coreboot

Autoport doesn't generate the contents of those logs directly; it runs other tools and then parses the output of some of them. Currently it runs acpidump, which dumps the binary contents of all the ACPI tables as hexadecimal to the aucpidump.log file. Acpidump does have a -b flag which dumps them to separate binary files, which would make it easier to redact individual tables such as the SLIC table. So perhaps a solution is to change the command autoport runs to acpidump -b and then delete the slic.dat file by default with a message saying it has been deleted to protect their activation key. A flag for "unredacted mode" could also be added to include it and any other things that might be wiped in the future, in case the user doesn't intend to post the logs and is just running autoport as a convenient log dumper for their own use.

As you've said, there are other things that could be redacted like MAC addresses or serial numbers, but some of that probably wouldn't scale well to implement in autoport since there are many places such things may appear. MAC addresses might show up in lspci register dumps for network cards, and autoport can't account for every possible network card that's out there. Serial numbers in standardized dmidecode entries might be possible to redact, though there could also be non standard OEM entries that also contain some information. Ultimately the user is always responsible for what they post online; if there are other things they do not wish to include it is up to them to ensure it is not included.

Nicholas Chin wrote in #note-2:

Autoport doesn't generate the contents of those logs directly; it runs other tools and then parses the output of some of them. Currently it runs acpidump, which dumps the binary contents of all the ACPI tables as hexadecimal to the aucpidump.log file. Acpidump does have a -b flag which dumps them to separate binary files, which would make it easier to redact individual tables such as the SLIC table. So perhaps a solution is to change the command autoport runs to acpidump -b and then delete the slic.dat file by default with a message saying it has been deleted to protect their activation key. A flag for "unredacted mode" could also be added to include it and any other things that might be wiped in the future, in case the user doesn't intend to post the logs and is just running autoport as a convenient log dumper for their own use.

Thanks for explaining, technically all tools are functioning "correctly" but autoport already greets us with 2 questions, maybe a 3rd question or reminder that autoport data/logs might include those valuable license data would be appropriate?

As you've said, there are other things that could be redacted like MAC addresses or serial numbers, but some of that probably wouldn't scale well to implement in autoport since there are many places such things may appear. MAC addresses might show up in lspci register dumps for network cards, and autoport can't account for every possible network card that's out there. Serial numbers in standardized dmidecode entries might be possible to redact, though there could also be non standard OEM entries that also contain some information.

I understand that this part with all its variation should not be the solution because there always will be some strange OEM variant not fitting the filter.

Ultimately the user is always responsible for what they post online; if there are other things they do not wish to include it is up to them to ensure it is not included.

Still true, but a warning(blocking) just before starting autoport with references to parts of the ACPI/DSDT dump that might need manual cleanup could be helpful?