Re: call for participation - Debian contributors survey, 1st ed.

[Stefano Zacchiroli <zack@debian.org>]

On Mon, Nov 07, 2016 at 11:22:42PM +0100, Joerg Jaspert wrote:
> No logging or name is needed, with the set of questions in this survey
> one only needs a bit of knowledge of Debian and its people to identify a
> high amount of the survey takers, I think. (I still took it)

This is becoming an FAQ, so let me address it here instead of just
waiting for the blog post including its answer to be written.

Yep, you're absolutely right. And this is in fact why we included in the
survey announcement a promise to distribute the results only in
aggregate form, because cross-referencing with Debian info it would be
easy to deanonymize people.

So the "thread model" here is not "untrusted/byzantine survey
organizers" (if you don't trust the organizers you're probably screwed
anyhow, as we could be lying about not logging IP address or HTTP
referrers, after all).  The "threat model" is rather: "untrusted readers
of published survey *results*", which we will aggregate to avoid
deanonymization.

And of course all questions are optional, so if people fill itchy about
specific ones, just leave them out.

I'm available for further clarifications if needed,
Cheers.
-- 
Stefano Zacchiroli . zack@upsilon.cc . upsilon.cc/zack . . o . . . o . o
Computer Science Professor . CTO Software Heritage . . . . . o . . . o o
Former Debian Project Leader . OSI Board Director  . . . o o o . . . o .
« the first rule of tautology club is the first rule of tautology club »