Re: Phoning home

[Ian Jackson <ian@davenant.greenend.org.uk>]

Thomas Bushnell BSG writes ("Re: Phoning home"):
> These are two separate concerns.
> 
> Concern One: What a server does with information as a result of its
> operations;
> 
> Concern Two: What network traffic a program makes in its operation.

I think it is a mistake to separate these things in this way.

In the context of a particular program, it makes sense to consider
them both at once.  What network traffic a program ought to make
depends crucially on the servers it might be talking to; likewise,
what a server ought to do depends on the circumstances in which it
might be contacted.

> We cannot fix Concern One directly for other people's servers, and so we
> must not get sidetracked into thinking we should.

I disagree.  We should consider whether we can take measures so that
users' data is exposed only to trustworthy servers.  That might mean
choosing different servers, running our own, or disabling relevant
features.

I'm not saying we should do anything impractical, risky or stupid,
like running our own sanitising forwarding DNS proxy, or something.

Ian.