Usage report - few clarifications

scienmind · December 27, 2016, 10:51pm

Q1: There is a uniqueID field in usage report. When reporting from ST within wrapper (android/SyncTrayzor) the field data is blank, but reporting from “pure ST” has a string there.

What is the purpose of it, can it be omitted (if it only used partially already)?

Q2: Is there a way (theoretically) to retrieve the complete specific usage report data set for a specific user after the statistic reach central servers (given that there is a uniqueID)? Or is it just mushes all data points from all users togeter to categories, with no way back?

calmh · December 28, 2016, 8:45am

The unique id is used to ensure that a device is only counted once per day, as it can otherwise report multiple times (when restarting, etc). It is (re)generated when usage reporting is turned on and deleted when reporting is turned off, which is why it’s blank when you’re previewing the report with reporting not enabled.

The reports are saved as sent, so an extract could be made for a given unique ID to see how the values for that device has evolved over time. This is not something we currently do, but it would be possible.

calmh · December 28, 2016, 9:02am

It’s also used to generate the “users joining / leaving” graph.

scienmind · December 28, 2016, 2:20pm

Thanks for the info!

However, privacy-wise, I think it would be better to go the other way:

Perform the ID validation when report is received, and then disseminate the report data into histograms/any other db form that is easy to generate stats from, and store that.
IDs can be stored separate from the data for the “join/leave” and in hashed form (or do the hash before sending, on client).

The thing is that the report as a whole is rather not really anonymous the way it is now: Full report set per client is quite unique for anyone with many custom-configured folders and linked devices, add to it machine stats - and this set becomes quite “fingerprinty”. So if it’d be stored decompositioned, and the ID would be detached after accepting, and not reverse-linkable (hashed), it would be way better and more aligned with the spirit of the software

calmh · December 28, 2016, 8:35pm

I see no privacy concern here. Bashing and so on would not bring anything new to the picture as far as I can tell as the ID is a short random string not connected to any other property of the client already.

system · January 27, 2017, 8:48pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.