Better privacy with random unique device ids

[kirillt]

We introduce machine-uid crate in this PR:

• 50

The crate comes with a disclaimer:

In Linux, machine id is a single newline-terminated, hexadecimal, 32-character, lowercase ID. When decoded from hexadecimal, this corresponds to a 16-byte/128-bit value. This ID may not be all zeros. This ID uniquely identifies the host. It should be considered “confidential”, and must not be exposed in untrusted environments. And do note that the machine id can be re-generated by root.

Alternative would be generating a random device id, storing it in app data folder, sharing it privately with other devices when necessary, etc.

We've decided in favor of machine-uid because it's much easier to implement and outside entity can't figure out the ids if secure transport is utilized. But with unique random ids, unencrypted transport could be used. If privacy becomes a concern, we should implement this approach.

[kirillt]

Unique ids per app instance might be preferred over machine-uid. It provides better privacy comparing to fingerprinting, because app id is different for each installation and can be reset. After resetting versions marked with old id will look foreign for the app though, but this is probably not an issue.

For implementing unique ids, we need to implement some kind of callbacks into arklib which pass location of app data, this location is different for Desktop and Mobile versions (Android, and later iOS). It means, apps will need to pass the location to arklib during loading.

[kirillt]

Also, machine-uid is not supported on Android yet.