The meta-problem here is that the bar is unreasonably higher for free software than proprietary.
Apple, who is known for being pro-privacy, makes your Mac "phone home to obtain a special boot signature, known in Apple jargon as a 'ticket'" just so it can boot after an update.[0] It's also known that macOS has checked app signatures online for over 2 years [1] in the past, not sure if it still does.
I'm happily using a MacBook nevertheless and I bet a lot of people browsing HN also do. Free software should be better than that, but we (their users) should also make their developers' lives easier. You can't expect high-quality software from mostly-volunteering engineers if they are fighting fires, and data-driven decisions if there is no data to begin with.
I don't think the bar is unreasonably higher for free software, I think the bar is unreasonably lower for Apple.
Apple has a few advantages that make this the case: a) they have really good marketing and b) they will always be compared against Google, Meta and Microsoft, which make their money from selling your data (either directly or through targeted advertising); whereas Apple makes their money from selling overpriced hardware.
But Apple is not pro-privacy, it is just less anti-privacy than other companies. And there are still people like me which would never use their products on principle.
That's true, but also true is the fact that a large part of the reason for using alternatives is to avoid this kind of data collection. So it's reasonable to expect to lose users with a decision like this.
It is still much less data, and does not allow them to identify you AFAIK. Even if they go with opt-in (not yet decided - it seems to be being debated and thy are asking for feedback) it is still far better than proprietary OSes.
I remember times when supposedly low Opensource software quality was a constant complaint. On the other hand I think taking Linux as an example, I always found it to be significantly more stable than Windows.
That said, it's a funny choice for Manjaro to go for opt-out telemetry. As a simplified Arch it seems to be popular among privacy conscious users. (But I don't know the project goals, maybe that's just coincidental)
Opensource contains many things, but IMO limiting to core/ packages on arch and never installing anything from AUR will get great quality software, with far better security and privacy than similar proprietary software.
If one is very interested in security and privacy however, using VMs for isolation of different apps or services is important, so having an OS that helps that is useful.
Bare arch _can_ do this, but requires quite a lot of script development.
Qubes seems to be the answer many grab for, though much is still written in C, which comes with all of the vulnerabilities mentioned constantly. So, something like https://diosix.org/ (a Rust-based hypervisor for Risc-V) is a great option to make a start towards decently secure system. Of course if your threat model includes state actors or something, you're SOL (change your perspective or what you're doing) since they always have an easy backdoor into any hardware, but sometimes things like diosix can protect against the constant script kiddies and other individual hackers.
Whether it is commercial or open source the solution has always been to explain to the user and ask informed consent. No one is so busy or so stupid that they cannot read a small para of text (possibly linking to a detailed document if they're so interested) and press one of two/three choices at some point during system setup or usage. Of course these permission prompts tend to grow out of hand as we can see from commercial operating systems but this is something Linux distributions can do better since nearly all software just want usage data and not user data like their commercial counterparts do.
I think it's a bit cliché; where do you draw the line? Should free software also display a copy of their license at first start and ask their users to click "I agree"?
When you start using a piece of software (free or not), there is a set of terms and conditions that you agree to (explicitly as is often the case with proprietary software or implicitly as with free software), which may include opt-out telemetry. As long as this is communicated, I don't see any problem with it.
To give credit where its due, I agree that Manjaro users may have never accepted opt-out telemetry when they first started using the OS and now this is being rolled out after the fact. Still, for a general-purpose OS that makes no privacy claims (e.g. Tails), I don't see how collecting their screen resolution etc makes a big difference. An average webpage today collects more than that in a single page view.
You're using weasel language. Are they known for it, or do they exhibit it?
>I'm happily using a MacBook nevertheless and I bet a lot of people browsing HN also do.
Yeah, of course I am too. Because when I voice certain displeasure with mass market products people tie too much of their ego to, well that makes me a cold cynical asshole subject to social rebuffing.
In office after office of software professionals, I am the weirdo for caring about product features. So at the next office, I just stopped having those opinions.
> The meta-problem here is that the bar is unreasonably higher for free software than proprietary.
No. The standard is extremely simple, and for-profit companies deviate from it because there is no regulation guarding privacy sufficiently. No opt-out telemetry, ever. Opt-in telemetry is fine.
