-
Notifications
You must be signed in to change notification settings - Fork 12
Opt-out should not send telemetry #33
Comments
This comment has been minimized.
This comment has been minimized.
The dialog does not indicate that it will happen via the network. Even if the text is updated, it is absolutely not reasonable to transmit telemetry data when the user explicitly clicks the "please don't send telemetry data" button.
Edited.
Edited. I updated the version and the name of the tracking companies in the issue. |
FYI, the software attempts to connect to |
@Arcanemagus - your updated title for the issue is incorrect. The software is connecting to |
Description
Atom violates a user's consent by silently spying on them (transmitting their opt out) across the network to Microsoft processes running on Amazon servers/network.
Steps to Reproduce
Expected behavior:
No telemetry is sent.
Actual behavior:
Telemetry is sent.
Reproduces how often:
100% of the time a user selects opt out.
Versions
1.41.0
Additional Information
The text "We only register anonymously that you opted-out." is a false statement.
The "registration" is a network request that is absolutely not anonymous: it includes your IP address, which, in the right hands, is a physical location. The method used by Atom to transmit the information cannot transmit anonymously.
It's compounded by the fact that you have explicit withdrawal of consent to such tracking, and yet you're still spying by transmitting user activity data. This is really, really bad.
When the user opts out of tracking, you don't get to make any more tracking web requests using their computer. Doing so makes the opt-out button fraudulent. As others have pointed out in atom/atom#12281, the text below it does not even plainly indicate that it's going to be transmitting this information to thousands of other people, instead opting for the weasel word "register", which could be interpreted to mean only locally (which is what a reasonable person would guess considering they're opting out of tracking). Instead, you enable them to be tracked.
It doesn't matter that you don't see the IP address; many others at GitHub, Microsoft, and Amazon, as well as those who have access to Amazon's network data, can. This is thousands, perhaps hundreds of thousands of people (over 1M humans have a TS clearance in the USA). Thanks to people like Ed Snowden, we now know that permanent logging of such information by third parties is routine, and thanks to the extent of their reach, we know that they can easily resolve IP addresses to physical location.
The text was updated successfully, but these errors were encountered: