Installation Reporting FAQ

Some may be concerned over installations being reported from our system installation utility:

  • “What data does this utility report?”
  • “How much control do I have over what data is sent, if any?”
  • “How is my data reported?”
  • “Is my data encrypted in the reporting process?”
  • “How much personally identifying information is in an installation report?”
  • “Can I get a copy of the installation report?”

I’m sure that some of you may have even more questions. So, here I hope to share as much information on this process as feasible.

 

How is my data obtained?

Different parts of system data are collected in different ways:

  • CPU info: the output of the command lscpu is received, and parsed down to just the “Model Name” line. This line is what is reported.
  • RAM and swap info: until recent versions of system-installer, the free command was used to obtain how much RAM you have, with the output of swapon -s being reported for swap. However, the command for RAM was recently changed to be the output of lsmem due to it outputting more human readable numbers by default.
  • GPU and PCIe info: This is the entire output of lspci
  • Disk layout: This is the output of this lengthy command:
    lsblk --json --output name,size,type,mountpoint

    This gives us info about how many drives you have connected to your system, how big they are, if they are mounted at install time, and where.

  • Installation Log: This is generated during installation time and is located at /tmp/system-installer.log on the live system during and post-installation. On your installed system, the same file can be found at /var/log/system-installer.log.

How is all this data reported?

We have an upload-only rsync service running on one of our servers. Furthermore, a public gpg key is also available from our downloads server. Our system installation utility downloads and imports this key and uses it to encrypt the report. From there, it uploads it to our server using the upload-only rsync service.

Once on our server, your report is scanned for potential malware, decrypted using our private gpg key, then moved to a secure location for manual retrieval later.

How much control do I have over what this utility reports?

Our installation reports are entirely opt-in. Of the categories listed above, you can select or deselect any or all of them, as well as a custom message. Once the report is generated, you can view the report. If you want to change what you report, you can easily abort the reporting and generate a new report, from scratch. Furthermore, once reported, a copy of the report will be stored on your installed system at /var/mail/installation_report.txt

Is the report encrypted?

Yes, during reporting the report is encrypted using a public gpg key we use exclusively for this purpose. If this key was ever to be compromised somehow, we can easily generate a new one and replace the publicly available one without needing to update any software.

How much personally identifying information is in a report?

While all the data that we collect, used together, can be used to fingerprint a device, we do not use this data in that way. Instead, we try to use data in an aggregate way in order to draw broader conclusions about our installation base, and where to take Drauger OS in the future.

However, we DO keep individual reports in an archival format. This allows us to provide long-term support to users with bugs resulting from issues at installation time.

The only TRULY personally identifying information we have in an installation report is the host name of your computer (which can easily be the same as someone else’s computer), and the report’s installation code.

Installation Codes

Every installation report has a unique code: the UNIX timestamp from the time of it’s generation. This timestamp can be used to track down a specific user’s installation attempt. This is intentional, so that we can provide users with a simple, one-liner command, to the effect of:

cat /var/mail/installation_report.txt | grep "Installation Code:" | awk '{print $3}'

We can then use this code to track down their installation report. Hopefully, this report would also contain information about this user’s hardware and the progress of the installation so that bugs can be tracked down and fixed in a user’s system.

We would like to emphasize that this installation code IS NOT hardware-correlated in any way. It is entirely time-correlated. As such, it is entirely possible (yet extremely unlikely) for an installation code to be used multiple times, or for multiple installation codes to be associated with one computer and/or one person.

Can I get a copy of my installation report?

If you can provide us with the installation code, yes. However, a copy of the report is already stored on your system after sending the report.

Can I request my report be deleted?

Yes. If you can provide us with the installation code for your report, we would be happy to delete the report from our database at your request.

Who has access to the data?

Aggregate data is public knowledge. However, this has extremely little granularity with absolutely zero personally identifying information.

Any high-level developer working with Drauger OS has access to individual report summaries. This includes the hardware a user has. This amount of information can tell someone who has seen enough reports whether an installation was successful or not.

Only the lead developer has direct access to all individual reports. Anyone wanting access to an installation report must contact this person, and provide the installation code for the installation report they wish to obtain, as well as the reason for obtaining this report. Failure to provide both of these pieces of information will result in an immediate denial of information. Providing both pieces of information does not guarantee the information will be provided.