Hacker News new | past | comments | ask | show | jobs | submit login

Privacy concerns aside, I personally don't appreciate binaries making network requests unless it's strictly required for them to function.



Where is that line for you? Is occasionally checking for security updates strictly necessary? Is reporting a crash to the devs so they can fix it necessary? What about sending system & usage telemetry so they can prevent future bugs?


For me, it's like GP said: Absolutely no unauthorized network traffic unless strictly required for the purpose of the software (e.g. curl). No security updates, crash reporting, telemetry unless you prompt the user and show the user exactly what will be sent (similar to how syncthing does it).

Anything less is voyeurism.*

* extreme language I know, but it's precisely how I feel about these acts.


> Where is that line for you?

None of the above is acceptable. Crash reporting can generate its output locally for people to manually send, if they choose to do so.


Do you know the definition of the word strictly? No, security and upstream convenience are not even remotely necessary for a tool to work




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: