On Tuesday 06 Aug 2013 17:00:26 Robert Hailey wrote: > > On 2013/08/06 (Aug), at 5:24 AM, Matthew Toseland wrote: > > > On Tuesday 06 Aug 2013 00:01:43 Robert Hailey wrote: > >> How about avoiding the scary words, default to true (they already d/l it > >> from our server, right?) thusly: > >> > >> [x] Report installation failures over HTTPS > > > > No way. > > > > Explicit, prior, informed consent. > > I think it could be worded better, but isn't that already explicit (as > opposed to the act on installing implying they want it to work), prior > (before install), informed consent? > > Consider this wording: > > "[x] Send a report if installation fails (using HTTPS), so we can fix the > problem." > > Surly if they are conscious enough to use Freenet and in such a sensitive > environment that they cannot risk the *potential* outgoing https connection, > then they will know to uncheck it. > > I think it'd be more patronizing to presume they *don't* know what this means.
Nope. It's not safe to assume that everyone who has good reasons to use Freenet has a deep understanding of Freenet, or of networking, or of computers. And anything that potentially causes a severe privacy breach should be off by default. For the same reason that we still don't turn on opennet by default: it's something you have to ask the user about. And anyway we don't need to ask all users - we can quite happily only ask say 10% at random. > > So too, I find it unlikely that one would execute freenet (or it's installer) > if they do not sufficiently trust the Freenet developers that the report > would not contain personal/identifiable information (as your wording lists > the contents). No, your IP address contains identifiable information. > > Are you concerned that someone could (for a particular network) manufacture > an installation failure (downloading java?) as a way to detect attempts at > installing Freenet? Not necessarily. It's a fair assumption a significant number of users fail to complete it. We need to know when they fail to complete it - it could be anything from "I don't want to install Java" to "I didn't finish the wizard". I don't know if we need to record if they succeed, but there are enough failures here that Eve can happily just wait for connections. > > >>> If you click yes, the Freenet installer will tell us whether your install > >>> of Freenet succeeded > > > We only need feedback for a representative sample. > > To me, it is far more unsavory, dangerous, and uninteresting to collect > positive samples (e.g. "success"!) than to automatically report a bug by > default. > > > People do read. Most people have a fairly advanced reading age. > > Fine, but why waste their time with a paragraph (or modal dialog) when it > only takes a sentence to accurately convey the idea? > > Why optimize for the case that their life with end if we signal that they > can't setup the software, when we can optimize for our present reality? Whatever. There's no point arguing with you. For as long as I am around - which is a mere 8 weeks and 6 days from now - I will never, EVER add an unconfirmed or default-on callback option, nor will I allow anyone else to do so. I believe I have the support of 99.9% of the users in this position.
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Devl mailing list [email protected] https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
