Subject: Re: What happened to the good ntop?
To: None <tech-pkg@NetBSD.org>
From: Alan Barrett <firstname.lastname@example.org>
Date: 03/25/2005 09:14:55
On Thu, 24 Mar 2005, Johnny Lam wrote:
> >What does "phones-home-by-default" mean exactly? If this is basically
> >"spy ware", then any pkg that does this should be removed from pkgsrc.
Yes, it's spyware, but it has a command line option to tell it not to
act as spyware. It fetches a web page from its home site, ignoring
the http_proxy environment variable, and deliberately constructing a
user-agent string to identify several things about your system. Here's
an example from the ntop/html/privacyNotice.html file that you get if
you do (cd pkgsrc/net/ntop ; make extract):
ntop/2.2.98 host/i686-pc-linux-gnu distro/redhat release/9
kernrlse/2.4.20-8sm GCC/3.2.2 config(i18n) run(i; u; P; w; t;
logextra; m; instantsessionpurge; schedyield; d; usesyslog=; t)
gdbm/1.8.0 openssl/0.9.7a zlib/1.1.4 access/http interfaces(eth0,eth1)
The home site gets that information, plus your IP address, in
> No, the right approach is to warn explicitly that this behavior occurs.
> I see no reason to be prejudicial against these types of packages by
> removing them from pkgsrc, and I haven't heard any good arguments to
> make this case yet.
I agree. There's no need to remove such things from pkgsrc, but I
would like them not to be built or installed without deliberate special
action. Just printing a message at install time is not enough, because
those often messages fly past too fast to read. A mechanism like the
existing LICENSE mechanism would be good.
--apb (Alan Barrett)