incubator-cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Bailey <>
Subject Re: opscentrer is spying
Date Thu, 20 Jun 2013 16:13:07 GMT
Thanks everyone. We always appreciate constructive criticism.

Regarding what OpsCenter collects, we completely agree it should be
documented more clearly. You can expect to see an update to the
documentation later today. I will update this thread once that goes live.

Regarding notifying the user when installing, we agree this process should
be more transparent to the user. Adding that information as well as making
it easier to disable will be a high priority for the OpsCenter team.
Obviously that will take more time than documentation, but hopefully that
feature will be out soon as well.


On Thu, Jun 20, 2013 at 7:57 AM, Peter Lin <> wrote:

> I use Cassandra, but I don't use OpsCenter.
> Seems like it would be in everyone's best interest to clearly define what
> data OpsCenter collects today, what OpsCenter won't collect and a promise
> to users none of the data will be used without first getting a customer's
> approval.
> I can understand the desire to collect general statistics, since it helps
> developers get a sense of how cassandra is used in production. I'm guessing
> these types of security issues can be easily addressed by improving EULA,
> documentation and communication.
> my bias 2 cents as a user.
> peter
> On Thu, Jun 20, 2013 at 8:49 AM, Radim Kolar <> wrote:
>>  OpsCenter collects anonymous usage data and reports it back to DataStax.
>>> For example, number of nodes, keyspaces, column families, etc. Stat
>>> reporting isn't required to run OpsCenter however. To turn this feature
>>> off, see the docs here (stat_reporter):
>> You never informed user that installing your crap will get him spyed
>> upon. Thats very different from Firefox which asks for permission before
>> sending data back and presents both choices to user.
>>  1. You do not have documented what information and how often you are
>> going to spy
>>  2. how you are processing this information, which is required by EU law.
>>  3. In your crap EULA you demand right to present any user of your
>> spyware to public for PR purposes.
>>  4. You guys tried to add spyware into apache cassandra and got huge
>> negative response on cassandra-dev. You will simply never learn lesson.
>> I dont trust Datastax:
>> 1 .I am responsible for data security because we have sensitive data in
>> database. Because you are spying by default, we can not trust that due to
>> our admin mistake your spyware will not be left enabled.
>> 2. We can not trust you that configuring that particual option really
>> turns spying off. There might be bug in code or option can change name
>> 3. We do not like to be spyed by software holding sensitive data
>> 4. Spying is not anonymous - you will get IP address of reporter - you
>> will see what company is using your product and from keyspace/CF names you
>> can easily guess for what it is beeing used. If you do not spy keyspace/CF
>> names yet you can do it in future since you have no clear privacy "what we
>> spy" policy.
>> I improved cassandra nagios plugin to fit our needs and give red stop
>> sign to sw made by datastax.

View raw message