Re: [Update] Big Hairy Audacious Goal: Privacy Software

[Sebastian Kügler]

> Am 2017-09-22 14:48, schrieb Sebastian Kügler:
> > What I need now:
> > 
> > * Review: Please look over the proposal, make trivial fixes right
> > there, propose more comprehensible or possibly goal-altering changes
> > in the comments of that page or in this email thread
> > * If you believe this goal is worthwhile for KDE and you support it,
> > please add your name under it
> > * If you intend to actively support this goal in whatever way,
> > please also indicate this on the phab page

On zaterdag 23 september 2017 15:55:05 CEST Martin Flöser wrote:
> back in 2013 I wrote two blog posts with thoughts about FLOSS in a
> world after Snowden:
> *
> https://blog.martin-graesslin.com/blog/2013/08/floss-after-prism-privacy-by->
> default/ *
> http://blog.martin-graesslin.com/blog/2013/08/floss-after-prism-anonymity-by
> -default/
> 
> It might have some good points which might align very well with this
> proposal.

It does, I think it mostly aligns. I've taken your 5th freedom and
added it to the description, and also added a note about anonymity for
web services. I *think* the rest of your post is either already
covered, or going into to much detail for the scope of this goal.

Thanks a lot for your input!
-- 
sebas

http://www.kde.org | http://vizZzion.org

Re: [Update] Big Hairy Audacious Goal: Privacy Software

[Martin Flöser]

Am 2017-09-22 14:48, schrieb Sebastian Kügler:

Hi all,
What I need now:

* Review: Please look over the proposal, make trivial fixes right
  there, propose more comprehensible or possibly goal-altering changes
  in the comments of that page or in this email thread
* If you believe this goal is worthwhile for KDE and you support it,
  please add your name under it
* If you intend to actively support this goal in whatever way, please
  also indicate this on the phab page


Hi Sebas,

back in 2013 I wrote two blog posts with thoughts about FLOSS in a world 
after Snowden:
* 
https://blog.martin-graesslin.com/blog/2013/08/floss-after-prism-privacy-by-default/
* 
http://blog.martin-graesslin.com/blog/2013/08/floss-after-prism-anonymity-by-default/


It might have some good points which might align very well with this 
proposal.


Cheers
Martin

Re: [Update] Big Hairy Audacious Goal: Privacy Software

[Valorie Zimmerman]

Sorry for the empty reply!

On Fri, Sep 22, 2017 at 5:48 AM, Sebastian Kügler  wrote:
> Hi all,
>
> ~One month ago, I asked for input and inspiration for the KDE Goal
> "Privacy Software", see
> https://mail.kde.org/pipermail/kde-community/2017q3/003892.html
>
> I've put some more time, brainpower and patience into that, and put
> together a fairly comprehensible goal proposal, which can be found here:
>
> https://phabricator.kde.org/T7050
>
> TL;DR:
>
> "In 5 years, KDE software enables and promotes privacy"
>
> I think this is a goal which is engaging, measurable and most
> importantly worthwhile.
>
> What I need now:
>
> * Review: Please look over the proposal, make trivial fixes right
>   there, propose more comprehensible or possibly goal-altering changes
>   in the comments of that page or in this email thread
> * If you believe this goal is worthwhile for KDE and you support it,
>   please add your name under it
> * If you intend to actively support this goal in whatever way, please
>   also indicate this on the phab page
>
> Special thanks so far for the help with this go out to: Umberto,
> Martin, Volker, Alexander, Agustin, Christoph, Clemens and of course to
> Bhushan and Lydia. \o/
>
> Cheers,
> --
> sebas
>
> http://www.kde.org | http://vizZzion.org

Hey Sebas, thanks for catching the Zeitgeist -- not just of the world,
but in the world of software, and especially in the world of FOSS.

I think if the KDE community puts our backs into this, we can make
some great progress in a few months time. And once this ball gets
rolling, we'll keep it going and make it fundamental to how we build
our software.

I've added my name on Phab as being willing to work on this as I'm
able; mostly writing and promotion. Please join me there.

