Re: Bugzilla Desktop Client

2009/9/6 Björn Persson <bjorn xn--rombobjrn-67a se>:
> Yaakov Nemoy wrote:
>> You can always revoke a pub uuid in the future. Perhaps a message
>> about that will encourage people to be more forthcoming with Smolt
>> profiles within such a tool. Obviously, including a smolt profile just
>> automates certain kinds of information (read: privacy) disclosures,
>> which is sometimes necessary in a bug report anyways. Unless that
>> information as cached elsewhere, revoking a public UUID essentially
>> makes people forget the details though.
> Once published, always public.
> You can of course hope that nobody saved a copy of your details before you
> retracted them, but you can never be sure. The only safe assumption is that
> any information you publish remains public forever.
> That said, I'm personally not very concerned about letting people know what
> hardware I have; my secrets are of other kinds. (But of course I wouldn't want
> anything to be published without my permission.)

When i put together that algorithm, i took that fact into account. The
words i used is that a secret between two people in not a secret.

If the facts change though, and you don't tell anyone, then the
change, (or the delta or patch, if you will) is a secret. Releasing
the fact shouldn't force you to release the change.

Another fact to take into account is that although you may have
released it, and parts of it may have been copied into the bug report,
it's not necessarily true that the information is cached somewhere.
There's a percentage chance it has been, and then another percentage
chance that someone knows where to look to find it. Revoking the
public part of the secret doesn't absolve you of privacy concerns,
but, in certain circumstances, it can mitigate them. Given how
statistics and numbers work nowadays, anything that lets you mitigate
issues can have a cummulative effect with other things. Then it's just
a question of not being the slowest sheep when the wolves show up.


