[wp-hackers] Plugin update & security / privacy

[Kimmo Suominen]

On Mon, Sep 24, 2007 at 01:33:47PM +0100, Peter Westwood wrote:
> 
>  3. Sending the url may allow Wordpress.org to do analysis of the user
> base in the future - we should probably state this if and when it
> happens.

I fail to see what such an announcement would help at such a late point
in time.  Would there be a way for the end-user to retroactively have
their data removed, before it was used for such analysis?  How would the
user know the data has actually been removed?  Wouldn't it be stored on
backups etc.?

>From the developers point of view, I, too, can understand the desire to
gather all kinds of data for statistical analysis and other purposes.
However, as an end-user I'm not at all fond of the gathering of data
about me, especially without my knowledge or permission.

When the data has no obvious and solid need for being transmitted,
it feels even worse.  As was pointed out in this thread, many other
update checkers do not send the software inventory and versions to the
Microsoft servers.  It seems the only real reason for WordPress to do so
is to collect more information about the end-users.

The privacy-aware approach would be to send the minimum amount of
information necessary to perform the function at hand.  The API is
already versioned, so if more information is needed in the future, it is
possible to do it in a manner that doesn't break old clients.

The update notification is such an important function that I'll still
be using it.  I might not feel good about the information sent, but I'd
still use the service.  I'm also waiting for my plugins to be approved
into the wp.org repository as that is the only way to provide update
notifications to their users.  When there is no real choice ("use it or
lose it" is not a real choice), you'll find yourself putting up with
quite a lot.

Best regards,
+ Kimmo
-- 
<A HREF="http://kimmo.suominen.com/">Kimmo Suominen</A>