• could be based on the push notification service?...the push notification service to work shoud already know how many (unique) devices use it.

  • @ds2000x said in UBPORTS Stats:

    if another request is not received again from the same device

    But this seems to be axactly the problem. we don't (want to!) to know if it is the same device or not because we don't want to track it.
    The problem to be solved is how to identify the device without the device to be idetified...

  • @aury88 said in UBPORTS Stats:

    could be based on the push notification service?...the push notification service to work shoud already know how many (unique) devices use it.

    Maybe you are right. The moment UBpots decided to run this notification service, devices are identified anyway.

    By realizing this, I am not sure if this central notification service is such a good idea never the less I appreciate a notification service very much.

    Off Topic here: Afaik @DanChapman realized a local but not battery consuming notification service for dekko2 which runs like charm on my device.

  • @bastos I think we should stop being over-sensitive with the tracking problem. There is a fundamental difference between knowing how much unique devices of which hardware and which image channel we got, as opposed to tracking activity.

    By taking a unique device id at the moment of installation and telling a server that it has been installed means just that "someone anonymous has installed ubports on a new hardware". Apps wont have access to this ID for real activity tracking. So we should allow this fingerprinting because it greatly helps us to determine the needs of the community.

    How can I plan for server resources if I do not know the exact amount of devices? Be it 1.000 or 10.000 ? Its important to see a trend also, to just in time bring in new hardware etc.

    The push server does not show any device that is not using a push service and therefore has never signed in to U1 account, so its also not reliable.

    And there is a rationale for having those registrations, if we would open up the push service to the world, soon somebody will come and use it as a zombie virus/worm control dispatcher etc. The days of free access to Internet resources is over, as we trust no one. You have to identify yourself as a legit UT user to use our push server. And the easiest way is be requesting a U1 token for that.

    A mobile device will only be as good as it has integration with some central services, and thats impossible without a minimum exchange of information. So you can choose to not use our OTA and push services, but that makes a lot things harder or impossible.

    The local notification once more: This works because Dekko can easily check POP3 and IMAP accounts for new messages. This is far more complex with Telegram: You need to establish a full blown session to the server, do some crypto talk and then load the list of chats, find out which are muted, then from the remaining ones find those with new messages, and then find out which type of message has been sent there. Plus there are notifications that arent messages at all, which you would never get. There is a reason for implementing all this code on Telegram side, and let them send this to us. Dont think local notification is in any way a trivial, not battery-consuming process.


  • I agree, @Flohack
    Again thank you and your collegues for beeing privacy sensible. But you are right. There is a limit to hystery

  • @flohack do you think there are many upborts device without push services?
    however how does the id system work?

  • @aury88 Well we dont know 🙂 - I dont think there are many, but in theory it could be a few 100.

    The Id system will generate a hash value from the device MAC address plus some other installation-dependent id. Then we split the hash in half to make it double-proof and send this as unique id to the server when asking for updates.

    This way the server can safely count unique id´s and there is no backtrace to the user. It´s even more secure than using the IP addies since they could be linked to actual users.


  • @flohack but when is the id sent? any random time? only at first ubport device start? on server request?

  • @aury88 At every time you are asking for updates, specifically OTA image updates.

  • @flohack, that is a very interesting solution! thank you!

Log in to reply