[Vtigercrm-developers] WHY does vtiger contain a webbug?

Hamono, Chris (DPC) Chris.Hamono at sa.gov.au
Fri Mar 6 05:25:32 GMT 2015 

Sorry that is not an acceptable response.

Your claims as to what you do with the information is beside the point. It should not be collected in the first place.

There is a don't collect stats flag in config but that is not used, some would consider it deceptive. I might agree given you had the time to put in the stats collection infrastructure and code, enabling that flag was too hard.

The reason we run a privately hosted instances is to prevent unintentional information leakage.

As I said this is very embarrassing because other staff pointed it out to me.

Chris

From: Prasad<mailto:prasad at vtiger.com>
Sent: ‎Friday‎, ‎6‎ ‎March‎ ‎2015 ‎1‎:‎34‎ ‎PM
To: vtigercrm-developers at lists.vtigercrm.com<mailto:vtigercrm-developers at lists.vtigercrm.com>

Chris,

Vtiger Tracker used on the login page helps us measure successful installation and implementation used regular basis. We respect privacy
and DO NOT collect any sort of personal information.

You have the option to turn off stats tracking, please refer:
http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/5943

Regards,
Prasad

--
FB<http://www.facebook.com/vtiger> I Twit<http://twitter.com/vtigercrm> I LIn<https://www.linkedin.com/company/1270573?trk=tyah> I Blog<https://blogs.vtiger.com> I Website<https://www.vtiger.com/>

On Fri, Mar 6, 2015 at 7:05 AM, Hamono, Chris (DPC) <Chris.Hamono at sa.gov.au<mailto:Chris.Hamono at sa.gov.au>> wrote:
Why pray tell does vtiger contain a web bug on the user  login page?

As  a government organisation this represents a serious privacy issue. The fact that there is no information regarding this web bug anywhere is a serious failing on the part of the vtiger team.

It would be a simple matter to place a button on the install screen to OPT IN for the collection of installation statistics but to place it surreptitiously on the login page phoning home every time a user logs in to the application is a serious issue.

This has caused me serious embarrassment. Some of our applications are in house secure applications and the potential for inadvertent information leakage is HUGE.

I cannot express my disappointment enough. What were you thinking!


_______________________________________________
http://www.vtiger.com/

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20150306/3cb31dfe/attachment.html>

More information about the vtigercrm-developers mailing list