Thanks for your interest in the Ubuntu error tracker project.
As of Precise 12.04, this behavior and workflow changed. As I discovered in Bug #993450 “Apport fails to submit bug report”, by default apport no longer opens a bug report (and it is awkward but not impossible to get it to do so).
Apport never created bug reports post-release. When a release is still in development you can use apport to file Launchpad bugs (and error reports).
In a final released version of Ubuntu we now show error dialogs. This is a great improvement from a program "going away" without any feedback and the user being left wondering what just happened.
The statistics from the data collected when people choose to send these reports show up on http://errors.ubuntu.com.
I'm left with this question: how does a user learn what the status of the problem is? The blueprint now has this requirement
The user should have some way to check back on the status of their crash report; e.g. have some report ID they can look at to see statistics and/or any associated bug #. E.g. provide a serial number at time of filing that they can load via a web page later on.
I'm going to remove that. That was never the intent. The user interface is careful not to make promises about getting any feedback on the report.
These are not bug reports.
Our intent is to reduce the amount of time it takes for developers to find the most pressing issues, collect the needed information to fix them, and get the fixes to users.
We've solved the problem of finding the most pressing issues. That's the front page of http://errors.ubuntu.com.
Collecting the needed information quickly, and without involving a long feedback loop with users who are experiencing the problem is addressed in foundations-q-bucketing-improvements. The plan is to allow developers to hook into the information collection process server-side. If I need /var/log/syslog but it's not already provided, I just change a setting on http://errors.ubuntu.com and the next person who experiences the error automatically adds it to the data they're sending.
Getting fixes to users quickly is addressed in foundations-q-updates-from-crash-reports. When users submit an error report and that error has already been fixed and released, a dialog will come up asking if they would like to upgrade to the version of the software which fixes the problem they just experienced.
And how does a developer get into the game? Going to https://daisy.ubuntu.com just provides an "Incorrect Content-Type" error message.
http://daisy.ubuntu.com is not intended to be used by humans. It's there for the error reporting daemon (whoopsie) to send reports to.
It would be absolutely wonderful for other people to get involved. I'm currently the only one hacking on this full-time.
There are four parts to the system.
- Apport, which provides the desktop user interface.
- Whoopsie, which takes reports (and core dumps) created by Apport and shovels them into the error tracker server, Daisy.
- Daisy, which collects reports from Whoopsie and processes them. This is the heart of the service. It's what turns the core files into retraced reports and generates the statistics you see on http://errors.ubuntu.com.
- Errors, which is a Django-based website providing both a human readable view of the data and a RESTful API for working with it.
There is a slightly out-of-date set of scripts under the setup/ directory in lp:daisy that should give you some idea of how the pieces fit together. I've been working on juju charms to replace this. The goal is a single command to deploy the entire infrastructure in the cloud for testing and development.
You can find my email address on Launchpad if you have further development questions.
More info:
Best Answer
All crash bug reports filed by Apport are marked private by default and are only visible to people with relevant privileges (generally, the Bug Control members for bugs filed on packages from the repository).
Usually, crash bug reports don't contain any sensitive information (mostly because they don't involve software that deal with private information). However, it is still possible
CoreDump.gzandStacktrace.txtattached to the bug report contain sensitive information like the one you described. Hence, they are marked private to be on the safe side.When you are filing a bug report, you can review what information is being uploaded for your own sake. Here's an image of an Apport crash dialog.
You should closely go through the information being provided under CoreDump and Stacktrace. If it contains information that you are not comfortable being uploaded, you can cancel the process.
What about Whoopsie?
Since 12.04, Apport has been silently collecting crash data for Whoopsie without requiring any user interaction. That itself is not a direct privacy problem though because only people who signed the non-disclosure agreement have access to the Ubuntu error tracker.
See also:
A final note on Privacy policy
All bug reports you submit are covered by Ubuntu privacy policy. Quoting relevant sections from it for reference: