2009/4/2 Sebastian Pipping <webmaster@...>:
[...]
>>  What if there would be a unique identifier (hashed MAC
>> address?) that just identifies the Gentoo installation, would that be
>> enough?  That way you can track without any privacy issues involved, I
>> think.
>
> We could use such an identifier to identify repeated submissions
> (users should send in more up to date again later) and handle
> some kind of "database pollution" attacks.  We wouldn't catch
> attackers that change their MAC before submission.

Not sure how you can deal with this. How does Smolt or Debian's thing
deal with it?

> I suppose a privacy issue still exists as you might be able to
> resolve certain changes in submission data over time down
> to a person.  I better not construct scenarios here, but I'm
> afraid that would be possible.

Quite frankly, I think anybody who is worried about this attack would
be too paranoid to send you that data anyway. I mean, you could even
potentially match timestamps related to the db updates with server
logs and IP addresses. Again, if someone is paranoid enough about
their privacy to worry about such an attack, they wouldn't submit
their data anyway.

I think you'll need to strike a balance between the effort taken to
increase privacy by a factor of 'x' and the number of particpating
users you stand to increase because of this improvement.
-- 
Arun Raghavan
(http://nemesis.accosted.net)
v2sw5Chw4+5ln4pr6$OFck2ma4+9u8w3+1!m?l7+9GSCKi056
e6+9i4b8/9HTAen4+5g4/8APa2Xs8r1/2p5-8 hackerkey.com