The current problem report in Parallels 6 says 'No personal information will be collected'. However.. the default settings for a problem report include logfiles with LOTS of personal information in them are being sent. I would recommend that you change the statement to include the possibility that personal and security related information will be in the problem report. If parallels isn't collecting it after-the-fact .. that should be made clear. Specifically: - The screen shots have LOTS of possibility for information compromise depending on what else one was doing when the problem report is generated. - The Installed Software list contains revisions, which can be used for targeted attacks. - Host Hardware contains all connected interfaces, for Firewall/Bridge machines this is a bad information leak. - system.log contains valid calls to sudo are posted here, which gives a convenient list of users enabled for sudo All of these logs contain various piece of personal information including ipaddresses, macaddresses, full name, etc. which can certainly construed as 'personal information'. Might be worth some time to clean this up and make it more security and privacy aware.
