On 10/04/2016 06:02 PM, fauno wrote: > IMO privacy related changes to packages that don't break things should > be applied to any package, so +1 to backport them to [libre] and [pcr]!
In my opinion, [nonprism] should be optional since it was created to remove a lot of services that uses global data surveillance programs like PRISM [0], XKeyscore [1] and Tempora [2] (eg. Facebook, Twitter, etc) from our apps (eg. nonprism version of pidgin only works with XMPP and IRC). I suppose there are users would use those services from our apps since it is not a GNU FSDG mandatory requirement to remove them. Otherwise, iceweasel/icedove nonprism packages have various patches to increase not just privacy, but yes security too (eg: iceweasel allows whitelisting/blacklisting domains for purposes of cookies, popups, and addon notifiers. With those hardening/security features, iceweasel nonprism version loads, these lists revert to default settings, causing all user-made changes to be lost [3] and a lot of websites doesn't works [4]) Since it are hardening/security features like Grsecurity for our Linux-libre kernels, i propose: a) Backport **only** privacy features from iceweasel/icedove nonprism version created from those patches to libre ones to increase privacy but without break things or services. b) Use those hardening/security patches from iceweasel/icedove nonprism version and push them to new packages called iceweasel-hardening and icedove-hardening in [libre] as optional way for all users similar than our kernels (eg. linux-libre and linux-libre-grsec) c) Remove nonprism iceweasel/icedove packages in [nonprism] because we will have iceweasel-hardening and icedove-hardening and otherwise it will solve this consensus :P [0]:https://en.wikipedia.org/wiki/PRISM_(surveillance_program) [1]:https://en.wikipedia.org/wiki/XKeyscore [2]:https://en.wikipedia.org/wiki/Tempora [3]:https://labs.parabola.nu/issues/1113 [4]:https://labs.parabola.nu/issues/1114
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dev mailing list [email protected] https://lists.parabola.nu/mailman/listinfo/dev
