Oddbean new post about | logout
laanwj | 1 months ago (raw) | root | parent | reply | flag +2 
 with any kind of automated bug reporting tool it's hard to make sure that no private data ends up in it, it's not the first time that this happens and won't be the last
(this is one reason why bitcoin core has nothing of the kind)

i do however respect a lot how they're owning up to the mistake and publicly admitting it, instead of being sneaky about it
they could have said nothing and no one would likely ever have known
melvincarvalho | 1 months ago (raw) | root | parent | reply | flag +3 
 Sending user data to 3rd parties IS actually sneaky.  You are required by law to inform the user, among other things, and with good reason.  Whenever this is brought up some devs are dimissive, and over-confident.  More often they will deflect the problem by attacking the reporter.  Staab is the worst I've seen for this.  That is why I will call it out.  Dont send user data to 3rd parties without consent.  This is not controversial in the SLIGHTEST.
laanwj | 1 months ago (raw) | root | parent | reply | flag 
 it would be good to ask, sure, but reporting a bug from the application could be seen as a form of consent, it's extremely common for application to send their entire state dump to aid in debugging when you do this
(as most normal users have a hard time formulating precise bug reports with the relevant information, nor responding when asked, this increases the chance problems can be addressed quickly)
not saying it's necessarily *good* but it's unfair to single this out, there are more things at play here
laanwj | 1 months ago (raw) | root | parent | reply | flag 
 to be clear i'm assuming "send error report" is an explicit action here that could be denied/skipped, and not something that happens unattended, that would indeed be bad