top | item 17853330

(no title)

pheleven | 7 years ago

Not to support his fairly trashy post in particular, but I believe his comment has utility.

As an infrastructure person this post was concerning; this company is collecting a lot of data and has a lot of access, which I wouldn't trust. I also would not be thrilled if I was a paying customer having these details shared (even without attribution, as in the article), further reducing trust. I appreciate these kind of real-world detail posts, but it's not appropriate if it's not your infrastructure.

discuss

tru_pablo|7 years ago

Could you please elaborate on the point? How we can improve?

What potential problems do you see?

Thanks

pheleven|7 years ago

Sure. First and foremost, do you have permission from your customers who you're researching and reporting on here? If you do, great, ignore me. If not you'd be breaching (my) trust if I was one of them. The data is not yours and it may be possible to infer who these datapoints belong to if so desired. If one could do that, they may be able to gain competitive advantage or otherwise exploit knowledge of infrastructure (social engineering for example).

There is a big difference, IMO, in someone like backblaze releasing statistics. They own all of the hardware and they choose to release the data themselves. You (on the surface) appear to be harvesting data from your customers, digging through it, and presenting it. You also point out very specific cases, rather than aggregate pseudonymous data.

You are collecting sensitive data from your customers environments. This doesn't inspire confidence that you treat it as such.