As a statistician, I get it. You want unbiased samples which an opt-out option helps to get to versus opt-in. But privacy has been violated too many times for people to be okay with opt-out telemetry.
The bar appears higher for FOSS because you can see the telemetry code directly. Just because for-profit companies are failing the bar doesn't mean FOSS should too.
I use Linux exactly because the bar is higher. If it will start behaving like commercial systems then it will be easier just to install Windows and move on.
The bar is no higher for free software, just there are a lot of very strange people who enjoy giving a lot of money to get convinced by a company that their privacy and rights are being protected while they are being invaded.
Not really sure how to snap apple customers out of their dream, but i think people just like playing pretend, and like it even more when they pay a lot of money to do so.
I think the people who believe the bar is unreasonably higher would discount the use of any Apple product entirely, or even participating in capitalist society altogether. At least this has been my experience talking to people online who are very staunch FOSS supporters... it's like they live in a totally unrealistic world and expect everyone else should want that too.
I'm a game dev, and it's useful for me to have stats about how frequently abilities are used, what items players use, etc. to tune game systems. I've often thought it would be really easy to collect telemetry-- send a json blob with some info about actions players take in game -- but I want to make this both transparent and useful to players too.
I know that telemetry should be opt in, but no players will ever turn it on. And that leads to a conundrum- do I incentivize turning it on? Make it opt out? Gate some features (like heat maps on a play session or skill visualizations) behind it?
Would it be useful to have the ability to see exactly what was sent? Like, I could show a telemetry json or yaml blob in the options screen to show what events I collect. Would it be useful to have fine grained telemetry controls, like, the ability to toggle any arbitrary telemetry event from being fired?
It's a tough spot to be in, as a dev, to want insight into how people interact with your system, while also wanting to give people a chance to decline.
> It's a tough spot to be in, as a dev, to want insight into how people interact with your system, while also wanting to give people a chance to decline.
It is, but the underlying issue is trust, or rather, lack of it. Vendors feel so entitled to this data, that even when they obey what's actually rule of the land over here in EU, they don't even try to level with the user and give them a reason to opt-in - they'd rather show a beg screen with information-free boilerplate text, and then act annoyed that pesky regulators and lazy users deny them the data they're entitled to. Thing is, they're not entitled to it. Never were.
"We collect data to improve our product and your experience" is zero-information-carrying bullshit that hardly anyone believes in. In fact, the first sentence of your comment is strictly superior - so much, that I'd consider opting in based on that alone:
"it's useful for me to have stats about how frequently abilities are used, what items players use, etc. to tune game systems"
Now I have at least some idea what you're collecting and why, and how it benefits me and other players. And, more importantly, you came forward with it.
> Would it be useful to have the ability to see exactly what was sent?
Very much yes. Not for everyone, most players probably won't care. But some will, and I imagine reviewers will too. Being open about what you're collecting would go a long way towards establishing trust with the players, and if more people would do that, it could even change the overall perception users have.
Maybe I'm an outlier but the better you describe what you're collecting the more I will trust you that it's just that. Not "Hey I want to collect and send stuff to improve whatever" (that could be a keylogger, or in the case of an editor it could be a list of the files in my top-secret project, if I was paranoid) but if you linked a document describing what exactly you send (or like the Valve hardware survey, a textbox with exactly the content I can skim..) fine!
I know this is an unreasonable amount of work and most non-devs would not react differently or have a higher conversion rate.. but that's the type of reports I have given to various open source projects, because explaining it in detail and then sending different stuff I do not agree with is a kind of maliciousness I don't usually expect, except from content marketers and growth hackers.
To add on to what others have said, as a habitual "no don't send telemetry" clicker, I think this is heading a direction where I _would_ hit allow.
Two adjustments I could think of that would make it better (besides explaining clearly, etc):
Ask me when you're not actively obstructing me from getting to what I want. Like asking on first boot I've gotten no value from the software yet that I might feel I need to pay back, and I'm actively trying to get _in_ to the game and your pop-up is in my way. The easiest and safest way to get rid of it is "do not allow". Try asking _after_ I finish a game/round/whatever.
And that would also give you the opportunity to do something like collect real analytics information to show to the user. Like "Hey I hope you're enjoying the game it's useful for me to have stats about how people use abilities and items to tune and balance the game systems. Would you be willing to contribute to the game's further development by sending information like that below which was collected from your last round?" And then skip the JSON/etc unless your audience is programmers, just show them a table.
