[kwlug disc.] trixbox as spyware - and worse?
John Van Ostrand
john at netdirect.ca
Mon Dec 17 14:16:35 EST 2007
Lori Paniak wrote:
> The current beta versions of trixbox CE (2.3.x) include a perl script
> (/var/adm/bin/registry.pl) which "phones home" to a fonality (trixbox's
> owners) server via a cronjob at 3:38AM each morning. This is the
> default (and unannounced) configuration of the system when installing
> from CD iso.
>
I don't mind the idea of "phoning home" for the reason of collecting
simple usage stats. I like the idea because it gives statistics that
proprietary software has always been able to determine from sales
reports. I'm confident that open source software has a larger installed
base than people think and I'd like to see it backed up with actual numbers.
> The script downloads a list of commands to executed on the local machine
> (typically with root privileges) and uploads the encrypted results back
> to the server.
>
Now that's disturbing. It's invasive, has the potential to collect
anything and it opens the door to a mistyped command brining down all
the trixboxes at once.
--
*John Van Ostrand* *Net Direct Inc.*
CTO, co-CEO 564 Weber St. N. Unit 12 map
<http://maps.google.ca/maps?q=564+Weber+Street+North+Unit+12,+Waterloo,+ON+N2L+5C6,+Canada&ll=43.494599,-80.548222&spn=0.038450,0.073956&iwloc=A&hl=en>
Waterloo, ON N2L 5C6
john at netdirect.ca Ph: 866-883-1172 ext.5102
*Linux Solutions / IBM Hardware* Fx: 519-883-8533
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://listserv.ccjclearline.com/pipermail/kwlug-disc/attachments/20071217/6c4348b3/attachment.htm
More information about the KWLUG-Disc
mailing list