etcher
etcher copied to clipboard
balena-io
Telemtery should be opt-in
- Etcher version: 1.7.9
- Operating system and architecture: Windows x64
- Image flashed: irrelevant
- What do you think should have happened: No information is sent to third-parties without my consent
- What happened: You require me to discover and opt-out of telemetry myself and happily send everything you want prior to that.
- Do you see any meaningful error information in the DevTools? No
Given that your product is recommended by Canonical as the way to put their images on storage media, I was unpleasantly surprised to find opt-out telemetry in your product. If you want to exfiltrate information from my machine, please ask me before doing so, so that I can then use a different product to flash images onto media.
@oliversalzburg wrote:
Given that your product is recommended by Canonical
Sad to hear that it still recommended - many others (like the raspberry trading ltd) luckily stopped already promoting this software.
Your issue btw. will not be addressed as balena knows already long time that they somewhat not compatible with eu rights.
Just a few of the issues mentioning the gdpr in the issue tracker: https://github.com/balena-io/etcher/issues/3476, https://github.com/balena-io/etcher/issues/3006, https://github.com/balena-io/etcher/issues/2977, https://github.com/balena-io/etcher/issues/2914, https://github.com/balena-io/etcher/issues/2890, https://github.com/balena-io/etcher/issues/2766, https://github.com/balena-io/etcher/issues/2599, https://github.com/balena-io/etcher/issues/2497
that I can then use a different product to flash images onto media.
If you are okay to not use a 0.5gb monster with ad/spy/etc-ware included but a simple yet powerful tiny (lesss than 0.5mb) program which just does it's job I can suggest USBImager :arrow_down:
Very naughty... And, I guess, I should have searched for other issues mentioning this subject.
Thanks for your advice! I just went with Rufus and then I went with Debian instead of Ubuntu. I really don't see the point in downloading a huge Electron app to write images. Stuff like etcher has no place in the Linux world that I know. Especially given the absolute lack of responsibility as demonstrated on this issue tracker.
As a privacy and security researcher and YouTuber, I have published many guides that involve flashing operating systems to flash drives and SD cards.
I totally agree with the following statement… I am always worried when publishing guides that use dd as one can easily destroy data.
Here at balena we have thousands of users working through our getting started process and until recently we were embarassed about the steps that involved flashing an SD card.
Thankful for Etcher which makes process less dangerous and more accessible to non-technical users. 🙌
That said, I use Little Snitch to monitor apps calling home and was mind blown when I realized how many times Etcher calls home (even once update checks and telemetry had been disabled).
Please make telemetry and any other calling home (including sentry.io monitoring) opt-in.
Raspberry Pi Imager is a more privacy-conscious alternative (see telemetry).
That said, Etcher nailed the UX… perhaps Etcher could implement a flag to disable telemetry like Raspberry Pi Imager did.
Even better… telemetry could be opt-in.
many others (like the raspberry trading ltd) luckily stopped already promoting this software.
luckily they still find balena useful as they still use balena packages.
Thanks for the thoughtful words @sunknudsen , as you see with releases 1.14+ the logging part is under complete revamp. All data were anonymized before, and that will be more visible from now on. UI changes to opt-in could come down the road.
On your second comment about RPi Imager, I am a bit surprised, they have also opt-out, more hidden than Etcher. You need to select an image first, so the config button in the lower left appears where you need to scroll to the bottom to remove the tick. The data they collect written on the link you added is really understandable, etcher did the same. On top of that, behavior on the UI and errors. Changing the configuration through the command line or other editor, etcher too can be started the first time already with analytics disabled. You are right our documentation is not that good, not like many people read it. 😅 If they would read we would have much fewer issues repeating the same. And if you read those issues "it does not work!" without any useful details, I hope you see how helpful or life-saving some error logs are.
I liked your guides and videos, they are really good quality, organized and understandable 👍
There is nothing lucky about anyone depending on any piece of this. It's sad, if anything.
Thanks for joining conversation @mcraa.
Changing the configuration through the command line or other editor, etcher too can be started the first time already with analytics disabled.
Promising… how? That should be surfaced on README.md.
And if you read those issues "it does not work!" without any useful details, I hope you see how helpful or life-saving some error logs are.
Feel you… I also use Sentry. That said, great apps should always ask users before submitting bug reports that typically include sensitive data such as the user’s IP, OS, and, often more… Sentry is by default very data hungry (which, arguably, can be circumvented by privacy-conscious developers).
Promising… how? That should be surfaced on README.md.
When you toggle it on the UI, it is saved into a config.json file in the userData directory (different path for different OSes).
