13th March 2014
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
  
Join Date: May 2008
Location: USA
Posts: 7,983
Default
Thank you, comet--berkeley. That improves my clarity of understanding, and to aid discussion, your concern is apparently this, from install.sh:
Code:
# If we managed to talk to the ftplist server before, tell it what
# location we used... so it can perform magic next time
if [[ -s $SERVERLISTALL ]]; then
    _i=
    [[ -n $installedfrom ]] && _i="install=$installedfrom"
    [[ -n $TZ ]] && _i="$_i&TZ=$TZ"
    [[ -n $method ]] && _i="$_i&method=$method"

    [[ -n $_i ]] && ftp -Vao - \
        "http://129.128.5.191/cgi-bin/ftpinstall.cgi?$_i" >/dev/null 2>&1 &
fi
and this from install.sub:
Code:
    install_files "$_url_base" "$_file_list"

    # Remember where we installed from
    installedfrom=$_url_type://$_server_ip/$_server_dir

    # Bake a package path if we installed from a mirror
    if [[ -n $_mirror ]]; then
        PACKAGE_PATH=$(print -r -- "$installedfrom" |
            sed -E "/\/(snapshots|[0-9]\.[0-9])\/($ARCH)\/*$/!d
                s!!/\1/packages/$(arch -s)/!;q")
    else
        PACKAGE_PATH=
    fi
This capability was added in May, 2009, for inclusion in OpenBSD 4.6. From http://www.openbsd.org/plus46.html:
Quote:
Various installation script updates and fixes, and a new ftplist backend that tries to provide a good ftp server for you to use.
I couldn't find a public discussion in mailing list archives from that time period. That doesn't mean it did not occur.
Personally, I'm not too concerned that there is a recording of my public facing IP addresses that shows that I've run an OpenBSD installation script; anyone querying my bastion firewalls will discover I'm running the OS; I don't run services in "stealth" mode -- I use PF block rules with the return option -- and don't fear the fingerprints the OS and its services provide.
I expect all of the mirror servers log accesses locally but that is data stored by each mirror and not consolidated as in this collection.

I find myself thinking that this collection of metadata might have been better publicized, and that an "opt out" capability should be implemented. This data could be interpreted as PII in many jurisdictions, and the Project therefore acting in the dual roles of Data Collector and Data Processor.

We can certainly discuss this, and if there is consensus, perhaps one (or more) of us can develop a patch that provides both notification and "opt out" capability, for consideration by deraadt@ and the other developers who implemented and support the feature.
Last edited by jggimi; 13th March 2014 at 05:42 PM. Reason: typo
Reply With Quote