Questions about opt-in telemetry

Will there be anyway to turn off that telemetry? In Windows it is easy. But in Linux, I think it will be much harder. If Fedora devs introduce an easy way to turn it off, then good, otherwise it might be a big ‘NO NO’ for many loyal users.

Ofcourse, this page explains the proposed process:

https://fedoraproject.org/wiki/Changes/Telemetry#Current_status

So where to after Fedora?

From what I hear, it’s going to be simple, opt-in telemetry, like what KDE Plasma already offers to collect. I’m quite sick of people making a mountain out of a molehill with this. If you don’t want it, don’t turn it on.

100% agree with you on this.

The page linked just 3 posts above gives a full description of the proposal including a detailed description of the telemetry data and the user control of what is submitted.

Remember that this is FOSS so whatever is finally approved can still be reviewed at the code level to verify it does exactly what is stated – no less and no more.

I follow the guideline ‘trust but verify’ in all cases and excessive paranoia is limited by that practice since everyone knows that what is promised will be verified.

All the above was off topic for the original thread so it was moved here.

Telemetry is proposed but not yet approved and the link in 2 above is the full proposal with details. It includes the data to be collected and how users can manage it (with opt-in only).

Lets not allow paranoia to bloom here.

That’s the first I’ve heard that I’m content with just setting AllowTelemetry to 0 but I see other MS/Windows apps still having settings for optional data sending making me think there’s plenty of other stuff around not honoring that.

I’m kind-of iffy about whether the data I’d submit to Fedora would be that useful, but I’m not exactly against passively giving statistics. I do some weird non-default/standard stuff and like the idea of someone seeing that and improving the experience to either auto-do some of that or make it not needed

In windows I can only reduce the telemetry not turn it off.
And that is only for some of the Microsoft stuff.
Other apps like games launchers have no controls and force being on-line.

I don’t know but I have a github script which disables all the inbuilt telemetry of the Windows OS and regarding games, I always tell people to play offline games. I personally play some games which are offline and I turn off the internet before starting the game and if by chance my internet connection remains on, I block all requests from the game with firewall.

Keeping a PC safe from numerous security threats these days is difficult.

Having Telemetry specifically designed for the current release of an OS easily available adds risk - it’s an attractive attack surface that clearly has the potential to be exploited in attacking a PC even when the user has chosen not to install it themselves.

• Pretty obvious when you consider the fact that most malware victims don’t deliberately chose to install the malware.
• The intentions of actors in the public view aren’t really that relevant.

So if there’s a distribution that avoids this risk it has an advantage and other things being equal I will go for the lower risk Linux distribution.

The “we know you don’t like this but we know better than you that it’s actually OK” attitude is not going to assist in building a user base.

Of course malware professionals can already, and probably are, trying to work out how to leverage Endless OS to attack Fedora and other Linux systems for nefarious purposes - which is why responsible designers of such Linux distributions should be offering tools to harden your system against this pestilence, not modifying the distribution to facilitate an infestation.

The fact that I have to point out any of the above tells me that those who are leading the push don’t know how to do their job properly – that’s another clue it’s time to part company with Fedora.

I’m not really interested in debating this any further or responding to abusive labels. If you see it otherwise, you do you.

A few more random observations:

1. None of the proposed uses are essential and the information can be gained to some extent via other means and/or the design problems addressed in other ways - which is relevant when you weigh the risk (publicly distributing source code for a useful attack surface for the OS) vs the benefit (information that isn’t really essential that we can to some extent get via other means):
   “we want to know things like which IDEs are most popular among our users, and which runtimes are used to create containers using Toolbx.”
   “Metrics can help us understand the hardware we should be optimizing Fedora for”
   “Fedora localization wishes to count users of particular locales to evaluate which locales are in poorer shape relative to their usage.”

2. If it was my job to design malware to attack an operating system then, looking at a description of Endless OS, I would be pretty keen on developing exploits that socially manipulated users into agreeing to install a modified version of this stuff:
   “On Endless OS, applications use a D-Bus API (via a small C library, eos-metrics) to record metrics events locally on the device.”
   “This API is implemented by a system-wide service, named eos-metrics-event-recorder or eos-event-recorder-daemon (no, I don’t know why it has two different names either), which buffers those events in memory, and periodically submits them anonymously to a server, Azafea, which ingests them into a PostgreSQL database”

As a late addition to the conversation, I have two (edited to be a number rather than a preposition) questions about the telemetry; the first question deals with implementation and the second one addresses the philosophy of implementation.

