** Changed in: whoopsie (Ubuntu) Importance: Undecided => Medium -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to whoopsie in Ubuntu. https://bugs.launchpad.net/bugs/1255165
Title: make it clearer that crash files may contain private data and make it easier to opt out Status in “whoopsie” package in Ubuntu: Confirmed Bug description: As far as I understand the whoopsie error report procedure, the coredump will be sent to ubuntu servers if daisy.ubuntu.com requests this after the initial report upload. However, I consider uploading a coredump across the network (although its https) to be a secuity risk. For instance gtk applications contain a lot of private information in their coredump such as last opened filenames. The coredump is used to extract additional information which may help to fix the bug, which is fine but any information should be extracted from the core *locally* (i.e. on the machine, where the crash happened) instead of extracting them on ubuntu servers. The text of the error upload dialog states something like "do you want to help fixing the problem?" which indicates to me that sending the error is something positive. I haven't found any hint that says "do you want to expose private data to canonical?" in this dialog. Altogether, I see no reason for sending a coredump. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/whoopsie/+bug/1255165/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
