incubator-cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Bailey <>
Subject Re: opscentrer is spying
Date Thu, 20 Jun 2013 20:31:27 GMT
As promised, updated docs detailing the data collected by OpsCenter are now


On Thu, Jun 20, 2013 at 12:34 PM, Alain RODRIGUEZ <>wrote:

> Good, fast and appreciated reaction from Datastax.
> Also thanks to Radim for the warning.
> Alain, Opscenter-free user.
> 2013/6/20 Nick Bailey <>
>> Thanks everyone. We always appreciate constructive criticism.
>> Regarding what OpsCenter collects, we completely agree it should be
>> documented more clearly. You can expect to see an update to the
>> documentation later today. I will update this thread once that goes live.
>> Regarding notifying the user when installing, we agree this process
>> should be more transparent to the user. Adding that information as well as
>> making it easier to disable will be a high priority for the OpsCenter team.
>> Obviously that will take more time than documentation, but hopefully that
>> feature will be out soon as well.
>> -Nick
>> On Thu, Jun 20, 2013 at 7:57 AM, Peter Lin <> wrote:
>>> I use Cassandra, but I don't use OpsCenter.
>>> Seems like it would be in everyone's best interest to clearly define
>>> what data OpsCenter collects today, what OpsCenter won't collect and a
>>> promise to users none of the data will be used without first getting a
>>> customer's approval.
>>> I can understand the desire to collect general statistics, since it
>>> helps developers get a sense of how cassandra is used in production. I'm
>>> guessing these types of security issues can be easily addressed by
>>> improving EULA, documentation and communication.
>>> my bias 2 cents as a user.
>>> peter
>>> On Thu, Jun 20, 2013 at 8:49 AM, Radim Kolar <> wrote:
>>>>  OpsCenter collects anonymous usage data and reports it back to
>>>>> DataStax. For example, number of nodes, keyspaces, column families, etc.
>>>>> Stat reporting isn't required to run OpsCenter however. To turn this
>>>>> feature off, see the docs here (stat_reporter):
>>>> You never informed user that installing your crap will get him spyed
>>>> upon. Thats very different from Firefox which asks for permission before
>>>> sending data back and presents both choices to user.
>>>>  1. You do not have documented what information and how often you are
>>>> going to spy
>>>>  2. how you are processing this information, which is required by EU
>>>> law.
>>>>  3. In your crap EULA you demand right to present any user of your
>>>> spyware to public for PR purposes.
>>>>  4. You guys tried to add spyware into apache cassandra and got huge
>>>> negative response on cassandra-dev. You will simply never learn lesson.
>>>> I dont trust Datastax:
>>>> 1 .I am responsible for data security because we have sensitive data in
>>>> database. Because you are spying by default, we can not trust that due to
>>>> our admin mistake your spyware will not be left enabled.
>>>> 2. We can not trust you that configuring that particual option really
>>>> turns spying off. There might be bug in code or option can change name
>>>> 3. We do not like to be spyed by software holding sensitive data
>>>> 4. Spying is not anonymous - you will get IP address of reporter - you
>>>> will see what company is using your product and from keyspace/CF names you
>>>> can easily guess for what it is beeing used. If you do not spy keyspace/CF
>>>> names yet you can do it in future since you have no clear privacy "what we
>>>> spy" policy.
>>>> I improved cassandra nagios plugin to fit our needs and give red stop
>>>> sign to sw made by datastax.

View raw message