undefined | Better HN

0 pointsnonrandomstring2y ago0 comments

YVW. I'll have a think about some other sources, especially plain speaking non-academic takes on the ethics that help developers see the issues. For now this one is a good general overview [0].

The big one with telemetry, is unintended side effects due to correlation and deanonymisation - which is actually dead hard to anticipate - very easy to get wrong like rolling your own cryptography :)

The other, around consent and defaults, is that even if your telemetry is perfectly anonymous, benign and beneficial to the end user, you may trigger a security alert and over-zealous investigation and reporting. This can have a massive impact on your reputation, as happened to Audacity. It's really not worth taking the risk.

Hope that helps.

[0] https://www.emerald.com/insight/content/doi/10.1108/S2398-60...

0 comments

thinkmassive2y ago

Digger collects Github user and repository names. No attempt is made to obfuscate the data, these are sent in the clear.

This level of incompetence borders on malice, regardless of intent.

j / k navigate · click thread line to collapse