[ninjin]

As someone that was active in the previous HN thread [1], this one, and in the Discourse one this position has popped up several times and it perplexes me. Attaching a persistent UUID on top of a protocol that carries your IP can not be more private as you are giving away additional information that would have to be inferred statistically from the IP alone. Now, we can argue other benefits of the UUID, but simply calling it a day by ignoring the fact that you are already giving away your IP is just baffling to me. Am I being thick here? What am I missing?

[1]: https://news.ycombinator.com/item?id=23706271

[detaro]

> What am I missing?

I'm guessing there's an unspoken assumption that given a UUID the server-side would not log IPs. It then comes down to trust that they'd stick to that.

[ninjin]

Thank you, that could be it. Then again, there would at least have to be a separate log somewhere on the same box with IPs to counter abuse. I think creating and using a UUID without explicit opt-in is still a red line for me, but I do concede that I could very well be too paranoid for the good of myself and the community as a whole.

I should probably get back into the Discourse thread to see if I can contribute constructively, but the amount of back and forth between mostly “My freedom!” and “Tū quoque!” [1] in the thread over the weekend – apart from me being far too busy to take the time to summarise it all – has kept me away, although it looks way better over the last few hours. With the little free time I have I would rather work on my Julia code. '^^

[1]: https://en.wikipedia.org/wiki/Tu_quoque

[fiddlerwoaroof]

Yeah, it sounds like they’re designing a way for package authors to get usage stats: imo, this extra piece of data doesn’t really help the server owners de-anonymize because it’s less identifying than the data the server is already collecting as an http server (especially if it’s in an unlogged part of the request like a header or a post body). But, even if it is a privacy risk relative to the server owners, it’s preferable that data derived from this uuid be shared with package authors, rather than IP-based data, because it’s based on a less-identifying datasource, which means that even if someone were to breach the database, they’d have less ability to de-anonymize people.

Also, I find this whole discussion to be somewhat irrelevant when talking about a service serving up arbitrary code to be executed on your machine: if you don’t trust the server owners, you really shouldn’t be executing the code they serve up.