Improved olpc-log; privacy considerations.

[Michael Stone]

Scott and devel@,

In response to several requests, I have finally made olpc-log capture
more information. (Caveat: I have only tested the new olpc-log under
ideal circumstances; i.e. on a clean-installed joyride). 

In spite of this lack of widespread testing, I think we would stll be
well advised to include this program in our next release candidate
because it will help us get more detailed memory and usage information
from people who send us log-files.

However, some of the changes I have made have important privacy
implications; in particular, my choice to record the output of 

   du -k / | sort -nr

(This will capture all filenames in the current system [and will bind
those filenames to a laptop's serial number since serial-numbers are
also recorded].)

How might we proceed?

   - My first thought is that since, at present, the decision to run
     olpc-log is entirely manual, we may be okay.
  
   - My second thought is to state an English warning that olpc-log will
     capture privacy-sensitive data.

   - My third thought is to add a flag which prevents olpc-log from
     capturing privacy-sensitive data.

   - My fourth thought is to make some effort to anonymize the data e.g.
     by hashing the filenames and recording, say, mimetype separately.
   
   - Other suggestions?

Finally, olpc-log is now much more sensitive to the amount of free
space (and perhaps also to the amount of free memory). Conceivably, I
could rewrite it to stream its data or to be more sensitive to what
resources are available but these would be a non-trivial changes. Do you
think this is likely to be a problem?

Regards,

Michael

P.S. - I filed #8457 to record the fact that people want us to capture
more information in olpc-log.