Bug 492917

Comment 1 Marcel Bruch 2016-05-03 16:52:13 EDT

Before getting into details. Does this need some kind of opt-in by the user?

Comment 2 Marcel Bruch 2016-05-24 06:28:54 EDT

Ian,

where does that UUID come from / where do I get it?
Which format is it?
Does it require a user opt-in?
Does it have to be in the http headers
  - or would it suffice to use that instead of the anonymous reporter id?

If the answers are: 
"just lookup a preference in eclipse"
"it's a string" or "it's a java UUID object"
"no, there is no need for opting in"
"no, using this instead of the anonymous reporter id would suffice"

Then: Sure. No problem.

Comment 3 Antoine THOMAS 2016-05-24 11:46:54 EDT

(In reply to Marcel Bruch from comment #2)
> Ian,
> 
> where does that UUID come from / where do I get it?
The UUID is available since Neon M7. You can find it manually :
 - in Help > about > Installation details > configuration, look for eclipse.uuid
 - in your .eclipse folder, in the eclipse.uuid" file

> Which format is it?
It is a series of hexadecimal numbers. here is the UUID on my laptop, as an example: eclipse.uuid=e13aa9fb-c4b2-46d0-83d6-0d039fbddc43
The structure is always the same.

> Does it require a user opt-in?
No, there is no need for opting in. Eclipse will create it. There is one UUID per workstation, even if there is many different Eclipse installations on the same workstation.

> Does it have to be in the http headers
At the moment, Eclipse uses the UUID when searching for updates, adding it in the "user agent" information. So something like that would be great.

>   - or would it suffice to use that instead of the anonymous reporter id?
Not sure.

Comment 4 Marcel Bruch 2016-05-27 03:16:43 EDT

Thanks Antoine.

(In reply to Antoine THOMAS from comment #3)
> > Does it require a user opt-in?
> No, there is no need for opting in. Eclipse will create it. There is one
> UUID per workstation, even if there is many different Eclipse installations
> on the same workstation.

This is more a legal question than a technical question. For the error reporting one constraint was to use randomly generated anonymous ids. When using the same system id for all services this anonymization disappears to some extent. 

Before using this user/system-id, I'd like to make this known to Wayne (cc'ed now) and get his +1 for this.

Comment 5 Ian Skerrett 2016-05-27 08:23:06 EDT

(In reply to Marcel Bruch from comment #4)
> Thanks Antoine.
> 
> (In reply to Antoine THOMAS from comment #3)
> > > Does it require a user opt-in?
> > No, there is no need for opting in. Eclipse will create it. There is one
> > UUID per workstation, even if there is many different Eclipse installations
> > on the same workstation.
> 
> This is more a legal question than a technical question. For the error
> reporting one constraint was to use randomly generated anonymous ids. When
> using the same system id for all services this anonymization disappears to
> some extent. 
> 
> Before using this user/system-id, I'd like to make this known to Wayne
> (cc'ed now) and get his +1 for this.

fwiw, the uuid does not contain any personally identifiable information so we are fine from a privacy perspective. 

Of course Wayne should also comemnt here too.

Comment 6 Marcel Bruch 2016-05-27 08:39:26 EDT

It depends on your view point. 
But I'm arguing against using the eclipse.uuid in aeri.

I just want to make sure that the people we discussed the privacy issues before agree to that change. I want to be safe in case some user complains.

Comment 7 Ian Skerrett 2016-05-27 08:48:02 EDT

(In reply to Marcel Bruch from comment #6)
> It depends on your view point. 
> But I'm arguing against using the eclipse.uuid in aeri.
> 
> I just want to make sure that the people we discussed the privacy issues
> before agree to that change. I want to be safe in case some user complains.

OK, I didn't realize you were against using it. :-)  UUID is going to be used by p2 and MPC. We hope to have other projects that make calls to eclipse.org servers to include the UUID. This will allow us to get a better understanding on how developers are using Eclipse. 

What privacy issues are you concerned about?

Comment 8 Marcel Bruch 2016-05-27 09:09:58 EDT

Sorry! I'm *NOT* arguing against using it. These three letters magically disappeared from my reply...

Comment 9 Ian Skerrett 2016-05-27 09:11:14 EDT

(In reply to Marcel Bruch from comment #8)
> Sorry! I'm *NOT* arguing against using it. These three letters magically
> disappeared from my reply...

LOL, that is classic and made my day. :-)

Comment 10 Wayne Beaton 2016-05-27 14:42:46 EDT

(In reply to Marcel Bruch from comment #4)
> This is more a legal question than a technical question. For the error
> reporting one constraint was to use randomly generated anonymous ids. When
> using the same system id for all services this anonymization disappears to
> some extent. 

I believe that the intent here is to capture the UUID in the server log and to avoid making any direct connection to the optionally-provided user name and email address. i.e. I don't think that we want you to connect this UUID to the actual record that you're storing. 

The payload itself doesn't get recorded in the logs, so this should not expose the user's anonymity.

I believe that the randomly-generated anonymous ids that you are associating with the actual reports don't need to change. Somebody will correct me if I'm wrong.

> Before using this user/system-id, I'd like to make this known to Wayne
> (cc'ed now) and get his +1 for this.

Comment 11 Marcel Bruch 2016-05-27 15:40:51 EDT

(In reply to Wayne Beaton from comment #10)

Rephrasing: Would it "hurt" / "be okay" if we use the same UUID?

Comment 12 Wayne Beaton 2016-05-30 13:32:39 EDT

(In reply to Marcel Bruch from comment #11)
> Rephrasing: Would it "hurt" / "be okay" if we use the same UUID?

