When running wizznic I get this warning on the commandline:
Thread: system('wget http://dusted.dk/wizznic/commit.php -O - -q --user-agent=wizznicLinux --timeout=10 --tries=1 --post-data="version=v0.9.2-preview2&pack=/usr/share/games/wizznic/packs/000_wizznic&level=0&time=0&moves=0&combos=0&score=0&action=check"') Failed.
This indicates that wizznic is calling home without my permission. That
is unacceptable, please get upstream to remove it or prompt me for
permission.
I cannot replicate the bug: I removed wizznic configs prior to installing the debian package (for i386): rm -R ~/.wizznic Then installed the packages from unstable: dpkg -i wizznic* Then ran wizznic: wizznic Pressing control after the intro/demo screen, gives me === Information stuffs, which tells people about the feature. I've attached screenshots. Where people are able to either press CTRL to accept/continue OR press ALT to reject and turn off the feature. Before this have been done, the feature is disabled and no data will be sent. Furthermore in options there is an option to disable or enable if one changes mind about it later. I will not ask people upon every single upstart/levelchange as this will not allow me to gather statistics. I gather stats to follow the distribution of installations (windows/linux) and to figure out the ordering/difficulty of the levels. I'm sorry for any inconvinience this have caused my packager. Best Regards Jimmy Christensen / Wizznic author
Firstly I'd like to apologise for not having responded sooner. On the Debian bug tracking system, submitters are not subscribed by default, you need to CC them if you want them to read your replies. I am sorry, it appears I was not aware of this feature. I probably just saw a wall of text and the press Ctrl thing at the bottom and pressed Ctrl to get through. I think that just shows that the implementation of the feature in 0.9.2 has some usability issues. I have taken a look at the code and the stats screen again and I have some suggestions for changes to make it more usable and secure: Re-implement the initial screen to look like this: Alt to not send statistics Ctrl to send statistics Shift for privacy policy The third option should bring up your privacy policy so people can read about what you plan to do with the submitted information. Using the system() function is a bad idea because it passes a full command to the shell and inclusion of shell meta-characters can interfere with the command running correctly. You should use the fork and exec functions on Linux instead. For Windows I don't think there is any way around this issue. Use a https URL instead of http, to protect the info that is sent from people who are monitoring the network connection. Use certificate pinning to prevent compromise of SSL CAs allowing compromise of the info that is sent, more info here: http://www.thoughtcrime.org/blog/authenticity-is-broken-in-ssl-but-your-app-ha/ BTW, why doesn't your github repository have any tags in it?
for submitting the data (wget on Linux) is not installed. I didn't check if you are doing this already.
Hello, Good morning, We have gone through your samples from a partner and Here is our Order List. Please do bear in mind that we are very much in need of this order, quote your competitive prices. Kindly send the Order confirmation. Your early reply will be much appreciated. Best Regards, Maryanah Erwin. PT FINDORA INTERNUSA Jln Pahlawan 66 Kec. Arjawinangun 45162 CIREBON West-Java INDONESIA tel : +62 231 357334 fax: +62 231 357260 email: marketing@findora.com