IllustratorsLeak
thelinuxgamer
thelinuxgamer

patreon


Audacity responds!

Added 2021-05-13 19:24:19 +0000 UTC

Well, it seems Audacity has responded to the backlash from last week's telemetry fiasco. If you don't know what happened there's a video here about it... but to get you up to speed:

One of Audacity's developers issued a pull request which would integrate some opt-in telemetry collection into the software.

While there were definitely people who were up in arms about the idea that a free software project could collect telemetry, most people were more concerned that Google and Yandex were going to be where the team stored such data.

I mean, I was definitely concerned but kinda understood their perspective here.

Anyway, flash forward to last Thursday when Audacity's project lead Tantacrul posted a thread on Audacity's GitHub discussions board. In it, he spoke to the concerns of the community, talked about what their thought process, what actions they are now proposing, and addressed a few other things.

First, Tantacrul says:

We are dropping the telemetry features proposed in PR #835
Regarding features that require networking, we would like to include error reporting and the ability for Audacity to check for updates (details below)
We will self-host all collected data from error reporting and checks for updates, removing any need for Google or Yandex analytics

Boom. Clear. Concise. Transparent. And self hosted. That's awesome.

He went on to say:

The creation and subsequent discovery of PR #835 was a bad communication/coordination blunder that caught us completely by surprise. We're very sorry for causing so much alarm. Our intention was to make an initial announcement about our plans to introduce telemetry on the Audacity forum, similar to how we discussed the topic for MuseScore in 2019. In that instance, I think the fact that we introduced the issue openly resulted in a lot less suspicion.

And yeah. I thought the community's reaction was a bit overly-paranoid... and I think that suspicion he spoke of was precisely because they hadn't mentioned anything to the community. They hadn't started the dialog. So a pull request just showing up with telemetry seemed underhanded to some.

...it is important to stress that we have absolutely no interest in harvesting or selling personal data and Audacity will always be free and open source. The response to PR #835 has brought about a realisation at Muse that the convenience of using Yandex and Google is at odds with the public perception of trustworthiness, so we will be self-hosting instead.The next item is telemetry. I believe our communication mistake contributed to a lot of misunderstanding about our intentions here. Telemetry is a practical tool that tells us a lot about how an app is performing or underperforming (is this new feature being used a lot? Is this button being discovered? etc.) We assumed that making it opt-in would allay privacy concerns but since this isn't the case, we are dropping it.

Look... a lot of people are going to see this as a victory. I am less enthused.

While the fact that they're dropping Google and Yandex is a good thing, they aren't JUST dropping Google and Yandex. They're entirely foregoing opt-in metrics collection that would've given them crucial insight into how Audacity is used and how the experience and how the interface can be be improved. Saddest of all, they opted out of providing a roadmap for other ethical software projects to follow when it comes to metrics collection to improve design and usability.

Now, they're still including error reporting here. Specifically, they're looking for SQLite errors, application crashes, and non-fatal exceptions... and that's a good thing. Whenever report-able errors happen, the user will be prompted with a "send report" dialog where they'll be given a choice to send the error or not.

These crash reports will be self-hosted by the Audacity team in their Sentry database.

Naturally, with error reports happening over the Internet IP addresses will be entirely readable by their team when the reports come in. But I think far too many folks got their panties in a twist IP addresses. Sure. IP addresses might be able to provide a rough geographic location--but they're not personally identifiable information. Chances are, most of the devices on your home network share the same public IP address between them.

Okay, they will also be doing update checking:

When the program starts, Audacity will check whether a newer version of the program is available for download. If there is a new version, the user will be shown a dialog to notify them.
There will be an option to disable automatic checking
This decision can be changed in Preferences at any timeUpdate checking reveals three things: the IP address, the OS version and the Audacity version. We will use a self-hosted geolocation database to determine the country the IP address is located in and nothing more. The raw IP address will not be stored or logged, but we will store and log a non-reversible hash of the IP address to improve the accuracy of the daily statistics. The server is located within the EU to comply with the GDPR. No information will be sent to any third parties unless required by law.

And that's fine with me. Especially since they're so upfront about it.

Finally, they said that all this network stuff will be entirely optional and off by default when building from source.

The behaviour described above for error reporting and update checking would only apply to official “release” versions of Audacity available from our website or GitHub page. In other builds, the error reporting and update checking code will be excluded by default via CMake options.

Which had been the case with the previous Pull Request.

There are other issues people had raised with the previous pull request that weren't answered here but I feel like this covers most of the bases pretty well.

I feel like Audacity handled the response to this very well! I'm hoping that at some point in the future they can work with the community to a self-hosted solution to telemetry.

Also, in my video about Tantacrul, I said he had 'nearly a million subscribers' but I had meant to say 'nearly a quarter million'.

Anyway. I'd like to know what you think. Let me know down in the comments.

https://github.com/audacity/audacity/discussions/889

Comments

Agree with it being positive that they're not using Google for this kind of thing... honestly Matomo is a _great_ analytics solution that can be hosted or self-hosted. I think on balance this is going to quiet all the noise/hate around telemetry, but will prevent any possible benefits in terms of understanding how users actually use Audacity. I hope there is some opt-in option available at some point in the future. Audacity is really good for what it does and has a great track record as an example of small-scale open source paid development.

2021-05-13 19:29:19 +0000 UTC

More Creators

The Racer's Edge

The Racer's Edge

 gumroad
hannthewitch

hannthewitch

 onlyfans
aliciaroseyfree

aliciaroseyfree

 onlyfans
eviejonesarchive

eviejonesarchive

 onlyfans
romeoandriley

romeoandriley

 onlyfans
KONO82

KONO82

 fanbox
thepinkroomofficial

thepinkroomofficial

 onlyfans
candydollmodel

candydollmodel

 onlyfans
pantiedup

pantiedup

 onlyfans
pervader

pervader

 patreon
silverfoxxx32

silverfoxxx32

 onlyfans
livdagoat

livdagoat

 onlyfans
babymichelle

babymichelle

 onlyfans
heterosexual_kickboxerr

heterosexual_kickboxerr

 onlyfans
martenseveline

martenseveline

 onlyfans
Team SWARM

Team SWARM

 patreon
talksick1

talksick1

 onlyfans
gajasg

gajasg

 onlyfans
pandiita95

pandiita95

 onlyfans
malochico

malochico

 onlyfans
InkPotts

InkPotts

 patreon
jjeminajuliafree

jjeminajuliafree

 onlyfans
Kanak Gaming

Kanak Gaming

 patreon
まかまち/makamati

まかまち/makamati

 fanbox
cazadormxfree

cazadormxfree

 onlyfans
she_doll

she_doll

 onlyfans
kumapantu

kumapantu

 fanbox
victoria_via

victoria_via

 onlyfans
Rottenheart10

Rottenheart10

 patreon
theaudaxxxity

theaudaxxxity

 onlyfans
SoulOfCanaaN

SoulOfCanaaN

 patreon
minaluna

minaluna

 onlyfans
zijou

zijou

 fanbox
romi10

romi10

 onlyfans
erasion

erasion

 patreon
Zan the Bonebreaker

Zan the Bonebreaker

 patreon
鞍田

鞍田

 fanbox
mamushkajaz

mamushkajaz

 onlyfans
zizzero

zizzero

 patreon
NyueX

NyueX

 patreon