All the best,

Valorie

-- 
http://about.me/valoriez

Re: [Update] Big Hairy Audacious Goal: Privacy Software

[Valorie Zimmerman]

On Fri, Sep 22, 2017 at 5:48 AM, Sebastian Kügler  wrote:
> Hi all,
>
> ~One month ago, I asked for input and inspiration for the KDE Goal
> "Privacy Software", see
> https://mail.kde.org/pipermail/kde-community/2017q3/003892.html
>
> I've put some more time, brainpower and patience into that, and put
> together a fairly comprehensible goal proposal, which can be found here:
>
> https://phabricator.kde.org/T7050
>
> TL;DR:
>
> "In 5 years, KDE software enables and promotes privacy"
>
> I think this is a goal which is engaging, measurable and most
> importantly worthwhile.
>
> What I need now:
>
> * Review: Please look over the proposal, make trivial fixes right
>   there, propose more comprehensible or possibly goal-altering changes
>   in the comments of that page or in this email thread
> * If you believe this goal is worthwhile for KDE and you support it,
>   please add your name under it
> * If you intend to actively support this goal in whatever way, please
>   also indicate this on the phab page
>
> Special thanks so far for the help with this go out to: Umberto,
> Martin, Volker, Alexander, Agustin, Christoph, Clemens and of course to
> Bhushan and Lydia. \o/
>
> Cheers,
> --
> sebas
>
> http://www.kde.org | http://vizZzion.org



-- 
http://about.me/valoriez

[Update] Big Hairy Audacious Goal: Privacy Software

[Sebastian Kügler]

Hi all,

~One month ago, I asked for input and inspiration for the KDE Goal
"Privacy Software", see
https://mail.kde.org/pipermail/kde-community/2017q3/003892.html

I've put some more time, brainpower and patience into that, and put
together a fairly comprehensible goal proposal, which can be found here:

https://phabricator.kde.org/T7050

TL;DR:

"In 5 years, KDE software enables and promotes privacy"

I think this is a goal which is engaging, measurable and most
importantly worthwhile.

What I need now:

* Review: Please look over the proposal, make trivial fixes right
  there, propose more comprehensible or possibly goal-altering changes
  in the comments of that page or in this email thread
* If you believe this goal is worthwhile for KDE and you support it,
  please add your name under it
* If you intend to actively support this goal in whatever way, please
  also indicate this on the phab page

Special thanks so far for the help with this go out to: Umberto,
Martin, Volker, Alexander, Agustin, Christoph, Clemens and of course to
Bhushan and Lydia. \o/

Cheers,
-- 
sebas

http://www.kde.org | http://vizZzion.org

Re: Big Hairy Audacious Goal: Privacy Software

[Sebastian Kügler]

On vrijdag 22 september 2017 06:36:51 CEST Bhushan Shah wrote:
> On Fri, Aug 18, 2017 at 06:14:22PM +0200, Sebastian Kügler wrote:
> 
> 
> > "In 5 years, KDE software enables and promotes privacy"
> 
> Can you please submit this goal to goal settings phabricator board
> just like other ideas?

Thanks for the reminder, done so. See my latest email to this list. :)
-- 
sebas

http://www.kde.org | http://vizZzion.org

Re: Big Hairy Audacious Goal: Privacy Software

[Bhushan Shah]

Hi Sebastian,

On Fri, Aug 18, 2017 at 06:14:22PM +0200, Sebastian Kügler wrote:
> "In 5 years, KDE software enables and promotes privacy"

Can you please submit this goal to goal settings phabricator board just
like other ideas?

Thanks

-- 
Bhushan Shah
http://blog.bshah.in
IRC Nick : bshah on Freenode
GPG key fingerprint : 0AAC 775B B643 7A8D 9AF7 A3AC FE07 8411 7FBC E11D


signature.asc
Description: PGP signature

Re: Big Hairy Audacious Goal: Privacy Software

[Dr.-Ing. Christoph Cullmann]