Finishing some play time having had fun and getting a pop-up that explains what, why, and gives me a chance to make an informed decision on whether to send something innocuous like "(offset-timestamp, event-type, item-id/ability-id)"... I'd actually probably allow it.
I am also anti telemetry, but given a direct usability request, I would be somewhat tempted to share it.
A way to package it would be to show end of game stats compared to global averages. Histograms of mana/health/bullets vs the world standard. Maybe a personal historical trendline vs past performance. On that screen, give an option to share metrics with the community. Users can immediately see what the aggregated data can provide and might feel more likely to consent.
To be most user forward, keep a local non-obfuscated log of what is shared. This also makes it possible for dedicated users to potentially mine their performance.
> Would it be useful to have the ability to see exactly what was sent?
That's helpful (as long as the user can opt not to send it after review), but to be honest, I never really trust that all of the data that is going to be sent is being disclosed. Our industry hasn't exactly behaved in a way that encourages trust.
> I know that telemetry should be opt in, but no players will ever turn it on
If you just ask the user yes or no and they massively decide no, who are you to turn it on by default and make them dig around to turn it off? Yes a lot of them won't go to that trouble or simply don't know it's there. But you know they're not ok with it when given the option.
> Would it be useful to have the ability to see exactly what was sent
Maybe an opt-in analytics type feature, a dashboard of sorts to see how one plays. I would be curious to see how often I use items, abilities etc. in games
I’d show a pop up at the first start-up, asking the user to opt in, and very clearly and honestly explaining what will be sent and why. And make it easy to opt out, if clicked by mistake.
You could make it mandatory to choose opt-in or opt-out, and make it transparent what data will be sent and what you will use it for and the retention period. Then more people might opt-in.
Do you have a link or a summary? I'm not seeing anything obviously relevant with searches combining "0ad", "wildfire games", "telemetry", and "data collection".
Or wait do I have to launch the game and see if it prompts me?
Easy, just explain exactly what you collect, what not, for which exact purposes you will use that data and why — and exclude purposes you will definitly not use it (e.g. send it to third parties, sell it to the highest bidder). Additionally say what is anonymized, aggregated etc, if that applies.
Then add a: "If anything about that should ever change, you you will be notified and asked again within this game".
Then consider addin an option where technically interested users can actually see that data in full.
If you collect reasonable data and explain clearly why people help you the dev when they share it with you, more people might be inclined to do so.
If you make a wishy washy marketing speech that says nothing will just click no.
TL;DR: Be honest, precise and make a promise that people can check you on and explain why they help you with this.
Manjaro has been dead to me for a long time (for different reasons). But this sets it in stone. I used to like Manjaro as a simple stable arch Alternative.
Arch has an installer now. Arbitrarily delaying packages doesn't really make things any more stable. If anything it causes stability problems if you use the AUR that assumes you are on latest arch.
Most of my problems with Manjaro were directly caused by systemd. I’d expect the same problems with endeavour unless they’re fixing upstream arch bugs.
Anyway, I gave Devuan another try a few months ago, and haven’t looked back. It let me put off my inevitable (?) switch to a BSD by at least another year.
I switched to Manjaro from Arch in 2017 because I don't have time to debug / fix broken updates, and the same Manjaro install has been completely stable since then.
Is there another distro which can do this (and I also don't want to have full reinstalls / upgrades every few years like Ubuntu/Mint)
Switched to arch and nixos, diffrent machines and diffrent usecases. Arch installer is really nice now, even if you should have done it manually at least once in your life.
I dislike emphasizing telemetry like this since, intentional or not, it implies all telemetry is equal. "Oh, well both Windows and Manjaro collect telemetry now, so one less reason to change"
All telemetry that is enabled by default and requires action/configuration to disable is equally evil, no matter if it is collected by a commercial company or by non-commercial company.
Since almost everyone doing telemetry feels entitled to it, thus doesn't even try to convince or justify it to the users - yes, all telemetry is equal until proven otherwise.
Yeah it's a pain to dig into / debate the details (if you can), but they matter.
Arguably I collect some "telemetry" with some products I work on. It's some very basic "anyone even really use this feature" stats that I would find difficult to narrow down to a user / and some "woah did this crash" type information.
