Smolt and Privacy

One of the biggest issues with Smolt that seems to draw a lot of conversation and controversy is privacy. Everyone is justifiably worried that Smolt could be used to track the total hardware capacity of anyone by IP address, and I agree, the potential for abuse is very real. The beauty of Open Source lets anyone poke around Smolt's source code and see that none of our databases have any conspicuously named fields 'submitter_ip' or 'suckers_ip'. This is certainly far greater than many other web applications out there, such as Gmail and Microsoft Live Whatever, who certainly won't release source code as a matter of internal IP. Certainly, there is a bit of doubt, because once we deploy Smolt on the server, no one but a select few Red Hat employees can see it.

So what is it about Smolt that turns it into a pariah web app when I start requesting comments on some great ideas people bring up? This past week, one of the file systems people mentioned it would be interesting to see statistics on the file system of choice per distribution. Red Hat has had their hands invested in ext3 and their gfs, but other distros tend to favour flavours like reiserfs, jfs, and even xfs. Nothing beats real world statistics to get a real idea of what works and what doesn't work.

On friday, I posted [1] to the fedora-devel-list, and I got comments on everything but file systems. I'm not upset that people are aware of these issues, and keep bringing them up, but I don't quite understand why there is all this confusion about what Smolt does. We're so used to using Google, Wikipedia, Comcast, and Internet backbone physically in the US, that most of the time we don't think twice about what people might be storing about us, but when one extra tiny bit of tracking is brought up, there's nothing but confusion.


In order to clear up any confusion, I've decided we need to become more mainstream. I certainly can't make Smolt a household work, as I'm not sure what it would mean to sit there smolting in your kitchen while the chocolate chip cookies are in the oven. But we certainly can start by having a privacy policy.

I've put together a few notes as what should be considered a privacy policy, and I want to run it by a few of the internal Red Hat people before I unleash it on the community, just for legal sanity. But here's my next RFC.

What would you put, oh dear lazyweb, on your privacy policy? Remember, we never store IP addresses inside Smolt, although Red Hat maintains the rights to monitor incoming traffic to their machines, and no information can be used from Smolt to be traced back to any particular machine. You require some private bits only the client has.