1. Are the results going to be in binary format that is entirely inaccessible to the system owner, such as GVFs data?
2. I have setup a server and database to receive telemetry information through an opt-in app that I can link for download on this thread. I will collect the same information as proposed for Fedora 43. And I pinky promise to remove any potential sensitive information. Would anyone implementing/developing the telemetry for Fedora, or even those who plan on enabling it, participate in this? I could really use the data to help with some of my software development, which would help me focus my efforts on a better development path.

As you posted extensively in the original discussion, it’s a little hard to take this claim in good faith. :-/

I took the liberty to rename the title, I hope that is okay.

There is a lot of misinformation spread in these threads.

From (presumably) people who never worked with telemitry data, tried to serve a userbase that 95% doesnt report bugs (honestly, I am in Signal groups where people ask me instead of reporting bugs), and often havent read the proposal.

The proposal was weakened a lot by making it opt-in, which is a favor for the people that were against it. For “your grandma who never touches the settings” this will mean Fedora will not know what she used, prefers, changes, or struggles with.

The loud mass, however much percent it really represented, has won. At least we can agree on not spreading false claims here I hope.

If my grandma could install Linux, I’m sure she could also opt-in for telemetry But the sysadmin in-charge of deploying that computer might opt for it.

Which might raise: What kind of feedback do I feel is useful to Fedora as a project? I don’t have specifics at the moment, but I like the idea of my non-standard set-ups being judged via metrics, vs use-cases I couldn’t imagine wanting to run that probably won’t benefit me. But I’m also on a fence as to whether I’d enable metrics; whereas others with less concern and those use-cases I don’t use might casually turn metrics on as a helpful gesture (who doesn’t like being helpful with Linux :p). Which might lead to metrics being used to prioritize tech I’m not interested in; and if that’s not intended then why ask for the metrics?

I’m imagining decisions like making Firefox a Flatpak-default because majority of metrics show Flatpak enablement/usage, or using metrics to completely drop Xorg even though it doesn’t work without distro-imposed effort leading to people just opting for Wayland or not knowing a better option potentially exists (real-world I still prefer Xorg GNOME 47).

Oh, so this isn’t late in the process?

Regardless of whether I had posted earlier, THIS comment and THESE questions are late in the process. sigh Why do people have to be so defensive?

And, will the results be in binary or text format?

Is there a thread, blog post or news article that goes point-by-point to calmly and professionally address the misinformation? I’d like to see one, as I’m interested at what is considered misinformation and what is not, both in general and specific to Fedora’s implementation.

If there is not one and if you would like to create one, I could help and we can really dig deep into this to quiet, as much as is reasonable, any doubts about Fedora’s planned metric set and telemetry options.

Sorry I am not motivated to do that. But the 2-3 threads caused a ton of

1. Join fedora discuss
2. Ramble random stuff under the change proposal
3. Argue
4. Leave to never be seen again

I’m rather late to the party, but here’s some thoughts…

I’m sure there’s no shortage of people caring about privacy that are quite sick of other people telling them that one of the things they worry the most about (the “mountain”) is a non-issue, and they should just move along and stay quiet on their molehill.

Whether any of us like it, telemetry is either an actual foothold (GAFAM and such) or a potential one (KDE, Fedora… ?) into our systems.

Just flipping a switch doesn’t mean it actually deactivates what it’s supposed to.
Windows 10 comes to mind, and W11 is apparently keen on being even worse on that matter.
Obviously (and hopefully), that won’t be an issue for Fedora, but that doesn’t mean we should stop caring about it.

Now to my last point…

KDE is not a good example of managing telemetry, as far as I am concerned.
While it is indeed opt-in, there’s no (easy or actually practical) way of removing kuserfeedback.
I’m not saying KDE is evil, just that it’s a poor implementation that kuserfeedback has been made a hard dependency for so many packages…

Now, if Fedora 43 (or whichever version that will have it ready) ultimately does ship with removable collecting packages (as it is planned for the time being), then I (and others who share the same concerns) will happily continue using it

There is a percentage of people that is so inherently distrusting that no externally provided reasoning will persuade them. These people need to make up their own minds. Discussions like the one in this thread tend to go in circles, to the point where some people start to become argumentative for the sake of being argumentative. This is not helpful, and doesn’t bring anyone closer to a resolution.

There has been enough information made available about this topic for anyone to reach their own conclusions, both on the forums and on externally referenced pages. If you are not convinced by this time, further discussion is not going to convince you either.

Fedora as a community has no obligation to convince you that your objections are met. This burden is on yourself. The community can provide information and you make the decision whether that works for you or not.