> On 19 Jan 2018, at 11:30, Volker Krause <vkra...@kde.org> wrote:
>
>> On Friday, 19 January 2018 14:49:58 CET Sebastian Kügler wrote:
>> I'd like to collect some more input from the wider KDE community about our
>> privacy goal for the next years. If you're unsure what I'm talking about,
>> please have a look at https://vizzzion.org/blog/2017/11/kdes-goal-privacy/
>
> Here are some thoughts on threat models for this, as a possible way to better
> capture what we want to achieve.
>
> (1) Public Wifi
>
> Assume anyone can see your Wifi network traffic (e.g. via recent
> vulnerabilities in WPA2). Using your device in such an environment should be
> safe and not compromise your privacy any more compared to using a wired
> network at home.
>
> Possible counter-measures: Encrypted communication, VPN.
Since (I think) iOS 10, the Wi-Fi configuration gives pretty loud warnings if
you connect to an unsecured Wi-Fi network. Perhaps the Plasma NetworkManager
applet needs similar UI improvements in that area.
> (2) Stolen Device
> (3) Mega Corporations ("Google")
> (4) Global Surveillance ("NSA")
> (5) Targeted Surveillance ("Snowden")
>
> What else? Which of those do we want to address? Do you think that's a useful
> approach to guide/validate our work?
We may need more stuff related to our own services. Do we have a privacy policy
in all websites that need one? What can we use logs for?
And maybe we should have a proper internal policy of what info KDE sysadmins
are allowed to peek into, and for what purposes.
--
Nicolás
