Comment by lucideer
7 years ago
This look great—have bookmarked it for future projects.
I would however a little more skeptical with tools claiming to be privacy-first than I would be with GA (who I presume are not privacy-first). On that note, some quick questions:
- Any plans to open source? I've used Piwik/Matomo in the past, and while I'm not a massive fan of the code-quality of that project, it's at least auditable (and editable).
- You say you're transparent about what you collect—IPs aren't mentioned on that page[0]. Are IPs stored in full or how are they handled? I assume you log IPs?
- How do you discern unique page-views? You seem to be dogfooding and I see no cookies or localStorage keys set.
- No plans to go open source with the backend, but I do show the code that is run in the browser. The visualisation of the data is not super important I think. - I don't save IP's, not even in the logs. - I don't have unique pageviews at the moment. I will in the future. If the referrer is the same as the current page, I will measure that as a non-unique. What do you think?
If you don't go open source, will you at least offer paid self-hosting (similar to what e.g. Atlassian offers).
The idea of privacy is much easier to sell if the data never leaves your own server, instead of using some analytics provider that might be run by the CIA or the Russian mafia for all we can prove.
I think self-hosting is possible with matomo.org
> What do you think?
Apart from the unfortunate non-open-source answer, this sounds great!
I get others' concerns about wanting unique pageviews, but that metric is always a bit of a sketchy either-or for extremely privacy-conscious people. It's both an incredibly valuable metric, and also one that's difficult to square with complete privacy (basically it's always going to be pseudonymous at best).
If you need an open-source solution that truly cares about privacy yet can still keep track of unique pageviews, there's always Fathom Analytics (https://github.com/usefathom/fathom).
2 replies →
Have you considered using a shared-source license where they can inspect and build from source that they have to pay for? And where people can obtain the source freely for academic research and/or security reviews?
Shared-source proprietary goes as far back as Burroughs B5000 mainframe whose customers got the source and could send in fixes/updates. Microsoft has a Shared Source program. Quite a few suppliers in embedded do it. There's also a company that sells UI software which gives the source to customers buying higher-priced version.
I will warn that people might still rip off and use your code. Given it's JavaScript, I think they can do that anyway with reverse engineering. It also sounds like they could build it themselves anyway. Like most software bootstrappers or startups, you're already in a race with other players that might copy you with clean slate implementations. So, I don't know if the risk is that big a deal or not. I figured I should mention it for fairness.
Could a bloom filter be useful here?
Doesn't seem like a very useful measure of uniqueness.
What if you had one-day retention of IP addresses for per-day unique views? Seems like too important of a metric to eliminate completely, and one-day retention seems like a decent trade-off at the expense of being able to do unique analysis over longer time periods.
Don’t retain the IP address, retain a hash of the IP address.
7 replies →
> No plans to go open source with the backend
You say that you do not store IP addresses, but why should anybody believe it?
Modern security is based on proof, not on trust.
> You say that you do not store IP addresses, but why should anybody believe it?
I can show the code, I will probably do this in my next blog post, but that does not guaranty anything.
> Modern security is based on proof, not on trust.
Is it? So if there is a hosted version of a open source tool, you are sure they use the same code on the hosted version a in the open source tool? It's still based on trust.