<br>I was surprised to learn that libraries like the quartz scheduler have phone home code built in. We had it running on a server with no outbound and saw activity. <br><br><br>On Thursday, November 1, 2012, Fabian Keil <<a href="mailto:freebsd-listen@fabiankeil.de">freebsd-listen@fabiankeil.de</a>> wrote:<br>
> Pete Wright <<a href="mailto:pete@nomadlogic.org">pete@nomadlogic.org</a>> wrote:<br>><br>>> On 10/31/12 10:10 PM, George Rosamond wrote:<br>>> > On 11/01/12 00:42, David Lawson wrote:<br>><br>
>> >> The Quantal release version of the Amazon lens encrypts the queries,<br>>> >> though the beta version did not. It also anonymizes the queries<br>>> >> prior to Amazon seeing them, which has always been the case to the<br>
>> >> best of my knowledge. Mark has addressed both of those points on his<br>>> >> blog.<br>>> > Oh, he certainly does address it.<br>>> ><br>>> > <a href="http://markshuttleworth.com/archives/1182">markshuttleworth.com/archives/1182</a><br>
>> ><br>>> > I especially like replies to "Why are you telling Amazon what I am<br>>> > searching for?"<br>>> ><br>>> > ..."Ern, we have root."<br>>> ><br>
>> > Great way to inspire people to use OSS, aint it? "I have root on your<br>>> > box so screw you."<br>>> ><br>>> > "Preserving anonymity" by trusting that project is laughable, at best.<br>
>> > Anonymity is not preserved by trust or policy, it's preserved *by<br>>> > design*. Look at Tor, GPG, etc.<br>>> ><br>>> > And it takes little statistical hacking to deanonymize data like that.<br>
>> > Give an Amazon your IP and queries, and it's not anonymous. Remember<br>>> > the "anonymized" AOL data a few years back?<br>>><br>>> this whole debacle was pretty interesting to me - esp the initial<br>
>> reaction/disregard for privacy from shuttleworth.<br>>><br>>> regarding anonymizing data that is actively being mined - it really is a<br>>> loaded term. In Germany for example, you can't store IP addresses and<br>
>> associate them with cookies(1) if the user requests so.<br>><br>> Actually you (legally) need the user's consent. Of course you are also<br>> obligated to allow users who consented to the data mining in the past<br>
> to opt-out again, but users who never gave consent in the first place<br>> do not have to request anything (§4 I BDSG).<br>><br>> The referenced article is grossly misleading, probably because they didn't<br>
> get their information from the actual law, but trusted a (ridiculous)<br>> press release of the "data protection authority of the German federal<br>> state of Hamburg", which has no authority to decide under which conditions<br>
> the use of "Google Analytics" is lawful in Germany.<br>><br>>> Yet once an<br>>> adnetwork has dropped a cookie on your system the IP is almost a moot<br>
>> point, they can deduce your geolocation and mine your browsing habbits<br>>> w/o a full IP address.<br>><br>> This isn't really a loop hole, though, because it requires consent as well.<br>><br>
> The main problem with the German (and European) privacy laws is that they<br>> are rarely enforced and thus there's no strong incentive to respect them.<br>><br>> Fabian<br>>