Quite sad news. As a long time contributor, I was going to bump my monthly donations to 50€ per week, and gradually increase up to 100€ later, as a small help for the community I heavily rely on but can't contribute in other ways.
But now the subscription is canceled, and I have to look for migration options (there will be pain). Maybe Debian is the safest? I don't have much time these days to maintain or install Arch, or even have time to keep an eye on telemetry gathering practices of my OS.
Also the difference is that the word telemetry in a context of user metrics has been burned, the popcon a) already has it in its name and b) is open source and c) has info written about how it will send what packages you install and not random weird stuff.
The installer does ask indeed, but as you say the default is disabled. Stats are published on the web. Technically Debian members have access to the raw reports (without any IP addresses etc), but that access is very rarely used.
Out of curiosity, what time investment is required for maintaining an Arch install?
I've been using Arch for the past decade and other than the turbulence when switching over to systemd, I don't do anything other than `pacman -Syu` and can only recall exactly one time where the system broke and it was because mkinitpcio failed to run after updating a kernel and was fixed by chrooting into my system and rerunning it.
I often had more issues with Debian or other distros because of having to fight the system to install packages that were built within the past year.
My impression comes from the switch-to-systemd era too, but systemd was never my problem. It was that my desktop never ran as smoothly as my colleagues' Manjaro and I finally gave up.
But you make me think... I should give Arch one more try before giving up!
For those who want to preemptively block these requests, the domain is metrics-api.manjaro.org. Taken from their repository: https://github.com/manjaro/mdd
Makes me a little sad, I'm super comfortable with my current Manjaro Cinnamon setup. This ain't a big enough issue to migrate, at least not yet... but I'll definitely keep an eye out for more shenanigans and jump distro if it ever becomes too much.
I meant it more in the sense that I got everything running the way I want to and I don’t want to go through the trouble of setting everything up again just yet: fixes for weird issues specific to my laptop; custom scripts to switch between DNS-over-HTTPS and local DNS; my overly complicated integration with my password manager; etc
It’s taken me a while to tweak the environment to my liking, and right now my priorities are elsewhere; I don’t want to have to distro hop and do all of this yet again.
Readit News
Apple, who is known for being pro-privacy, makes your Mac "phone home to obtain a special boot signature, known in Apple jargon as a 'ticket'" just so it can boot after an update.[0] It's also known that macOS has checked app signatures online for over 2 years [1] in the past, not sure if it still does.
I'm happily using a MacBook nevertheless and I bet a lot of people browsing HN also do. Free software should be better than that, but we (their users) should also make their developers' lives easier. You can't expect high-quality software from mostly-volunteering engineers if they are fighting fires, and data-driven decisions if there is no data to begin with.
[0] https://mjtsai.com/blog/2022/06/16/apple-reneged-on-ocsp-pri...
[1] https://eclecticlight.co/2020/11/25/macos-has-checked-app-si...
Apple has a few advantages that make this the case: a) they have really good marketing and b) they will always be compared against Google, Meta and Microsoft, which make their money from selling your data (either directly or through targeted advertising); whereas Apple makes their money from selling overpriced hardware.
But Apple is not pro-privacy, it is just less anti-privacy than other companies. And there are still people like me which would never use their products on principle.
It is still much less data, and does not allow them to identify you AFAIK. Even if they go with opt-in (not yet decided - it seems to be being debated and thy are asking for feedback) it is still far better than proprietary OSes.
That said, it's a funny choice for Manjaro to go for opt-out telemetry. As a simplified Arch it seems to be popular among privacy conscious users. (But I don't know the project goals, maybe that's just coincidental)
If one is very interested in security and privacy however, using VMs for isolation of different apps or services is important, so having an OS that helps that is useful. Bare arch _can_ do this, but requires quite a lot of script development.
Qubes seems to be the answer many grab for, though much is still written in C, which comes with all of the vulnerabilities mentioned constantly. So, something like https://diosix.org/ (a Rust-based hypervisor for Risc-V) is a great option to make a start towards decently secure system. Of course if your threat model includes state actors or something, you're SOL (change your perspective or what you're doing) since they always have an easy backdoor into any hardware, but sometimes things like diosix can protect against the constant script kiddies and other individual hackers.
Earlier you could in practice trust Apple etc with your data since it was inpractical to spy on you if you were 'insignificant'.
