76 comments

[ 3.6 ms ] story [ 93.0 ms ] thread
It worked so well on the browser already
The most useful part of this page is the list of optout commands to stick in my shellrc.

Is anyone maintaining a more complete list of those?

> Many CLI tools, SDKs, and frameworks collect telemetry data by default.

Any of those are using a dark pattern and before exploring new ways to opt out you should look for and spend your energy on an alternative which respects your freedoms upfront.

I was surprised how hard it was to stop the Python transformers library from phoning home to Hugging Face. I set HF_HUB_DISABLE_TELEMETRY=1, and when I called Wav2Vec2CTCTokenizer.from_pretrained I explicitly passed local_files_only=True, but still I got got a warning about not having a valid HF_TOKEN. It wasn't until I stumbled upon HF_HUB_OFFLINE=1 that I'm somewhat confident that I'm not making outgoing connections to HF every time I load a wav2vec2 model from disk.

I wouldn't have realized this was happening at all if it weren't for the obnoxious HF_TOKEN warning.

Does something like Little Snitch catch these to help find the things doing hidden shenanigans?
Yes, it would flag an outbound connection from the Python process.
(comment deleted)
Looks like a helpful honeypot! Any tool that will public announce support for this spec is a tool I know to avoid because it collects telemetry without explicit opt-in in the first place.
Given the URL and list of different opt-outs I thought this was going to be a shell script to set all these for you. In fact, I've just had an idea...
Also this, we disable it when building or deploying apps in DollarDeploy

export SEMGREP_SEND_METRICS=off export COLLECT_LEARNINGS_OPT_OUT=true export STORYBOOK_DISABLE_TELEMETRY=1 export NEXT_TELEMETRY_DISABLED=1 export SLS_TELEMETRY_DISABLED=1 export SLS_NOTIFICATIONS_MODE=off export DISABLE_OPENCOLLECTIVE=true export NPM_CONFIG_UPDATE_NOTIFIER=false

He’s better off vibecoding an include.sh that sets all the known do not track env vars for you.
Default opt-in tracking should be illegal and enforced with such fines and prison sentences, that companies wouldn't even dare to have anything remotely capable of tracking in the runtime.

Unfortunately big corporations can always find away to make regulators see no problem.

> Default opt-in

This is called opt out.

I thought it would be a sh script to automatically set the flags for all known do not track env vars.
(comment deleted)
Honest question, what's the problem with crash dumps that include no personal info? They just help make the software less buggy. I also don't see an issue with anonymized usage patterns (this feature was used X times this month, this one Y times, etc).

Can someone expound on what they see as a problem?

Anyone on the path potentially learns something about your system and your software use.

Your IP during connection exposes your rough location.

Crash logs rarely are completely anonymized so both together can additionally serve as a way to re-identify the user.

The only way to properly transmit telemetry data would be Tor. And no, even then I don’t want my tools to report back my use. It’s simply not required, and data minimization is part of my set of ethics, and I’m happy that EU/GDPR sees it the same way. Not all data that you think is worth something to you is morally right to collect. You send data somewhere, even just to check for updates - ask me first. I do not want my hammer to report back how many nails I hammered in. I don’t want my software to reach out to the world without my consent.

They expose to the developer that someone was using their software behind that IP address at that time. It also can frequently include private information. The events that occur on my computer are mine and do not belong to the developer of the software.
This is set up for the same fate as DNT in browsers. Collecting all the "do not track" env vars into a single "do_not_track.env" file, however, may not be a bad idea...
I’m morally opposed to the notion of optimizing the opt-out mechanism. I want a standardized opt-in mechanism, like:

  export ALLOW_TRACKING=telemetry,crash_dumps
and the absence of such a setting means “fuck off, don’t spy on me”. It’s not my responsibility to turn off apps wanting to track me. It’s their responsibility to get me to authorize their specific flavor of tracking.
The issue is that it is not enforced. My version of My IP will tell you if 'Do Not track' and 'Global Privacy Control' are set by your browser but it is up to the website to honour your requests. Check if your browser is sending them by visiting: https://fshot.org/utils/myip.php
Privacy should be treated as a right, not something that can be abused for money. Love the idea of this
No, it should be a required (by law) opt-in TRACK_ME_I_DO_NOT_CARE_OR_AM_A_TEAPOT=418.

The proposed way just normalizes tracking.

And setting that env var should require a notarized consent to track contract that has an expiration of at most 60 days and has penalties of jail time for any data related to that telemetry, anonymized or not that is shared with a third party, for any reason, including but not limited to fulfilling the service the business purports to be providing.

It should be much more difficult to collect data than to opt out of collection.

I don't think there is any way to stop people from tracking you. Technically speaking, you can pretty much always be tracked. Even if you eliminated all third party requests you could still be tracked. Downloads, logins, queries, etc all can be tracked. Virtually all software now has the "continuously upgrade to the latest version" bullshit so you are tracked every time you open the app. Even if you turn it off, they stop the app from working until you upgrade, so they force you to be tracked.

I think the only solution is to make it law that you can't track anyone for any reason without their consent, and can't sell consensual tracking data without an additional consent agreement. It would be a huge blow to the advertising industry, so it will never be made law, but it's the only thing that would work.

You can also use network namespaces to simply block internet access for certain processes. It can even be finetuned with whitelists or blacklists.
This is just sad. Luckily I do not use any of the listed programs. I threw out Homebrew many years ago when they started this nonsense.

The only tool I have installed currently that does %/"($& like this is Deno (required for yt-dlp now). It phones happily home even if you wrap it into a wrapper script that forces the env variable (in no way I'll pollute my default environment with stuff like this):

    $ cat /usr/local/bin/deno
    #!/bin/sh
    exec env DENO_NO_UPDATE_CHECK=1 /usr/local/packages/deno/latest/bin/deno "$@"

I wish bad dreams to whoever puts such crap into their software! Thankfully I have Little Snitch to catch most of those kind of invasions of my privacy.
Am I the only one who also finds it comical that rejecting cookies requires a cookie.