Bug#743694: lintian: Downgrade most of privacy-breach* tags from severity: error to pedantic
I think that the privacy breaches that lintian complains about represent several sets of bugs that all need fixing: The browsers shipping in Debian place no barriers between local files on disk, sites on the local network and sites on the Internet. So if someone reads some local documentation they didn't get from Debian using a browser from Debian, they could have a privacy violation. The documentation available in Debian may suggest readers request resources not available as local files on disk. Even if we fix the browsers available in Debian, users may read Debian documentation using browsers not available in Debian, they could have a privacy violation. When Debian documentation is copied to the web the same occurs. The web applications available in Debian may suggest visitors request resources not available on the same web service. Since most web browsers don't block third-party requests by default, those visitors, who are only indirectly Debian users, could have a privacy violation. The same applies when Debian documentation is copied to a website. Daniel Leidert wrote: > To put packages through NEW they have to be lintian clean. Not in my experience, I haven't tested it for the privacy tags though. > The severity is not backed up by any of our policies. I believe the issues to be a violation of the social contract, albeit one of the parts that are aspirational rather than concrete. > what right do we have to remove donation requests That would be the wrong thing to do but that isn't what is requested. > you have already configured your whole system The majority people who are affected by privacy violations probably don't understand that those violations exist, nor that mitigations exist nor what those mitigations are nor how to configure them and probably those mitigations are going to break their workflows. > they are still tracked by hundreds of cookies > while browsing websites or reading mails This is being improved by the browser vendors, which are moving towards blocking third-party cookies entirely. > It just creates burden on fellow developers. I believe that the burden exists, but is fairly minimal, replacing an image with a styled button or similar is usually fairly simple. PS: there are many more types of privacy violations in Debian: https://wiki.debian.org/PrivacyIssues -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#743694: lintian: Downgrade most of privacy-breach* tags from severity: error to pedantic
Am Freitag, dem 10.09.2021 um 15:46 +0200 schrieb Bill Allombert: > On Fri, Sep 10, 2021 at 02:41:20PM +0200, Daniel Leidert wrote: > > And once again: What is the sense and what right do we have to remove > > donation > > requests just because they use icons of paypal/patreon/github/whatever > > which we > > cannot distribute? > > If upstream cannot be bothered to provide a DFSG-compatible donation > document, one can just replace it by an explicit link to the page on its > website. Users need an internet connection to make a donation in any > case. What are you talking about? How is such a donation link not DFSG compatible and how does it violate the DFSG? Daniel -- Regards, Daniel Leidert | https://www.wgdd.de/ GPG-Key RSA4096 / BEED4DED5544A4C03E283DC74BCD0567C296D05D GPG-Key ED25519 / BD3C132D8B3805D1808123AB7ACE00941E338C78 https://www.fiverr.com/dleidert https://www.patreon.com/join/dleidert signature.asc Description: This is a digitally signed message part
Bug#743694: lintian: Downgrade most of privacy-breach* tags from severity: error to pedantic
On Fri, Sep 10, 2021 at 02:41:20PM +0200, Daniel Leidert wrote: > And once again: What is the sense and what right do we have to remove donation > requests just because they use icons of paypal/patreon/github/whatever which > we > cannot distribute? If upstream cannot be bothered to provide a DFSG-compatible donation document, one can just replace it by an explicit link to the page on its website. Users need an internet connection to make a donation in any case. Cheers, -- Bill. Imagine a large red swirl here.
