https://wiki.parabola.nu/ParabolaWiki:Privacy_policy but you collect them
Updated by bill-auger about 1 year ago
- Priority changed from bug to discussion
im not sure what this is referring to; but nothing is being "collected" - some rogue requests are being filtered and some IPs are being blocked - that was hoped to be temporary; but if the noise does not cease, then the policy may need to be changed
It should be noted the the SYN flood protection pays attention to half connections in which the TCP 3 way handshake is never completed (SYN flood attack). Only very rarely would if catch an actual connection attempt. Also the Logging was primarly for Debugging the protection (making sure it wasn't catching actual connections) and would be trivial to turn off.
It also should be noted that that protection is not even active as the threat has passed.
Updated by bill-auger 12 months ago
i do not recall any event of that sort
this ticket is a great idea in theory; but it was not necessary
- it is not a new concern - the same intention is already
a fine ideal, which is upheld whenever possible - in practice
however, any network service which is totally anonymous, will
inevitably become a magnet for trash, which can over-whelm the
admins, and the service becomes useless for any intended purpose
even if all connections were logged permanently, and the
still, that is not an invasion of anyone's privacy; because that
information would not be publicly accessible, nor divulged to
any third-party - also, even if full logging were an implicit
privacy concern, no one ever needs to connect to the parabola
servers, in order to use parabola, download packages, nor to
communicate with the dev team - all of those things can be
accomplished via mirrors, email, and IRC
the important thing to note, is that every user of any distro,
who installs a binary package from any source, trusts the
packager implicitly by doing so - reading server logs would be
among the least fruitful ways to to collect information about
users and their computing activity - the IP address of any
legitimate user, or which packages are downloaded, is simply
Updated by sdfoijsaodif 12 months ago
I have found exact log messages on my IRC logs.
T 1586544140 1oaken-source1> I will check the redmine logs. and if I find out that the IP that created the account matches the IP that created the issue, you're in trouble.
and after some time
T 1586544415 1oaken-source1> I bluffed. that's different :)
Updated by oaken-source 11 months ago
Hey, sorry for the confusion. when I made that statement on IRC, I was bluffing, meaning I didn't know whether there were logs or not. The statement was made partly in jest, and partly to provoke the person I was communicating with into admitting that they were indeed themselves responsible for the spam they were reporting, by claiming that I had proof of that while I clearly didn't.
In other words, there never were logs. Any claims otherwise from my side were just plain false.