Differences between revisions 15 and 17 (spanning 2 versions)
Revision 15 as of 2019-05-22 00:04:08
Size: 2799
Editor: PaulWise
Comment: link to debtags privacy facet
Revision 17 as of 2019-11-06 13:44:15
Size: 2878
Editor: PaulWise
Comment: moved my privacy tags to debian-devel
Deletions are marked like this. Additions are marked like this.
Line 29: Line 29:
 * [[https://github.com/jonasdn/nsntrace/|nsntrace]]
Line 32: Line 33:
 * [[https://bugs.debian.org/cgi-bin/pkgreport.cgi?users=pabs@debian.org;tag=privacy|usertagged by pabs]]  * [[https://bugs.debian.org/cgi-bin/pkgreport.cgi?users=debian-devel@lists.debian.org;tag=privacy|usertagged under debian-devel]]

Privacy issues in Debian packages

Phone home

Phone elsewhere

  • systemd - Uses Google DNS resolvers as internal default, not explicitly documented: See "FallbackDNS" in systemd-resolved manpage

Data sharing

  • remmina - shares the clipboard with remote hosts over RDP by default
  • pidgin - shares typing notifications with remote peers by default

Data storage

  • web and other servers of various kinds default to logging information about requests over the network from external entities

Detection tools

Reports

Issue categories

  • logging & verbose logging

  • homephoning without user consent
    • cleartext
    • TLS
  • featurebug: when a bug is also a feature
  • privacy defaults
    • optin
    • optout
  • traceability
  • no deletion of config files when uninstalling a package