Good, fast and appreciated reaction from Datastax. Also thanks to Radim for the warning.
Alain, Opscenter-free user. 2013/6/20 Nick Bailey <n...@datastax.com> > Thanks everyone. We always appreciate constructive criticism. > > Regarding what OpsCenter collects, we completely agree it should be > documented more clearly. You can expect to see an update to the > documentation later today. I will update this thread once that goes live. > > Regarding notifying the user when installing, we agree this process should > be more transparent to the user. Adding that information as well as making > it easier to disable will be a high priority for the OpsCenter team. > Obviously that will take more time than documentation, but hopefully that > feature will be out soon as well. > > -Nick > > On Thu, Jun 20, 2013 at 7:57 AM, Peter Lin <wool...@gmail.com> wrote: > >> I use Cassandra, but I don't use OpsCenter. >> >> Seems like it would be in everyone's best interest to clearly define what >> data OpsCenter collects today, what OpsCenter won't collect and a promise >> to users none of the data will be used without first getting a customer's >> approval. >> >> I can understand the desire to collect general statistics, since it helps >> developers get a sense of how cassandra is used in production. I'm guessing >> these types of security issues can be easily addressed by improving EULA, >> documentation and communication. >> >> my bias 2 cents as a user. >> >> peter >> >> >> >> >> On Thu, Jun 20, 2013 at 8:49 AM, Radim Kolar <h...@filez.com> wrote: >> >>> >>> OpsCenter collects anonymous usage data and reports it back to >>>> DataStax. For example, number of nodes, keyspaces, column families, etc. >>>> Stat reporting isn't required to run OpsCenter however. To turn this >>>> feature off, see the docs here (stat_reporter): >>>> >>> You never informed user that installing your crap will get him spyed >>> upon. Thats very different from Firefox which asks for permission before >>> sending data back and presents both choices to user. >>> 1. You do not have documented what information and how often you are >>> going to spy >>> 2. how you are processing this information, which is required by EU law. >>> 3. In your crap EULA you demand right to present any user of your >>> spyware to public for PR purposes. >>> 4. You guys tried to add spyware into apache cassandra and got huge >>> negative response on cassandra-dev. You will simply never learn lesson. >>> >>> I dont trust Datastax: >>> 1 .I am responsible for data security because we have sensitive data in >>> database. Because you are spying by default, we can not trust that due to >>> our admin mistake your spyware will not be left enabled. >>> 2. We can not trust you that configuring that particual option really >>> turns spying off. There might be bug in code or option can change name >>> 3. We do not like to be spyed by software holding sensitive data >>> 4. Spying is not anonymous - you will get IP address of reporter - you >>> will see what company is using your product and from keyspace/CF names you >>> can easily guess for what it is beeing used. If you do not spy keyspace/CF >>> names yet you can do it in future since you have no clear privacy "what we >>> spy" policy. >>> >>> I improved cassandra nagios plugin to fit our needs and give red stop >>> sign to sw made by datastax. >>> >> >> >
