On 19/10/2022 09:48, Peter Robinson wrote:
Sure but as mentioned it's public data, and the modification, and I covered that in my reply, would be picked up by the other mechanisms.
They can collect a lot of sensitive information: your IP, Fedora version, packages version, etc. This can help with recon for attackers.
There isn't actually that many mirrors left do we really want to reduce the number more for end users for no actual improvement in security?
It will improve privacy at least.
Ultimately bandwidth is expensive in a lot of parts of the world for commercial entities to provide, that's why there's mirrors.
Fedora COPR has moved to Amazon CDN. Maybe Fedora's main mirror can switch to a CDN too?
-- Sincerely, Vitaly Zaitsev ([email protected]) _______________________________________________ devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