Hi,

> On Mon, 21 Aug 2017 21:58:32 +0200
> Alexander Neundorf  wrote:
> 
>> On 2017 M08 18, Fri 18:14:22 CEST Sebastian Kügler wrote:
>> > "In 5 years, KDE software enables and promotes privacy"
>> 
>>  ... does that kind of imply that we need to offer a range of
>> applications which cover the most privacy-sensitive topics, e.g. a
>> competetive web browser ?
> 
> On the one hand, yes. On the other hand, our goal should be realistic,
> and I don't think "offering our own competitive web browser" ticks that
> box. We've been there, we've done that, we succeeded to some degree in
> the most spectacular way (think where KHTML successors are shipped and
> what they brought to the eco system) and failed in other dimensions
> (think about the state of KHTML and our own web browser offering
> nowadays).
> 
> What's probably a lot more realistic and worthwhile is
> to we make integration for web browsers that do respect privacy work
> really well. Integrating Tor really well would also be a good idea in
> that regard.
Actually, we are ATM trying to incubate a new "browser" as replacement for
the old Konqueror that is more or less unmaintained and will then vanish.

(was discussed during the konqueror BoF at Akademy this year)

It is QWebEngine based, see

http://blog.qupzilla.com/2017/08/qupzilla-is-moving-under-kde-and.html
https://community.kde.org/Incubator/Projects/QupZilla

But this process is only at its early stage.

Greetings
Christoph

-- 
- Dr.-Ing. Christoph Cullmann -
AbsInt Angewandte Informatik GmbH  Email: cullm...@absint.com
Science Park 1 Tel:   +49-681-38360-22
66123 Saarbrücken  Fax:   +49-681-38360-20
GERMANYWWW:   http://www.AbsInt.com

Geschäftsführung: Dr.-Ing. Christian Ferdinand
Eingetragen im Handelsregister des Amtsgerichts Saarbrücken, HRB 11234

Re: Big Hairy Audacious Goal: Privacy Software

[Sebastian Kügler]

On Mon, 21 Aug 2017 21:58:32 +0200
Alexander Neundorf  wrote:

> On 2017 M08 18, Fri 18:14:22 CEST Sebastian Kügler wrote:
> > "In 5 years, KDE software enables and promotes privacy"  
> 
>  ... does that kind of imply that we need to offer a range of
> applications which cover the most privacy-sensitive topics, e.g. a
> competetive web browser ?

On the one hand, yes. On the other hand, our goal should be realistic,
and I don't think "offering our own competitive web browser" ticks that
box. We've been there, we've done that, we succeeded to some degree in
the most spectacular way (think where KHTML successors are shipped and
what they brought to the eco system) and failed in other dimensions
(think about the state of KHTML and our own web browser offering
nowadays). 

What's probably a lot more realistic and worthwhile is
to we make integration for web browsers that do respect privacy work
really well. Integrating Tor really well would also be a good idea in
that regard.
-- 
sebas

http://vizZzion.org   ⦿http://www.kde.org

Re: Big Hairy Audacious Goal: Privacy Software

[Agustin Benito (toscalix)]

Hi,

when talking about privacy / security, it comes to my mind the idea of
trustable software: https://trustable.gitlab.io/

Best Regards
Agustin Benito (toscalix)
KDE eV member
Profile: http://es.linkedin.com/in/toscalix


On Mon, Aug 21, 2017 at 8:58 PM, Alexander Neundorf  wrote:
> On 2017 M08 18, Fri 18:14:22 CEST Sebastian Kügler wrote:
>> Hi all,
>>
>> I spent some time thinking and working on a proposal for the big hairy
>> audacious goal (1), the goal that the KDE community sets for itself to
>> strive for in the next five years. (Context: re-read the thread started
>> by Kevin with the subject "Proposal: Have the Community Set Ambitious
>> Goals for Itself".
>>
>> [1] https://en.wikipedia.org/wiki/Big_Hairy_Audacious_Goal
>>
>> I'll try to keep this email short, but I guess I won't be able to,
>> given scope, importance, complexity and the general mess in my head
>> regarding this topic.
>>
>> What I wanted to do...
>>
>> I wanted to write a goal that is snappy to read, easy to understand,
>> engaging, worthwhile and measurable. What I came up with so far is:
>>
>> "In 5 years, KDE software enables and promotes privacy"
>
>  ... does that kind of imply that we need to offer a range of applications
> which cover the most privacy-sensitive topics, e.g. a competetive web browser
> ?
>
> Alex
>

