Debian's "popularity contest" package as threat vector?
I am wondering whether to force-uninstall Debian's popularity-contest
package as part of Stormy's installation process. It would be good to have an idea how popular Stormy is, but on the other hand, I'm not sure how anonymous the reporting is on Debian's end.
This is also relevant for users of the tor
package, who might also be at mild risk (though far less so because the number of users is so high, and doesn't reveal location of location-hidden services).
Anyone have opinions on this? I'm leaning towards checking if popularity-contest is installed and then asking if the user would like it to be removed.
EDIT: We should also discuss whether to remove it as part of Tor's installation process overall.