Editing that file setting errorReporting: false, or removing analytics related properties from the same or package.json as accessed in the corresponding module
(I could be wrong as it was updated recently by another developer.)
Disclaimer: I have no tie with Balena whatsoever. Just a random prog.
Guys can you chill for a second ?
I was reading: https://github.com/balena-io/etcher/issues/2977
I quote @sneak "The data Etcher transmits from my machine includes my IP address, which uniquely identifies me"
You guys do not understand internet for first. IP address does not always identify you uniquely, for especially IPv4 because you are in a package with other customers from that ISP.
Also just going on github posting a post is giving your IP to Microsoft. So stop crying for IP. IP is public information not private.
I understand that for a free software with no license management telemetry is just for statistics and you don't want to be in any stats but stop calling it spying if the only payload is IP address. I also understand the principle of asking authorization for everything but don't bend the truth by saying it is spying when it is not because you become also dishonest for people claiming to be ethics fighters.
Hell even if the payload contains hardware models it is not spying because knowing you have an intel or amd cpu won't change a thing regarding your ID. Spying is uploading user data like your pictures or passwords and such. Anything else is not spying, it is data collection but not spying, learn the difference.
As long as Etcher explicitely says what they collect and there is no user generated info or unique HWID it is not spying.
Also just use a firewall and block the app. Or modify source code or use an other software if you are not happy.
In other words: don't exagerate claims.
Guys can you chill for a second ?
I've been chilling for more than a year. Hope that helps 😊
Beyond that, I don't agree with much of your comment. I don't care if Microsoft has my IP address. That was never the subject. You don't need to defend behavior that you don't fully understand yourself. Exfiltration of information needs to be opt-in. Period.
TL;DR: I didn't read the code of Balena but since you created the post you probably did the work: what does Balena exfiltrate exactly?
I agree that your post was less emotional than the one I linked but if IP is the only payload gathered by Balena then there is no exfiltration since it is generated by your ISP not by you.
Because if it is an empty POST ping there is nothing besides whats in the frame of a HTTP packet.
The point of my post is not Balena, it is the general idea of exagerating claims like in the post I linked initially which is locked so I replied in an open thread which was similar... Yours.
I like detailed evidences like https://github.com/balena-io/etcher/issues/3476.
If blocking phone home blocks the app then yeah just uninstall it and use something else. If audit shows that payload is more than what privacy policy states... Same.
If you have strong opinions (beyond law limits) and a service doesn't fit your moral values, don't use it (which you did and I respect that).
I just don't like general claims not backed by facts and in your case you say they exfiltrate info. Pinging a server is not exfiltration. You have to prove there is payload without user content to be an extraction of info. And I double checked this thread and found none.
Also I am no lawyer and I am pretty sure most devs are not so I would not bet any of us really understood the law (which proves laws are poorly written). But again I undestand that law is irrelevant to you. You just have an opinion and wish Balena to change to change and fit your view of how the world should be.
This is not a question of “opt in” or “opt out”: we have to do the morally right thing. While this is probably not going to be a popular opinion here, I will say this respectfully in good conscience [who I am should be irrelevant to the following statements].
Reject abusive or otherwise ethically questionable software, free or nonfree, and warn and help out your friends, your community, about that too. Which is trivially easy when there are better free options already. It’s also important for one to make donations as much as possible to support whatever work they like, so that its author may not need to make them adware or spyware.
@Scr3amer
Also just going on github posting a post is giving your IP to Microsoft. So stop crying for IP. IP is public information not private.
That is not quite true. Currently one can sign up and use Github exclusively on Tor—browsing with Tor Browser, and otherwise via Socks5 proxy (when signing up, use an anonymous email address which itself can be signed up and used exclusively on Tor). How long Github will allow privacy-oriented users is anyone’s guess. Soon or later they’re likely to become a garden with higher walls with the pretext of security or something, possibly even requiring your biometric info. Freedom to study and modify codes are two of our core values, and in principle free activities, by definition, should be able to be engaged freely by anyone, without showing a government-issued photo ID or anything like that.
I trust that anyone will agree that Github provided by Micro$oft is not exactly an ideal place for free software—at least spiritually. This situation has been questioned since long time ago and programmers with good intuition, or who need privacy, are indeed not using Github. An exception could be an intentional free-speech test as in Tornado Cash (once kicked out and now fighting back supported by eff), but that is a “meta-use” for demonstration i.e. not like they really want to use Github in an oridnary sense.
Escape from “them” before it’s too late.
We're taking your suggestion into consideration. Note that the telemetry is anonymize on both the client and server and we don't store PII.
