MDD - Opt-in vs Opt-out

Oh wait… Perhaps it’s a bad idea to have it on a separate partition?

Now where is that flash drive with Clonezilla on it?

Ah yes, I’m posting derogatory comments, being arrogant and hostile and a troll when I tell you something that you don’t want to see and hear.

Look at your own posts. I guess it’s easier to call someone a troll instead of addressing what he actually said and what the actually reality of things is.

Don’t worry, you’ll always get some nonsense answer about how “we need to improve this or that and it’s all for you own good”. Take your time and look at things with neutral eyes and you’ll get it.

I fear this strays a little too far into hyperbolae - but we’re obviously rather stupid and unable to ‘get it’.

I rather enjoyed Megavolt’s comment, and fear that this story is dangerous not because of what is proposed, but because of the vehement reactions and rampant paranoia.

What positions do we have now:

1. Notifying people about development decisions being aided by certain informations, and the option to ‘turn on’ (Opt In).

2. Notifying people about development decisions being aided by certain informations, and the option to ‘turn off’ (Opt-out).

I remain completely unbiased, because I really don’t care either way for myself.

What you told us — and which we don’t want to hear — is not applicable here. Everything has been properly communicated from the onset.

I did address the concerns, and I explained everything in full, after it had already been explained by others, and before it was explained again by yet others.

As for looking at my posts, I think I enjoy a far better reputation on this forum than you do.

When I joined up here in 2019 — this was still the previous incarnation of the forum — I did so with the explicit intent of helping out people, just as I had up until that point in time also been doing on Usenet for 20 years.

You, on the other hand, joined up here specifically so as to spout false allegations and to troll. I have nothing to prove to you, while you have everything to prove to me.

The “need” for telemetry is BS. It’s fictitious. The Linux ecosystem survived without it for decades and will continue to do so. What suddenly drives this “need” for telemetry is a self inflicted financial dependency (if Arch can be community based, why can’t Manjaro?) and competition, with a detriment to privacy. A “race to the bottom” (Moloch) of privacy is currently ongoing. Who is pushing Manjaro into it? Their “hardware partners”? Will they have access to the data they collect? Yes, there is a healthy dose of trust issues here.

So why do people still use Manjaro if they don’t entirely trust the developers? I tell you, so you can finally stop asking. Because Manjaro offers a unique stable branch of Arch and 99% of its content is just Arch (which people do trust) and doesn’t really come from the developers. So it’s a trust vs benefit tradeoff. A thin line where Manjaro lives in. If the Arch community suddenly decided to create a stable branch themselves, well…

Now, they say they can’t get funding without telemetry and that the distro might be doomed otherwise. A lot of projects get funded just fine every year. You run a yearly donation campaign with a set target and start collecting. Why haven’t I personally donated to Manjaro’s donation page yet? Because I have no idea how much they need, what their goal is and how much they already collected. There’s no transparency.

How to do it right? Take an example from Wikipedia’s yearly donation campaign. It’s transparent and inviting. Wanna go a step further? Give donors a voting right on what features or hardware support to focus on next. Isn’t that what the team always wanted? To know where to focus?

I agree, entirely.

But it IS certainly extremely desirable.

Manjaro aims to improve the Arch experience (especially for less experienced users) - in case you didn’t know - by providing a curated experience.

Manjaro adds layers, and includes configurations. How should Manjaro behave if they want to IMPROVE on their configurations?

How many laptops vs desktops are there? do you know?

It’s to do with streamlining, not offering (as Arch does) a box of loose lego bricks.

I missed that - quote is needed before you make these statements please.

Most of the answers relating to improving software are from users. That’s exactly what I was talking about, that you have to make assumptions here.

Manjaro has long since ceased to be a pure community project. And I fully agree with that. A community project can only grow to a certain extent. You can see that with Arch Linux: the market power and relevance of Arch Linux is consolidated through commercial distribution, such as the Steam Deck. But if you want to increase distribution and thus also growth, you need commercial partners. Hardware and software manufacturers.

To put it quite neutrally, most people do not install an operating system themselves, but use what is or has been installed. So it is understandable that the aim is to sell more computers with manjaro pre-installed.

