Posted by lutz.bendlin
webiopi.js still has the Google Analytics code, with a hard coded account id. Might be an idea to either comment it out or remove altogether.
Posted by trouch
This is a feature I personally need to get statistics about WebIOPi use. So I know Python 2/3 proportions, screens resolutions, browsers used, and languages...
Posted by lutz.bendlin
Fair enough. It would just have been nice to be notified about that.
I am using it on a 256MB Model B, Python2, en-us, across all possible screens and browsers and devices (Android, iOS, WebOS, IE, Chrome, Mozilla, Safari etc). Since I see no need to tell Google about every individual call to webiopi, I removed that part of the code myself.
Thank you for the very nice API.
Posted by trouch
REST calls are not logged. With usual browser technical data and user origins, only the page loaded and webiopi version used are logged. This is very useful to me, and used to improve the product, don't see it as a spy. I don't need to notify as the code is open, I have nothing to hide, the JS part is even not obfuscated.
Posting an issue / asking to remove that really disappointed me ! Do you ask all Android / iPhone developers to remove their GA tracker from their (native) apps ? I think you should drop packets to GA on your router...
Instead of asking that, you should propose another privacy-safe, open source and easy way to get statistics.
Posted by lutz.bendlin
My proposal would be to make GA an opt-in option.
Posted by wrtlprnft
In my opinion, GA should be opt-in because not every user will realize that google and you get the URL of their webiopi installation as soon as they start using it.
Considering that the devices connected to the GPIOs or the raspberry pi itself might be damaged if controlled incorrectly, I would not like my raspberry pi to show up on a complete list of all webiopi installations.
What app developers do to their apps is their buisness, but with many kinds of apps you expect them to contact their vendor's servers to download content (social media apps, weather apps, …). There is no technical need for a webiopi server to need any 3rd party help, so I don't expect it to contact any other server.
May I ask why you need those statistics? I expect you get download statistics from google code, you get bug reports, how do you improve the product by knowing how many people tried which feature? Using your arguments, you could just as well include a real backdoor, because it can't truly hide that in open source code and people should expect that when they download anything.