I know I’ll get bashed and/or quoted out of context for this, again, but: this is not how Syncthing operates, and if this is a requirement Syncthing is probably not for you.
At the simplest level, it would be impossible to have two devices connect to each other with the above policy without requiring the user to enter the device ID, IP number, and port of the other device (and update it whenever that changes). This is not something we want to subject our users to.
You can run Syncthing in “stealth mode” but it requires some tinkering to actually work that way, for the above reason among others. Hence it will not be the default.
Just the opposite: I am very convincable by technical reasons.
The original question was not a technical one, so I have replied to that: the theory is that there is a function which requires data flow, and by using the method I accept that. (Granted, I’m a minority who actually tries to check the protocol and relaying and encryption and stuff before use, but as I said: this is the theory.) So if the specific data is already transmitted to somewhere I see no point asking about it, for a different purpose, apart from mentioning that it will serve a different purpose as well. It’s there anyway.
If I send data to my peers but not to you, and you otherwise have no means to access that data, and you start transmitting data to yourself without telling it – is not nice. If you can reason why it is so then it may be acceptable (if I have been informed before the act), but I cannot generally say right or wrong to either way.
I also happen to operate a relay, and I have examined what goes where and why, and agreed to the terms. If the relay started to share my cpu flags or disk size I would be extremely unpleased, but if someone asked me that he needs them for this or that I may say “sure, no problem”.
In todays hostile world I definitely prefer opt-in to opt-out, unless someone provides a good reason for or against. I generally prefer to send crash reports manually to be able to review its contents, but I don’t say it’s a sin if I can’t. It’s just if I have the choce, I would choose to be asked. And I am not everyone else, just me.
I’m only using syncthing for the privacy. Opt-out means I have to pay more attention to my software installations. More of a distraction and less control. Also, its a slippery-slope, where incremental expansions of telemetry occur over time. It’s frustrating to have to go into the advance configuration view to change the “crash reporting enabled” setting to turn off “automatic crash reporting” when there is also and “anonymous usage reporting” election in the separate settings view. Too much hunting to set privacy. E.g., with Android, if you want privacy, you have to look in like 15 different places to ensure that you get privacy, and even if you are successful, the settings are rearranged in the next update.
I have disabled usage reporting and during update today there was infobox which informed me that due to my settings crash reporting was disabled. This is a good solution.
Automatic crash reporting does not leak sensitive data except for the IP address, which can also be seen by other syncthing services (global discovery, usage stats, relays). Also, IP addresses aren’t really sensitive in the modern world. And unless you haven’t disabled all other syncthing services, crash reporting does not affect your privacy in any way. There’s no logical reason to opt-out, except if you’re running Syncthing in a 100% local (offline) enviroment.
Edit: Oh and by the way, by posting on these forums your IP address is also visible to the operators (and the hoster etc).
There was an infobox for new automatic crash reporting on the machines I started up this morning. There was no infobox for the new automatic crash reporting on machines that have been running 24hours. Had to dig into “advance configuration view.” One more thing to distract me from work.
@calmh you could add a label to issues which originate from crash reports. I think it might help convincing a lot of people if they see that it’s a killer feature for the developers.
