On Fri, May 03, 2013 at 03:30:39PM -0600, Kevin Fenzi wrote:
Right, but then this information is security sensitive...
User installed httpd-x.y-Z on YYYY-MM-DD, but on looking you don't see them installing the security update that was released after that -> target.
Or even, user installs foo, foo is insecure and is dropped from fedora, you might know that they have it still installed and can leverage that.
Or you see that user does security updates every friday, so you know they might be vulnerable thursdays.
Also, you may see users install something, but we have no way of knowing if they try it and hate it and remove it right after.
All true, that's the reason why IP address will never be available from the data.
Also, the way our mirroring works, they can get the package from any mirror at all, so we may not see patterns that are there if we could see logs of all mirrors instead of just one.
Yeah, I did not realized that - this is quite limiting. Taking NAT issue into account, I don't think anymore it is good source of data :-(