[Vtigercrm-developers] WHY does vtiger contain a webbug?
Hamono, Chris (DPC)
Chris.Hamono at sa.gov.au
Fri Mar 6 07:34:09 GMT 2015
I do not have access rights to Trac
Considering this was fixed in 5.1 it was probably simply missed in the upgrade to 6.0
I do not recall if it is. but if not this should be an option provided during install. Not something to be stumbled upon some time down the track.
Chris
________________________________________
From: vtigercrm-developers-bounces at lists.vtigercrm.com [vtigercrm-developers-bounces at lists.vtigercrm.com] On Behalf Of Prasad [prasad at vtiger.com]
Sent: Friday, March 06, 2015 4:11 PM
To: vtigercrm-developers at lists.vtigercrm.com
Subject: Re: [Vtigercrm-developers] WHY does vtiger contain a webbug?
Chris,
Please re-open the issue if you find the flag is not being used our dev-team will review it.
Regards,
Prasad
--
FB<http://www.facebook.com/vtiger> I Twit<http://twitter.com/vtigercrm> I LIn<https://www.linkedin.com/company/1270573?trk=tyah> I Blog<https://blogs.vtiger.com> I Website<https://www.vtiger.com/>
On Fri, Mar 6, 2015 at 10:55 AM, Hamono, Chris (DPC) <Chris.Hamono at sa.gov.au<mailto:Chris.Hamono at sa.gov.au>> wrote:
Sorry that is not an acceptable response.
Your claims as to what you do with the information is beside the point. It should not be collected in the first place.
There is a don't collect stats flag in config but that is not used, some would consider it deceptive. I might agree given you had the time to put in the stats collection infrastructure and code, enabling that flag was too hard.
The reason we run a privately hosted instances is to prevent unintentional information leakage.
As I said this is very embarrassing because other staff pointed it out to me.
Chris
From: Prasad<mailto:prasad at vtiger.com>
Sent: Friday, 6 March 2015 1:34 PM
To: vtigercrm-developers at lists.vtigercrm.com<mailto:vtigercrm-developers at lists.vtigercrm.com>
Chris,
Vtiger Tracker used on the login page helps us measure successful installation and implementation used regular basis. We respect privacy
and DO NOT collect any sort of personal information.
You have the option to turn off stats tracking, please refer:
http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/5943
Regards,
Prasad
--
FB<http://www.facebook.com/vtiger> I Twit<http://twitter.com/vtigercrm> I LIn<https://www.linkedin.com/company/1270573?trk=tyah> I Blog<https://blogs.vtiger.com> I Website<https://www.vtiger.com/>
On Fri, Mar 6, 2015 at 7:05 AM, Hamono, Chris (DPC) <Chris.Hamono at sa.gov.au<mailto:Chris.Hamono at sa.gov.au>> wrote:
Why pray tell does vtiger contain a web bug on the user login page?
As a government organisation this represents a serious privacy issue. The fact that there is no information regarding this web bug anywhere is a serious failing on the part of the vtiger team.
It would be a simple matter to place a button on the install screen to OPT IN for the collection of installation statistics but to place it surreptitiously on the login page phoning home every time a user logs in to the application is a serious issue.
This has caused me serious embarrassment. Some of our applications are in house secure applications and the potential for inadvertent information leakage is HUGE.
I cannot express my disappointment enough. What were you thinking!
_______________________________________________
http://www.vtiger.com/
_______________________________________________
http://www.vtiger.com/
More information about the vtigercrm-developers
mailing list