Re: Big Hairy Audacious Goal: Privacy Software

[Alexander Neundorf]

On 2017 M08 18, Fri 18:14:22 CEST Sebastian Kügler wrote:
> Hi all,
> 
> I spent some time thinking and working on a proposal for the big hairy
> audacious goal (1), the goal that the KDE community sets for itself to
> strive for in the next five years. (Context: re-read the thread started
> by Kevin with the subject "Proposal: Have the Community Set Ambitious
> Goals for Itself".
> 
> [1] https://en.wikipedia.org/wiki/Big_Hairy_Audacious_Goal
> 
> I'll try to keep this email short, but I guess I won't be able to,
> given scope, importance, complexity and the general mess in my head
> regarding this topic.
> 
> What I wanted to do...
> 
> I wanted to write a goal that is snappy to read, easy to understand,
> engaging, worthwhile and measurable. What I came up with so far is:
> 
> "In 5 years, KDE software enables and promotes privacy"

 ... does that kind of imply that we need to offer a range of applications 
which cover the most privacy-sensitive topics, e.g. a competetive web browser 
?

Alex

Re: Big Hairy Audacious Goal: Privacy Software

[Sebastian Kügler]

On vrijdag 18 augustus 2017 18:14:22 CEST Sebastian Kügler wrote:
> Your thoughts and input?

Thanks all, for the rather useful input! It's definitely something I can work 
with!
-- 
sebas

http://www.kde.org | http://vizZzion.org

Re: Big Hairy Audacious Goal: Privacy Software

[Volker Krause]

On Saturday, 19 August 2017 13:37:54 CEST Volker Krause wrote:
> On Friday, 18 August 2017 18:14:22 CEST Sebastian Kügler wrote:
> > So, I could use some help with this, in the form of how this can be
> > structured, in what form it will be useful, more ambitious, and very
> > importantly measurable: I want us to be able to sit down in two years
> > and check: Are we on track? Do we need to change our approach? Do we
> > need to work harder? And of course: Did we achieve our goal?
> > 
> > Your thoughts and input?
> 
> Obviously an idea I can support :)
> 
> I have been looking a bit into how to verify the leak and transport
> encryption aspects. Using something like
> https://github.com/iovisor/bcc/blob/master/tools/tcpconnect.py as a
> low-impact long-term recording and adding a decent filter/aggregation tool
> for the result should allow us to also find rare short-lived TCP
> connections and pin them on the responsible application.
> 
> Port numbers provided by this give a first hint on transport encryption, but
> I'm still hoping for something better to verify this automatically and with
> a lower impact than a long running Wireshark session.

Despite the still very primitive tools and just a few hours worth of data, 
there is actually a surprising amount of findings...

Lacking transport security:
- https://phabricator.kde.org/D7408
- https://phabricator.kde.org/D7414
- https://phabricator.kde.org/D7428
- a number of feeds on planet.kde.org

Unnecessary network operations:
- https://phabricator.kde.org/D7410
- https://phabricator.kde.org/D7438

Dubious SSL code:
- https://phabricator.kde.org/D7439

Anyway, I think this proves the approach is viable :)

> Another aspect to check might be if we are still storing sensitive
> information like passwords outside of KWallet.

Clear and consistent UI language around network-related options is probably 
also worth looking into. It's pretty clear that e.g. adding a mail account 
will involve network operations, but it's far less clear if that is properly 
configured regarding transport security. And for options like "Enable Gravatar 
support" many people might not realize that this involves sending data to a 
web service.

Reviewing SSL error handling code could also be interesting, considering 
D7439.

Regards,
Volker


signature.asc
Description: This is a digitally signed message part.

Re: Big Hairy Audacious Goal: Privacy Software

[Volker Krause]

On Friday, 18 August 2017 18:14:22 CEST Sebastian Kügler wrote:
> So, I could use some help with this, in the form of how this can be
> structured, in what form it will be useful, more ambitious, and very
> importantly measurable: I want us to be able to sit down in two years
> and check: Are we on track? Do we need to change our approach? Do we
> need to work harder? And of course: Did we achieve our goal?
> 
> Your thoughts and input?