Commercial partners need facts and numbers, to put it bluntly, otherwise it’s a risky business. Of course, if these partners have sufficient financial resources, they can risk failure, but certainly not every company. Large companies in particular pay a lot of attention to reputable partners who provide a basis for negotiation.

To summarize, I can only say: should manjaro just bob around as a community project, or do you want to take distribution to the next level? What I can see is that the manjaro company wants to drive forward the distribution and establishment of manjaro, and you can’t do that as a community project. As I said, telemetry is not evil, but in the case of manjaro it is necessary to have facts and numbers, as is everyday life in the commercial sector.

Welcome to Moloch.

The connection between either accepting telemetry or possibly seeing the end of Manjaro, was made clear in this sequence of statements:

So, what are we to understand from this? That either Manjaro GmbH gets the data they want to please their hardware vendor partners, or they call it a day?

Let me repeat my previous question that went unanswered:

The trust issue is not with the developers of Manjaro directly, but with the partnerships Manjaro GmbH possibly entered. Positive partnerships are things like Microsoft funding the Godot Project so they add C# support for everyone. Toxic partnership would be if a partner pushed Manjaro GmbH to either add telemetry so Manjaro can serve as a data collection platform for them, or they threaten to pull funding.

Yes it is. Manjaro gets the data, not the partners. Manjaro collates the data, then passes on the necessary information the partners need, in order to better support Manjaro with their hardware.

The data Manjaro receives is impersonal, they don’t know who you are, it’s even less personal when the partners receive the collated data that references them.

So you are still only trusting Manjaro, just as you currently do, if you are running a Manjaro OS

When you look at Team – Manjaro - 2024-11-28T23:00:00Z - you see 17 names.

Only 2 of those is company - @romangg and @philm

The remaining 15 is volunteers and if those suddenly decides - based on the fear mongering and constant ridicule from morons - to say enough is enough, what happens to Manjaro as distribution?

It falls apart - plain and simple.

I have suggested a GUI GitHub - fhdk/mdd at feat-donate-gui …

How is this different from Amazon, Mozilla, Apple, Google, Microsoft routinely asking people to agree to share their usage and analytics data “to help improve their products”? It isn’t.

Are we getting access to the collated data that’s shared with the partners? How can we verify that it doesn’t contain data that allows fingerprinting? The open source community isn’t built on trust, it’s built on transparency. People can check the source code and build-scripts if they want. They don’t really have to trust anything. The trust they have (if they have it) is a consequence of transparency.

#1 bug with Manjaro, constant ■■■■■■■■ across Reddit and YouTube…

I must now admit that I didn’t read this but in context now I get no impression that it was anything more than an expression of exacerbation.

Perhaps my vote is being swayed, include the option to vote Plan A, Plan B, or just fork off and stop whinging.

If Manjaro doesn’t provide enough value, then buy something else!

By asking this it’s quite obvious you haven’t bothered following any of the discussions regarding it, or you would have known:

In one extremely important way:

For Amazon, Microsoft, Apple, etc. you have to pay. For Manjaro, you don’t. Manjaro has been transparent about everything, others? Not so much.

The simple truth of the matter, in at least some of those cases, is they often don’t ask; they just take.

And this is the fundamental truth in these MDD related threads; that you (the community of Manjaro users) are being asked in no uncertain terms “What do you think?”, with full transparency.

As suggested, there are clearly a few that simply like to rant without investing the time to read (and understand) information given:

I think more to the point - with extensive EULA’s which mostly goes unread, they make it virtually impossible to make any kind of sensible judgement.

Certainly the way that I remember Microsoft, also Google, is basically ‘you use our service, then you just let us do whatever we like’.

What makes them evil beyond the pale is that they dominate the market with unfair means, so that the pressure just to give in is immense. They are frequently proven to be most untrustworthy.

Oh, and let’s just have a quick attempt at answering the question ‘What’s the difference?’. Well here’s one:

1. Amazon - annual turnover $785,000,000,000, 1,525,000 employees
2. Microsoft $254,000,000,000 228,000 employees
3. Google $257,000,000,000, 200,000 employees
4. Apple $395,000,000,000, 161,000 employees
5. Manjaro GmbH $290k and 4 employees.

Remember, The company and the Distribution are also separate entitities.

I’m happy to read this comment - because I must admit that I first became aware of this topic via YouTube and reddit… and my reaction was exactly as extreme as yours… Instant knee jerk, boiling blood, red faced anger.

I have also seen projects go under in the past due to lack of funding - and one of the more successful projects I employ actually displays full disclosure of certain income/outgoings in their website header (i.e. Monthly Costs/Donation Target). We see now YouTube becoming increasingly untenable as a business, both unable to collect enough money through (not donations) subscriptions and endlessly pissing off users with endless back-to-back advertising.

However, I do think that some extra data will enhance the project in ways that money simply cannot.

Remember Apple - they match hardware to software and gain huge benefits from that… so Manjaro has an eye to see what hardware is running their project with a view to similarly tweak software to better suit users.

I am also very happy to be part of a distribution with some alternative means of income and certainly do not (yet) have any scent of Canonical style dealings. I think lessons have been learned with previous back-lashes. I do also believe that the open nature of the discussion and software/data requested encourages me to trust the team to a greater extent.

Hopefully, this time around, the discussion will be adequate without the need to butcher threads and leave the forum open to criticisms of dishonest manipulation.

So for your perspective, I will definitely chalk up a vote: Opt-In

Actually I did follow the discussion and from what I read, that data is fingerprintable. The question then is, how is it passed on to the partners? In its raw fingerprintable form? I guess so, because otherwise the partners could just check the statistics cockpit like everyone else, but that’s probably not specific enough for them, so they probably get the whole thing.

What I remember is someone saying that it’s complicated and not that clear cut.

“Probably” is an assumption, in this case based on fear and other people’s over reactions. @romangg and others have very clearly stated that the whole thing is still in development, and there has been suggestions to hide IP addresses and more. Furthermore, if they want to track me, (for what, anyway?) they’re welcome to. I’ve checked and my IP doesn’t even track to the correct city. So that is obviously just a very rough idea.

Another baseless assumption. Who says the Partners won’t?

And again, from the first post in the other thread regarding MDD:

And if you’ve checked the data, you’d have seen it that can be used it the device_id, and I dare you to use that, and only that, obtain my tax records, my income and my expenditures:

"device_id": "bdc15590-3ae6-5256-965e-0139d6f96339",

As for the other data that you’ve read can be used to fingerprint you, how would knowing I have a Gigabyte Z370 HD3 motherboard, a Gigabyte Nvidia 960GTX, Intel i7-8900 CPU, 16GB DDR4 RAM and 2560GB Samsung nVME give tell you anything more about med than I’ve got a relatively OK’ish computer?

Not even everything I’ve mentioned is in the data being transmitted.

So please, everyone, stop your fear-mongering, and start asking how or what without baseless assumptions.

And obviously, if “Youtube influencers” are just that: they influence people for a “like” and/or a “subscribe”, to fuel their egos and not necessarily rational, or sometimes even truth. It’s all about getting a reaction and that’s done by playing with your emotions…

At this point you can also just say that you’re fine with any type of telemetry, being it from Microsoft, Amazon or whatever. I mean, you’re just telling me that every telemetry is harmless. But that’s your opinion, and not a very informed one I might say.

Well, you don’t seem to be aware of how modern fingerprinting works. I’ll just say that the width and height you use your browser window is enough for them to track you. It’s the combination of several data points that in the end uniquely identifies you and yes, they sell this information and it gets combined with other datasets that also uniquely identify you and yes, they can basically build a whole profile of your life.

You should take a look at this interesting article.

While cookies can be cleared with a few clicks, changing a browser fingerprint requires substantial modifications to device settings or hardware.
…
The technology also raises concerns about discrimination and profiling. Fingerprinting can reveal information about users’ economic status through their device specifications or accessibility requirements through their browser settings.
…
The widespread adoption of fingerprinting threatens fundamental privacy rights in the digital age. Users lose control over their personal information and online identity, as traditional privacy protection methods prove ineffective against this technology.
Browser Fingerprinting: What It Is and How to Block It