Machine learning changed that and now even mpre with the new LLMs, it is way cheaper to profile a random user.
I think it's a bit cliché; where do you draw the line? Should free software also display a copy of their license at first start and ask their users to click "I agree"?
When you start using a piece of software (free or not), there is a set of terms and conditions that you agree to (explicitly as is often the case with proprietary software or implicitly as with free software), which may include opt-out telemetry. As long as this is communicated, I don't see any problem with it.
To give credit where its due, I agree that Manjaro users may have never accepted opt-out telemetry when they first started using the OS and now this is being rolled out after the fact. Still, for a general-purpose OS that makes no privacy claims (e.g. Tails), I don't see how collecting their screen resolution etc makes a big difference. An average webpage today collects more than that in a single page view.
You're using weasel language. Are they known for it, or do they exhibit it?
>I'm happily using a MacBook nevertheless and I bet a lot of people browsing HN also do.
Yeah, of course I am too. Because when I voice certain displeasure with mass market products people tie too much of their ego to, well that makes me a cold cynical asshole subject to social rebuffing.
In office after office of software professionals, I am the weirdo for caring about product features. So at the next office, I just stopped having those opinions.
No. The standard is extremely simple, and for-profit companies deviate from it because there is no regulation guarding privacy sufficiently. No opt-out telemetry, ever. Opt-in telemetry is fine.
As a statistician, I get it. You want unbiased samples which an opt-out option helps to get to versus opt-in. But privacy has been violated too many times for people to be okay with opt-out telemetry.
The bar appears higher for FOSS because you can see the telemetry code directly. Just because for-profit companies are failing the bar doesn't mean FOSS should too.
You could also argue that opt-in telemetry still collects too much information, or programs might lie about not sending data in the first place.
Not really sure how to snap apple customers out of their dream, but i think people just like playing pretend, and like it even more when they pay a lot of money to do so.
I know that telemetry should be opt in, but no players will ever turn it on. And that leads to a conundrum- do I incentivize turning it on? Make it opt out? Gate some features (like heat maps on a play session or skill visualizations) behind it?
Would it be useful to have the ability to see exactly what was sent? Like, I could show a telemetry json or yaml blob in the options screen to show what events I collect. Would it be useful to have fine grained telemetry controls, like, the ability to toggle any arbitrary telemetry event from being fired?
It's a tough spot to be in, as a dev, to want insight into how people interact with your system, while also wanting to give people a chance to decline.
Still, can you do without?
> It's a tough spot to be in, as a dev, to want insight into how people interact with your system, while also wanting to give people a chance to decline.
It is, but the underlying issue is trust, or rather, lack of it. Vendors feel so entitled to this data, that even when they obey what's actually rule of the land over here in EU, they don't even try to level with the user and give them a reason to opt-in - they'd rather show a beg screen with information-free boilerplate text, and then act annoyed that pesky regulators and lazy users deny them the data they're entitled to. Thing is, they're not entitled to it. Never were.
"We collect data to improve our product and your experience" is zero-information-carrying bullshit that hardly anyone believes in. In fact, the first sentence of your comment is strictly superior - so much, that I'd consider opting in based on that alone:
"it's useful for me to have stats about how frequently abilities are used, what items players use, etc. to tune game systems"
Now I have at least some idea what you're collecting and why, and how it benefits me and other players. And, more importantly, you came forward with it.
> Would it be useful to have the ability to see exactly what was sent?
Very much yes. Not for everyone, most players probably won't care. But some will, and I imagine reviewers will too. Being open about what you're collecting would go a long way towards establishing trust with the players, and if more people would do that, it could even change the overall perception users have.
I know this is an unreasonable amount of work and most non-devs would not react differently or have a higher conversion rate.. but that's the type of reports I have given to various open source projects, because explaining it in detail and then sending different stuff I do not agree with is a kind of maliciousness I don't usually expect, except from content marketers and growth hackers.
Two adjustments I could think of that would make it better (besides explaining clearly, etc):
Ask me when you're not actively obstructing me from getting to what I want. Like asking on first boot I've gotten no value from the software yet that I might feel I need to pay back, and I'm actively trying to get _in_ to the game and your pop-up is in my way. The easiest and safest way to get rid of it is "do not allow". Try asking _after_ I finish a game/round/whatever.
