Re: Privacy of crash reports
Jean-Marc van Leerdam wrote:
> Hi Stefan,
> (redirected to dev@)
> On 11/11/2008, Stefan Küng <tortoisesvn_at_gmail.com> wrote:
>> Lübbe Onken | RA Consulting wrote:
>>> Hi Stefan,
>>> You wrote:
>>>>> Hopefully a developer will be able to let me know how access to
>>>>> these reports is controlled and what data is collected.
>>>> Alredy mentioned before and fixed:
>>>> btw: that was not our fault - tigris gave them access to all
>>>> mailing list archives, but they didn't check the privacy settings
>>>> of the lists.
>>> Do you think it would be better to set up an e-mail address for the
>>> crashreports on tortoisesvn.net? Or would our poor server be flooded
>>> then? At least we are supposed to have more control over this server.
>> Let's leave it where it is and not make a huge deal of this.
> I am not familiar with the internals of the crash reporting, but would
> it be possible to somehow encrypt the data being submitted (with you
> and other key developers holding the private keys to decrypt the
> reports before analysing them)?
Maybe we could do that. But: the crash report dll is invoked when the
main application crashes. That means for the crash report dll: it must
not rely on the memory being clean but heavily corrupted. That's why it
has to not use any heap memory and as less stack memory as possible.
Adding encryption would break the crash report dll in many crash
situations so that it wouldn't work at all.
oo // \\ "De Chelonian Mobile"
(_,\/ \_/ \ TortoiseSVN
\ \_/_\_/> The coolest Interface to (Sub)Version Control
/_/ \_\ http://tortoisesvn.net
Received on 2008-11-11 19:12:57 CET
This is an archived mail posted to the TortoiseSVN Dev