GuiLite examples capturing users name and sending to external site
arneves opened this issue · 6 comments
GuiliteExamples is capturing the users logged in name in the script sync_build.bat and sending to external site. Looks very malicious, because tehere is no reason to capture the user name and send it via curl.exe to an external site.
What called my attention is the inclusion of curl.exe in each sub directory. Why would you have to go to an external site to compile an example.
Users should also be very suspicious of exec on GuiLiteSamples root directory where an exec GuiLiteToolkit.exe is located whithout much (any) documentation.
This is unacceptable. You can't have CCP spying practices on open source software, it will be blacklisted immediatelly and never used again.
Can you provide some clear evidence of this?
Can you provide some clear evidence of this?
GuiLite/workspace/sync_build.bat
Line 17 in eb5434a
That's a BI backend that's being fed Build Datetime and a Win-[LOCAL_USERNAME].
It's basically recording how many users build the examples, with no personal information attached.
Not something I'd ever do, but it's not nefarious.
That's a BI backend
This is a GUI framework. It doesn't matter at this point what it is for: this is breaking trust, and is fundamentally wrong. Also, putting these binaries in the repository is unnecessary and extremely concerning. So I'd say that this is a no-go for those reasons.
It's just a telemetry feature for IoT solution. By this feature, you can monitor any IoT device over the world.
You can delete .sync.sh/sync.bat file if you do not like share any building information which aim to improve GuiLite usage experience. Here is OS distribution of GuiLite users, you can find it in demo wall: "Code Telemetry & Analysis in real time"
The telemetry feature is open source too, we believe it's useful for many people. Please let me know what's your thought, thanks.
I think that there is not problem with this behavior if it was mentioned clearly in the readme with some explanation and instructions of how to disable it.