And that would also give you the opportunity to do something like collect real analytics information to show to the user. Like "Hey I hope you're enjoying the game it's useful for me to have stats about how people use abilities and items to tune and balance the game systems. Would you be willing to contribute to the game's further development by sending information like that below which was collected from your last round?" And then skip the JSON/etc unless your audience is programmers, just show them a table.
Finishing some play time having had fun and getting a pop-up that explains what, why, and gives me a chance to make an informed decision on whether to send something innocuous like "(offset-timestamp, event-type, item-id/ability-id)"... I'd actually probably allow it.
A way to package it would be to show end of game stats compared to global averages. Histograms of mana/health/bullets vs the world standard. Maybe a personal historical trendline vs past performance. On that screen, give an option to share metrics with the community. Users can immediately see what the aggregated data can provide and might feel more likely to consent.
To be most user forward, keep a local non-obfuscated log of what is shared. This also makes it possible for dedicated users to potentially mine their performance.
That's helpful (as long as the user can opt not to send it after review), but to be honest, I never really trust that all of the data that is going to be sent is being disclosed. Our industry hasn't exactly behaved in a way that encourages trust.
This is true for big companies and absolutely false for everybody else. There is a worrying lack of nuance in your comments.
If you just ask the user yes or no and they massively decide no, who are you to turn it on by default and make them dig around to turn it off? Yes a lot of them won't go to that trouble or simply don't know it's there. But you know they're not ok with it when given the option.
Maybe an opt-in analytics type feature, a dashboard of sorts to see how one plays. I would be curious to see how often I use items, abilities etc. in games
Or wait do I have to launch the game and see if it prompts me?
Then add a: "If anything about that should ever change, you you will be notified and asked again within this game".
Then consider addin an option where technically interested users can actually see that data in full.
If you collect reasonable data and explain clearly why people help you the dev when they share it with you, more people might be inclined to do so.
If you make a wishy washy marketing speech that says nothing will just click no.
TL;DR: Be honest, precise and make a promise that people can check you on and explain why they help you with this.
Telemetry should always be opt in.
https://endeavouros.com/
Anyway, I gave Devuan another try a few months ago, and haven’t looked back. It let me put off my inevitable (?) switch to a BSD by at least another year.
I switched to Manjaro from Arch in 2017 because I don't have time to debug / fix broken updates, and the same Manjaro install has been completely stable since then.
Is there another distro which can do this (and I also don't want to have full reinstalls / upgrades every few years like Ubuntu/Mint)
It is one less reason to change from Windows to Manjaro...
People that can't get such a simple thing as no "opt-out" spyware in the distro right can't be trusted.
Telemetry must be opt-in only.
Arguably I collect some "telemetry" with some products I work on. It's some very basic "anyone even really use this feature" stats that I would find difficult to narrow down to a user / and some "woah did this crash" type information.
But that's nothing like some software...
But now the subscription is canceled, and I have to look for migration options (there will be pain). Maybe Debian is the safest? I don't have much time these days to maintain or install Arch, or even have time to keep an eye on telemetry gathering practices of my OS.
Install "popularity-contest" if you want to turn it on.
https://popcon.debian.org/https://qa.debian.org/popcon.php
I've been using Arch for the past decade and other than the turbulence when switching over to systemd, I don't do anything other than `pacman -Syu` and can only recall exactly one time where the system broke and it was because mkinitpcio failed to run after updating a kernel and was fixed by chrooting into my system and rerunning it.
I often had more issues with Debian or other distros because of having to fight the system to install packages that were built within the past year.
But you make me think... I should give Arch one more try before giving up!
Deleted Comment
MDD - Opt-in vs Opt-out
- Testers needed: Manjaro Data Donor https://forum.manjaro.org/t/testers-needed-manjaro-data-dono...
Makes me a little sad, I'm super comfortable with my current Manjaro Cinnamon setup. This ain't a big enough issue to migrate, at least not yet... but I'll definitely keep an eye out for more shenanigans and jump distro if it ever becomes too much.
It’s taken me a while to tweak the environment to my liking, and right now my priorities are elsewhere; I don’t want to have to distro hop and do all of this yet again.
https://news.ycombinator.com/item?id=42043539 ("Manjaro Linux prepares to enable telemetry by default (manjaro.org)")