Obviously an idea I can support :)

I have been looking a bit into how to verify the leak and transport encryption 
aspects. Using something like https://github.com/iovisor/bcc/blob/master/
tools/tcpconnect.py as a low-impact long-term recording and adding a decent 
filter/aggregation tool for the result should allow us to also find rare 
short-lived TCP connections and pin them on the responsible application.

Port numbers provided by this give a first hint on transport encryption, but 
I'm still hoping for something better to verify this automatically and with a 
lower impact than a long running Wireshark session.

Another aspect to check might be if we are still storing sensitive information 
like passwords outside of KWallet.

Regards,
Volker

signature.asc
Description: This is a digitally signed message part.

Re: Big Hairy Audacious Goal: Privacy Software

[Martin Flöser]

Am 2017-08-18 18:14, schrieb Sebastian Kügler:


So, I could use some help with this, in the form of how this can be
structured, in what form it will be useful, more ambitious, and very
importantly measurable: I want us to be able to sit down in two years
and check: Are we on track? Do we need to change our approach? Do we
need to work harder? And of course: Did we achieve our goal?

Your thoughts and input?


I like this idea. Personally I would suggest to combine it with a strive 
for security. IMHO we cannot be privacy aware if we have huge security 
issues which allow to get to the users passwords. This would include for 
example switching to Wayland by default (security and X are just two 
things which don't go well together).


On the measuring part I agree that it's difficult. I would suggest to 
come up with a list of tasks which we need to implement and then check 
how many of these are implemented in a time frame.


Cheers
Martin

Re: Big Hairy Audacious Goal: Privacy Software

[Umberto Tozzato]

I'm an outsider, so sorry for the intermission, but i think Sebastian goal
is the single most important of all, so I wanted to throw my 2cents.

For several reasons:
- Gnome totally gave up on privacy. They are "integrated" into the
"clouds", and doesn't seems to care.
- It's a real issue. One that nobody so far took to heart seriously enough
IMO
- It's in the media and will become even bigger in the coming years
- starting early it's always a good thing, and having a DE who focuses on
it can spawn other project into focusing themselves into it

BUT, I'd go a little deeper:
- it's not just privacy, it's doing the same things you could do with - say
Google Drive - but with no man-in-the-middle
- also very important is informing the users. Sure, the target user of KDE
is probably aware of the problem, but sometimes you need to be pedantic.
It's like starting a diet where you need a certain amounts of diligence.
Clouds services are delicious cakes, easy to consume and tasty. A privacy
focused program will probably never be as juicy as those (after all, the
amount of ppl working at - say Google Docs - is order of magnitude bigger
compared to LibreOffice), so the choice cannot be based on practicality,
rather on self preservation (eg: you must invert the "path of least
resistance", and impose your will on the issue).

Goodbye and keep up the good job!
--
Umberto

On Aug 18, 2017 18:14, "Sebastian Kügler"  wrote:

Hi all,

I spent some time thinking and working on a proposal for the big hairy
audacious goal (1), the goal that the KDE community sets for itself to
strive for in the next five years. (Context: re-read the thread started
by Kevin with the subject "Proposal: Have the Community Set Ambitious
Goals for Itself".

[1] https://en.wikipedia.org/wiki/Big_Hairy_Audacious_Goal

I'll try to keep this email short, but I guess I won't be able to,
given scope, importance, complexity and the general mess in my head
regarding this topic.

What I wanted to do...

I wanted to write a goal that is snappy to read, easy to understand,
engaging, worthwhile and measurable. What I came up with so far is:

"In 5 years, KDE software enables and promotes privacy"

Problem with this is: Arguable, this is already the case today, so it
sucks as a goal since it allows us to do or change nothing, it's not
measurable, and I haven't figured it out how to make it measurable.
It's simply too vague.

