On 10/07/2016 10:20 AM, André Silva wrote: > On 10/04/2016 06:02 PM, fauno wrote: >> IMO privacy related changes to packages that don't break things should >> be applied to any package, so +1 to backport them to [libre] and [pcr]! > In my opinion, [nonprism] should be optional since it was created to > remove a lot of services that uses global data surveillance programs > like PRISM [0], XKeyscore [1] and Tempora [2] (eg. Facebook, Twitter, > etc) from our apps (eg. nonprism version of pidgin only works with XMPP > and IRC). I suppose there are users would use those services from our > apps since it is not a GNU FSDG mandatory requirement to remove them. > > Otherwise, iceweasel/icedove nonprism packages have various patches to > increase not just privacy, but yes security too (eg: iceweasel allows > whitelisting/blacklisting domains for purposes of cookies, popups, and > addon notifiers. With those hardening/security features, iceweasel > nonprism version loads, these lists revert to default settings, causing > all user-made changes to be lost [3] and a lot of websites doesn't works > [4]) > > Since it are hardening/security features like Grsecurity for our > Linux-libre kernels, i propose: > > a) Backport **only** privacy features from iceweasel/icedove nonprism > version created from those patches to libre ones to increase privacy but > without break things or services. > > b) Use those hardening/security patches from iceweasel/icedove nonprism > version and push them to new packages called iceweasel-hardening and > icedove-hardening in [libre] as optional way for all users similar than > our kernels (eg. linux-libre and linux-libre-grsec) > > c) Remove nonprism iceweasel/icedove packages in [nonprism] because we > will have iceweasel-hardening and icedove-hardening and otherwise it > will solve this consensus :P > > [0]:https://en.wikipedia.org/wiki/PRISM_(surveillance_program) > [1]:https://en.wikipedia.org/wiki/XKeyscore > [2]:https://en.wikipedia.org/wiki/Tempora > [3]:https://labs.parabola.nu/issues/1113 > [4]:https://labs.parabola.nu/issues/1114 > > > > _______________________________________________ > Dev mailing list > [email protected] > https://lists.parabola.nu/mailman/listinfo/dev
I just noticed that by moving the nonprism edition to to testing it causes pacman to update to libre edition. I additionally noticed that p_roxy settings are wiped and setting a proxy does not work with this version_: _icedove 1:45.4.0.deb1-1_ As it is a possible security vulnerability to those using a proxy, users should be advised of this issue... We also still never determined by consensus how to deal with this issue. I think that /your-privacy/ package should encourage users to use icedove-hardened or nonprism editions. Consensus still needed!
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dev mailing list [email protected] https://lists.parabola.nu/mailman/listinfo/dev
