On Thu, Dec 26, 2019 at 12:41:34PM +0100, Jonas Smedegaard wrote: > All of those activities are problematic, because they leak privacy. > > First point is useless for packaged software and the code should be > patched to skip it. > > Second point is ideally useless as well, because plugins should be > packaged as well. > > Third point is, for the user, useless as well.
A good part of plugins won't ever be packaged. I have a strong opinion about privacy, but security is also a concern. Thus, I'd suggest a policy like: A program may auto-update its plugins/etc only if a given origin has been enabled; installing something from an origin may be considered by default to be a consent to check for further updates from that origin. For example, this is the behaviour of Apt: it enables by default origin=Debian (or Ubuntu, Devuan, Mint...) if you install from that distribution's media, plus any explicitly added apt sources. For Firefox, it'd mean that polling for updates from mozilla.org should (absent a non-default configuration to the contrary) be done if there's at least one non-packaged extension installed. > I recommend to patch to disable all three mechanisms. > > ...but that's not what you asked about. > > I don't think Debian forbid privacy-leaky behaviours. Aye, I say we should add this at least to the Policy -- if not the Social Contract. I believe the Dissident's Test should apply to not just licenses, but also to building and running packaged software. > If you choose to not voluntarily disable these mechanisms for the Debian > packaging, then at least consider mention explicitly these behaviours in > long description, and list them at https://wiki.debian.org/PrivacyIssues +1 Meow! -- ⢀⣴⠾⠻⢶⣦⠀ A MAP07 (Dead Simple) raspberry tincture recipe: 0.5l 95% alcohol, ⣾⠁⢠⠒⠀⣿⡁ 1kg raspberries, 0.4kg sugar; put into a big jar for 1 month. ⢿⡄⠘⠷⠚⠋⠀ Filter out and throw away the fruits (can dump them into a cake, ⠈⠳⣄⠀⠀⠀⠀ etc), let the drink age at least 3-6 months.