[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-community
Subject:    Re: Input on privacy goal
From:       Nicolás_Alvarez <nicolas.alvarez () gmail ! com>
Date:       2018-01-19 16:23:27
Message-ID: C305F3CA-63E1-4034-9A0B-E60FC745FC65 () gmail ! com
[Download RAW message or body]


> On 19 Jan 2018, at 11:30, Volker Krause <vkrause@kde.org> wrote:
> 
> > On Friday, 19 January 2018 14:49:58 CET Sebastian Kügler wrote:
> > I'd like to collect some more input from the wider KDE community about our
> > privacy goal for the next years. If you're unsure what I'm talking about,
> > please have a look at https://vizzzion.org/blog/2017/11/kdes-goal-privacy/
> 
> Here are some thoughts on threat models for this, as a possible way to better 
> capture what we want to achieve.
> 
> (1) Public Wifi
> 
> Assume anyone can see your Wifi network traffic (e.g. via recent 
> vulnerabilities in WPA2). Using your device in such an environment should be 
> safe and not compromise your privacy any more compared to using a wired 
> network at home.
> 
> Possible counter-measures: Encrypted communication, VPN.

Since (I think) iOS 10, the Wi-Fi configuration gives pretty loud warnings if you \
connect to an unsecured Wi-Fi network. Perhaps the Plasma NetworkManager applet needs \
similar UI improvements in that area.

> (2) Stolen Device
> (3) Mega Corporations ("Google")
> (4) Global Surveillance ("NSA")
> (5) Targeted Surveillance ("Snowden")
> 
> What else? Which of those do we want to address? Do you think that's a useful 
> approach to guide/validate our work?

We may need more stuff related to our own services. Do we have a privacy policy in \
all websites that need one? What can we use logs for?

And maybe we should have a proper internal policy of what info KDE sysadmins are \
allowed to peek into, and for what purposes.

-- 
Nicolás=


[prev in list] [next in list] [prev in thread] [next in thread]