Alright, so I sat down and tried to make it more concrete, by adding
lots of bullet points and thoughts, but I don't think it's much better.
I'll post them here:

KDE software protects and enables users privacy by:

- During normal usage it doesn't leak information to other users or
  online services when this is not expected to happen
- Examples: Typing into KRunner or using the desktop search will
  not produce artifacts online, but downloading new wallpapers from
  the Store may lead to the user leaving traces, this is expectable
  and reasonable
- KDE Tools provide sound and state-of-the-art methods for using
  private communication, such as encrypted communication with other
  services. Examples:
- Communication and data exchange with online services uses SSL
  encryption (or similar)
- KMail offers well-integrated GPG encryption and makes it easy and
  straight-forward to use encryption to talk to mail servers, it
  works well with a number of privacy-respecting email service
  providers
- KDE software covers most use-cases to allow the user to privately
  communicate and store his per personal information on services that
  are known to protect the user's privacy
- top notch support for self-hosted email, file storage, cloud
  storage, collaborative editing, file sharing

Measuring (this is *really* lacking):
- what the press writes about us
- what our users think (online fora, polls, e.g.)
- own website promotes privacy (is this central to our communication?)

Tools (can be made more concrete once the above points are fleshed out):
- strategy promotes privacy down into details, see the above
- collaboration with EFF, other organisations (Whonix, Tor, ...?)


So, I could use some help with this, in the form of how this can be
structured, in what form it will be useful, more ambitious, and very
importantly measurable: I want us to be able to sit down in two years
and check: Are we on track? Do we need to change our approach? Do we
need to work harder? And of course: Did we achieve our goal?

Your thoughts and input?
--
sebas

http://vizZzion.org   ⦿http://www.kde.org

Big Hairy Audacious Goal: Privacy Software

[Sebastian Kügler]

Hi all,

I spent some time thinking and working on a proposal for the big hairy
audacious goal (1), the goal that the KDE community sets for itself to
strive for in the next five years. (Context: re-read the thread started
by Kevin with the subject "Proposal: Have the Community Set Ambitious
Goals for Itself".

[1] https://en.wikipedia.org/wiki/Big_Hairy_Audacious_Goal 

I'll try to keep this email short, but I guess I won't be able to,
given scope, importance, complexity and the general mess in my head
regarding this topic.

What I wanted to do...

I wanted to write a goal that is snappy to read, easy to understand,
engaging, worthwhile and measurable. What I came up with so far is:

"In 5 years, KDE software enables and promotes privacy"

Problem with this is: Arguable, this is already the case today, so it
sucks as a goal since it allows us to do or change nothing, it's not
measurable, and I haven't figured it out how to make it measurable.
It's simply too vague.

Alright, so I sat down and tried to make it more concrete, by adding
lots of bullet points and thoughts, but I don't think it's much better.
I'll post them here:

KDE software protects and enables users privacy by:

- During normal usage it doesn't leak information to other users or
  online services when this is not expected to happen
- Examples: Typing into KRunner or using the desktop search will
  not produce artifacts online, but downloading new wallpapers from
  the Store may lead to the user leaving traces, this is expectable
  and reasonable
- KDE Tools provide sound and state-of-the-art methods for using
  private communication, such as encrypted communication with other
  services. Examples: 
- Communication and data exchange with online services uses SSL
  encryption (or similar)
- KMail offers well-integrated GPG encryption and makes it easy and
  straight-forward to use encryption to talk to mail servers, it
  works well with a number of privacy-respecting email service
  providers
- KDE software covers most use-cases to allow the user to privately
  communicate and store his per personal information on services that
  are known to protect the user's privacy
- top notch support for self-hosted email, file storage, cloud
  storage, collaborative editing, file sharing

Measuring (this is *really* lacking):
- what the press writes about us
- what our users think (online fora, polls, e.g.)
- own website promotes privacy (is this central to our communication?)

Tools (can be made more concrete once the above points are fleshed out):
- strategy promotes privacy down into details, see the above
- collaboration with EFF, other organisations (Whonix, Tor, ...?)


So, I could use some help with this, in the form of how this can be
structured, in what form it will be useful, more ambitious, and very
importantly measurable: I want us to be able to sit down in two years
and check: Are we on track? Do we need to change our approach? Do we
need to work harder? And of course: Did we achieve our goal?

Your thoughts and input?
-- 
sebas

http://vizZzion.org   ⦿http://www.kde.org