About stats

July 7, 2008 – 2:06 pm by Maximilien Cuony [The_glu]

Lots of users, dues to the last post I suppose, have some questions abouts stats we collect.

Yes, there aren’t any warning about this stats because we forget to say it on the new update page (before it was inside FireGPG). It’s a problem, and we will add a notice for the next release.

Which stats are collected ?

Of course, don’t worry. We’re not collecting information about how do you use FireGPG or the average length of yours passwords ;). There both stats: Installations and XpCom.

Stats about installations send us the version number of FireGPG which you just installed and the previous version installed, if there one (so if there aren’t, we know it’s not an update but probably a new user).

Stats about XpCom are new and temporally. We send the status of the XpCom (if he works, if he doesn’t, if he is disabled), and the platform (Gnu/Linux, Windows).

There is only this, and ping are send only we you update FireGPG (or when the stats of the XpCom change, but it’s not very common).

Only these information are stored. Yes, we have in Apache logs more information: your Firefox’s version, your ip, when you install FireGPG. But first, we don’t read them, and then there are deleted after 7 days. It’s like we you navigate on a website: anybody who own a server can have the same information we you’re using it. And *erm* who relay care if you are currently reading this post at 23:12:21 on 04/02/08 from your office? We’re not Big Brother ;).

Why stats?

For the XpCom because we don’t know how the XpCom will work and as it’s a very critical feature, who we can’t test ourselves, the solution was to let’s user test themselves and get back stats. Have a look at the last post for more information ;). Notice that when the XpCom will be stable (about 2 or 3 versions) we will deactivate this stats.

For stats on installation: we want to know how FireGPG is used. FireGPG take us a lot of time and I think it’s normal we’re able to see how he is installed/updated: it’s a kind of ‘recognition’ of our work by having information about how he is popular…

Someone say we should remove this stats because FireGPG is a critical, as he works with GnuPG. I totally disagree. First for points explained before and then, if you trust us for using FireGPG in general, I suppose you can trust us to send only ‘goods’ pings and not adding spy in our addon

  1. 2 Responses to “About stats”

  2. —–BEGIN PGP SIGNED MESSAGE—–
    Hash: SHA1

    I don’t like it. If it were openly disclosed up front from the start,
    I still would not like it. Sorry, i prefer to just type from the command line
    gpg –clearsign filename
    and then paste the contents of the resulting filename.asc

    For example, I’m gonna gpg sign this comment.. not that you all have my public
    key, but it is on the public keyservers. Those that know me well, have it. And
    will thusly be able to verify that my snippy remarks have not been tampered with :P

    If relying on statements such as “We’re not Big Brother ;)
    constitued sound security policy, who would need OpenPGP anyway?
    —–BEGIN PGP SIGNATURE—–
    Version: GnuPG v1.4.9 (GNU/Linux)

    iEYEARECAAYFAkr9FbcACgkQ5krsbgKesWUYVgCeL3aE17×7Fe8cD0JWZDKvAZmb
    TeIAmwYtdTHakn7J+OukbFlUzi1dMeVY
    =V2cs
    —–END PGP SIGNATURE—–

    By Joe Sniderman on Nov 13, 2009

  3. I don’t care you don’t like it. Just don’t use FireGPG…

    By Maximilien Cuony [The_glu] on Nov 13, 2009

Post a Comment

FireGPG’s developers blog is proudly powered by WordPress Entries (RSS) and Comments (RSS). Theme by Bob