created a data policy for OONI #57
Conversation
|
|
||
| OONI software users can choose to *opt-out* from the collection of country codes | ||
| by editing the ooniprobe configuration file inside of | ||
| `~/.ooni/ooniprobe.conf`. |
There was a problem hiding this comment.
Perhaps it would be good to point to a piece of documentation where it is explained how to do so? My initial suggestion was to provide such information inline, except that linking is more robust in the long term to updates in the config file syntax.
There was a problem hiding this comment.
Agreed. I added a link to the configuration section of the ooniprobe README. Currently this documentation is not comprehensive, but I imagine that it will get updated soon and the link here will point to that,
|
I really like what I've read, well done! I've added some comments in specific places where I think it would make sense to invest some more effort to improve the text! |
|
|
||
| OONI does *not* use tracking cookies, analytics or any other tracking | ||
| technologies through its [website](https://ooni.torproject.org/) and does *not* | ||
| collect any information about its website visitors. |
There was a problem hiding this comment.
We should ensure that no web server logs are being kept.
There was a problem hiding this comment.
FYI, this is the log configuration for ooni.tpo: LogFormat "0.0.0.1 - %u %{[%d/%b/%Y:00:00:00 %z]}t \"%r\" %>s %b \"%{Referer}i\" \"-\" %{Age}o"
There was a problem hiding this comment.
Good point! @hellais just checked this and I'm editing the document now.
There was a problem hiding this comment.
@hellais does this applies to both access and error HTTP logs?
There was a problem hiding this comment.
For measurements.ooni.torproject.org and explorer.ooni.torproject.org :
Error log: /dev/null
Access log:
ap $remote_addr $anon_remote_addr {
"~^(?<ip_a>\d+\.\d+)\.\d+\.\d+" "$ip_a";
}
log_format combined_anon '$anon_remote_addr.0.0 - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent"';
@hellais are there more servers that we don't cover?
There was a problem hiding this comment.
@anadahz I was told the error log may include more information for ooni.torproject.org, though it wasn't specified exactly what that could be.
There was a problem hiding this comment.
Hum, maybe we should not be logging the http_user_agent and the first 2 octets of the IP.
There was a problem hiding this comment.
@hellais any suggestions where to find more info about the error log info of ooni.torproject.org does this collect the same info as in www.torproject.org?
Access.log suggestion:
log_format combined_anon '0.0.0.9 - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer"';
|
It seems that there is a lot of text duplication, perhaps it will make sense to have Overall really good work thank you for working on this! |
Yes, I noticed the same and was about to make a similar remarks. Then, I though that perhaps, since this document is meant to be read more by users than by developers, some redundancy inside it would have been beneficial to the reader. |
| OONI software users can choose to *opt-out* from the collection of their | ||
| network's ASN by [editing the ooniprobe | ||
| configuration](https://github.com/TheTorProject/ooni-probe#configuring- | ||
| ooniprobe) file inside of `~/.ooni/ooniprobe.conf`. |
There was a problem hiding this comment.
Note to self. Fix the link in the merge.
|
Yeah I think it's ok that there is duplication as I would expect that somebody would read this not necessarily entirely, but just the specific sections they are interested in. As soon as the following issues:
are resolved I will proceed in merging this. |
|
This looks good to me. I think it's good to merge. |
|
I think this is ready to merge. Will cleanup the broken links and integrate into master. |
I wrote a Data Policy for OONI. All feedback welcome. :)