Am 29.05.2018 um 16:13 schrieb Anton Aylward:
On 29/05/18 04:05 AM, Simon Lees wrote:
I can see that there is customer info that must remain private. I, too, an a 'customer' for various entities and I have to supply them with with information such as credit card numbers.
But let's face reality. [snip] But I don't see how a bug in FOSS software is in that category. I don't see that the fact that Company X uses a specific application made of FOSS software is "private customer information".
This information is really mostly harmless. But when I report a bug at work, I add * log files (host names, IP addresses) * config files (host names, IP addresses, config options, security settings, ...) * a detailed description of our specific setup (in the "how to reproduce" section) * a detailed description of the system tuning, make and model of the used hardware, ... * crashdumps (unlikely to end up in bugzilla due to their sheer size, but maybe parts of them from the debugger tool output) This is probably not only data of the company I work for, but also from our customers. This all is clearly confidential, as it would for example be interesting for attackers trying to sneak into our network, or for competitors. Because of this, SUSE had to sign a NDA with us for us to even consider buying subscriptions / support, and my employer would surely sue the hell out of SUSE, Microfocus, whoever if this would not be respected. I think this is the same with most other customers.
Perhaps it would help clear up this matter if you could tell us what class of information is so sacrosanct, what information I couldn't search & find or derive using conventional "detective" methods that I read about in detective or detective-lawyer novels.
HTH -- Stefan Seyfried "For a successful technology, reality must take precedence over public relations, for nature cannot be fooled." -- Richard Feynman -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org