Please don't associate the UUID directly with error reports.

The UUID should only appear in the request so that it gets recorded in the server log.

Comment 13 Eclipse Genie 2016-06-01 08:36:49 EDT

New Gerrit change created: https://git.eclipse.org/r/74214

Comment 14 Marcel Bruch 2016-06-01 08:41:29 EDT

What's the expected http header name? I'm using "eclipse.uuid".


Please note that I do no use the same format as P2 b/c it sends far more information in its headers than requested, the format is not standardized, and is subject to change with every release (e.g. Neon/SR-0).

If clients should all use the same format, please provide a system property that can be reused for that purpose.

Comment 15 Eclipse Genie 2016-06-01 11:03:50 EDT

Gerrit change https://git.eclipse.org/r/74214 was merged to [master].
Commit: http://git.eclipse.org/c/epp/org.eclipse.epp.logging.git/commit/?id=96f4a2bed9a1bc2d28213dc22a68bb7bf13f8814

Comment 16 Antoine THOMAS 2016-06-01 11:06:13 EDT

eclipse.uuid is fine. and we can also find it using a regex if necessary.

Comment 17 Eclipse Genie 2016-06-01 14:14:22 EDT

New Gerrit change created: https://git.eclipse.org/r/74292

Comment 18 Eclipse Genie 2016-06-01 14:19:10 EDT

Gerrit change https://git.eclipse.org/r/74292 was merged to [master].
Commit: http://git.eclipse.org/c/epp/org.eclipse.epp.logging.git/commit/?id=3f0c6dbd637ea526634e98b6aee7cf5a492079ce

Comment 19 Marcel Bruch 2016-06-02 15:11:04 EDT

That change was contributed to RC3. 

Ian,
please consider announcing the availability and use of the opt-out eclipse.uuid on all appropriate -dev@eclipse.org mailing lists. I got the first complaint from a user [1].




[1] https://twitter.com/manandbytes/status/738442786685505536

Comment 20 Ian Skerrett 2016-06-02 16:16:25 EDT

(In reply to Marcel Bruch from comment #19)
> That change was contributed to RC3. 
> 
> Ian,
> please consider announcing the availability and use of the opt-out
> eclipse.uuid on all appropriate -dev@eclipse.org mailing lists. I got the
> first complaint from a user [1].
> 
> 
> 
> 
> [1] https://twitter.com/manandbytes/status/738442786685505536

A note has been added the the 4.6 N&N. I hope that gets the word out.

Comment 21 Marcel Bruch 2016-06-02 17:03:56 EDT

(In reply to Ian Skerrett from comment #20)
> A note has been added the the 4.6 N&N. I hope that gets the word out.

The N&N is an after-the-fact announcement. All changes are done at that point and are irrevertible. The EF requires projects to get the user's consent (opt-in) before any data is collected. If this gets announced in N&N the first time, users will get the impression that the Foundation was afraid to announce this publicly on their development lists before the release. 

Personally, I wouldn't wait until N&N. But it's the EF's staff responsibility and decision how and when to make this announcement. 


Having said this, I'll close this bug as fixed. The announcement of that behavioral change in AERI is left to the EF.

Comment 22 Antoine THOMAS 2016-06-03 04:23:14 EDT

I agree with Marcel, we should communicate. Ian, maybe we should do a blog post and/or a topic on the forum about it. Something like "Help us to test the UUID", or "We need your feedback about the UUID".

We can simply explain what it is, that it is anonymous, only for eclipse.org websites, that we will using it to have a better understanding of the use of Eclipse Platform (please correct me if I am not using the good name), remember that all software editors are doing that today, so that there will be a true benefit for the users on middle/long term. 

And yes, UUID is opt-out, but like Mozilla does for Firefox (at least on Ubuntu, but I am not sure on Windows or Mac). So we must tell how to opt-out, etc.

Then, we ask people for their feedback. We can also create a poll.

What do you think of this idea?

Comment 23 Ian Skerrett 2016-06-03 11:17:01 EDT

I have sent an email to the cross-projects mailing list. I can also plan to do a blog post closer to the Neon release. Any other place you think we need to communicate about the UUID?

Comment 24 Marcel Bruch 2016-06-03 15:10:57 EDT

(In reply to Ian Skerrett from comment #23)
> I have sent an email to the cross-projects mailing list.
Thank you.

> I can also plan to
> do a blog post closer to the Neon release. 
Good.

> Any other place you think we need
> to communicate about the UUID?

No. I think a many "key eclipse people" are on cross-projects. This includes PMC and architecture council members. If that does not trigger any discussions, then nothing else will from committer's side.

Users will probably notice that uuid thing after the release anyways if ever.

Comment 25 Markus Knauer 2016-06-05 11:40:40 EDT

After a long discussion on the cross-project mailing list [1] we decided to remove the UUID in Platform (see bug 495484). Therefore I'm asking to revert the relevant changes in AERI.


[1] https://dev.eclipse.org/mhonarc/lists/cross-project-issues-dev/msg13204.html

Comment 26 Eclipse Genie 2016-06-05 14:13:39 EDT

New Gerrit change created: https://git.eclipse.org/r/74587

Comment 27 Eclipse Genie 2016-06-05 14:44:44 EDT

Gerrit change https://git.eclipse.org/r/74587 was merged to [master].
Commit: http://git.eclipse.org/c/epp/org.eclipse.epp.logging.git/commit/?id=0a349fc69c792ca6618a5ed65493029214848b2e

Comment 28 Marcel Bruch 2016-06-05 14:54:00 EDT

Released to milestones (== simrel) update site via https://hudson.eclipse.org/packaging/job/epp-logging.head/628/