Anonymized access log from a fedora mirror

[Matt Domsch]

On Thu, May 09, 2013 at 10:43:34AM -0500, Kevin Fenzi wrote:
> On Mon, 6 May 2013 08:32:40 +0200
> Lukas Zapletal <lzap at redhat.com> wrote:
> 
> > On Fri, May 03, 2013 at 03:30:39PM -0600, Kevin Fenzi wrote:
> > > Right, but then this information is security sensitive... 
> > > 
> > > User installed httpd-x.y-Z on YYYY-MM-DD, but on looking you don't
> > > see them installing the security update that was released after
> > > that -> target. 
> > > 
> > > Or even, user installs foo, foo is insecure and is dropped from
> > > fedora, you might know that they have it still installed and can
> > > leverage that. 
> > > 
> > > Or you see that user does security updates every friday, so you know
> > > they might be vulnerable thursdays. 
> > > 
> > > Also, you may see users install something, but we have no way of
> > > knowing if they try it and hate it and remove it right after. 
> > 
> > All true, that's the reason why IP address will never be available
> > from the data.
> 
> Sure, if you can see the anonized logs you can still figure out your IP
> address hash easily, so that could allow you to see for example what
> other people behind your same NAT/company are installing. 
> 
> There's lots of weird corner cases here, which is why we decided it
> wouldn't work last time we visited it. ;( 

We could create our own mapping of {IP address : complete random value},
and then hash those random values, and give out the info that way.
This solves the problem of reversing the the simple {IP address :
hash(IP address)} scheme.

It would require us to generate such a mapping, and keep it private, though.


-- 
Matt Domsch
Technology Strategist
Dell | Office of the CTO