[LAU] How to disable Ardour's phone home option?

Ralf Mardorf ralf.mardorf at alice-dsl.net
Mon Jul 13 18:29:42 UTC 2015

Previous message: [LAU] How to disable Ardour's phone home option?
Next message: [LAU] How to disable Ardour's phone home option?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 13 Jul 2015 13:01:02 -0500, Brent Busby wrote:
>Ralf Mardorf <ralf.mardorf at alice-dsl.net> writes:
>
>> On Mon, 13 Jul 2015 11:54:55 -0500, Brent Busby wrote:
>>>Robin Gareus <robin at gareus.org> writes:
>>>[...]
>>>> Heck, if you're worried about this, you can't even surf the web to
>>>> begin with. A simple firefox http request sends a lot more private
>>>> information about the user. See https://panopticlick.eff.org/
>>>
>>>True
>>
>> Not really true. It's possible to make an averaged Firefox, Pale Moon
>> etc. secure, however, the best bet would be to use
>> https://www.torproject.org/projects/torbrowser.html.en . As already
>> pointed out, for some computer usage, of some people, in some
>> regions of the planet, it's better to disable every phone home
>> option. The uname request from Ardour + the full opened Windows size
>> reported by a web browser + geolocation send by your weather applet
>> and even the most trustworthy VPN service becomes useless.
>
>There's no securing any monolithic app of that size.  You can audit the
>code, you can get assurances of good faith from Mozilla or whoever
>makes it, you can enable all the safety features, and in the end,
>you've still got a big slab of code that would make Bill Gates proud.
>The NSA has already said in one of their published documents that they
>don't even need to have known exploits for Firefox to accomplish a
>given arbitrary purpose -- the code base is so big that when they need
>something, they can simply find it.  Just describe what you want the
>exploit to do and the targetted version of Firefox -- we'll find you
>an attack vector that does what you need from the existing code.  It's
>simply too big and heavy to be secured by anyone, even with good
>intentions.
>
>> Firefox is a web browser, we expect that it's connected to the
>> Internet.
>
>Well, yeah.  It'd be nice to be able to control the specifics of that
>though.
>
>> Ardour is a DAW, the distros package management informs about
>> upgrades without asking what kernel a user has got installed. While I
>> agree that Ardour's phone home isn't a serious issue for most of us,
>> it's still grotesque to compare Ardour with Firefox. There's no good
>> reason for Ardour to phone home by default. Distro independent
>> upgrades could be announced by a news letter.
>
>Actually that digression is my fault.  Robin mentioned that one has
>more to worry about as far as personal information exposure from
>Firefox's HTTP traffic than one does from Ardour.  No one has said
>Ardour is like Firefox.  It's my fault for digressing the subject into
>a general rant about browser security anyway, but that is a concern of
>mine, however tangentially related to the conversation.

However, since we know how to disable phone home, assumed we want to
disable it, we don't need to worry about it.

Temporarily we could disable it by editing the URL.

$ grep ardour ~/.config/ardour4/config /etc/ardour4/config

To completely disable it, we could configure with --no-phone-home when
building Ardour.

I already marked the thread as "[Solved]", before this discussion
started :).

Previous message: [LAU] How to disable Ardour's phone home option?
Next message: [LAU] How to disable Ardour's phone home option?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Linux-audio-user mailing list