Bug#743694: lintian: Downgrade most of privacy-breach* tags from severity: error to pedantic
Am Freitag, dem 10.09.2021 um 15:10 +0200 schrieb Bill Allombert: > On Fri, Sep 10, 2021 at 02:41:20PM +0200, Daniel Leidert wrote: > > Am Freitag, dem 10.09.2021 um 13:56 +0200 schrieb Bill Allombert: [..] > > > Lintian errors do not by themselves create more work to package > > > maintainers since they can be ignored, > > > > a) This is untrue. To put packages through NEW they have to be lintian > > clean. > > Is it actually the case ? This is not my experience. Citing the Reject FAQ: Lintian errors and warnings, without a good reason to ignore them, can get you a reject. Sometimes there are valid reasons, but then you should either file a bug against lintian if it's generally wrong, or include an override in your package, giving a reason in the changelog for it. I have seen it (and I would doubt our FTP masters if they accept packages with lintian errors TBH). I filed a bug because I believe the severity is wrong. https://bugs.debian.org/743649#13 Regards, Daniel -- Regards, Daniel Leidert | https://www.wgdd.de/ GPG-Key RSA4096 / BEED4DED5544A4C03E283DC74BCD0567C296D05D GPG-Key ED25519 / BD3C132D8B3805D1808123AB7ACE00941E338C78 https://www.fiverr.com/dleidert https://www.patreon.com/join/dleidert signature.asc Description: This is a digitally signed message part
Bug#743694: lintian: Downgrade most of privacy-breach* tags from severity: error to pedantic
On Fri, Sep 10, 2021 at 02:41:20PM +0200, Daniel Leidert wrote: > I'm not sure why this x-post over a dozen addresses, but if you wish so... > > Am Freitag, dem 10.09.2021 um 13:56 +0200 schrieb Bill Allombert: > > On Fri, Sep 10, 2021 at 04:05:32AM -0700, Felix Lechner wrote: > > > Hi, > > > > > > > The severity chosen for these tags/checks is not justified by any of our > > > > policies, neither the Debian policy, not the best packaging practises > > > > nor > > > > any legal reason! > > > > > > > > There is no technical nor social justification for this severity. > > > > > > > > making our package compliant to this new privacy-policy doesn't add > > > > any value to our users. > > [snip] > > > Thanks for taking this stance. Phoning home without the user consent has > > always been treated as a RC bug. > > Please provide examples. > > > Lintian errors do not by themselves create more work to package > > maintainers since they can be ignored, > > a) This is untrue. To put packages through NEW they have to be lintian clean. Is it actually the case ? This is not my experience. Cheers, -- Bill. Imagine a large red swirl here.
Bug#743694: lintian: Downgrade most of privacy-breach* tags from severity: error to pedantic
Same here, no idea why this x-post over so mayn addresses...
Am Freitag, dem 10.09.2021 um 04:05 -0700 schrieb Felix Lechner:
>
> > The severity chosen for these tags/checks is not justified by any of our
> > policies, neither the Debian policy, not the best packaging practises nor
> > any legal reason!
> >
> > There is no technical nor social justification for this severity.
> >
> > making our package compliant to this new privacy-policy doesn't add
> > any value to our users.
>
> I believe Debian users have a reasonable expectation to read static
> files on their own storage media without being monitored. That
> objection is based on my own everyday experience in working to improve
> Debian, the Golden rule [2] and item #4 of Debian's social contract
> ("Our priorities are our users"). [2]
If you are *that* concerned about the privacy breaches created by websites
contacting servers you have already configured your whole system to deal with
that. And then this whole thing here does not add any value. It also doesn't
add much value to other users less concerned either, because we only change a
few HTML sites while they are still tracked by hundreds of cookies while
browsing websites or reading mails.
It just creates burden on fellow developers. While we have often found
reasonable solutions (e.g. packaging javascript libraries and using them
instead of web resources), I don't think this here is one of them. IIRC I got
this error because of a donation request a software author made in their
software using an icon at an online resource. I am not willing to remove or
cripple that. If you are, well, then better come up with a solution for these
cases.
FTR: What I see is not users requesting this. What I see is a small group of
developers which made that their objective and try to enforce that objective by
misusing lintian to produce error messages instead of messages with a justified
priority.
>
[..]
> I will likely close this bug without action.
Well, then I bring this to the TC's attention. I believe your actions aren't
justified.
Regards, Daniel
--
Regards,
Daniel Leidert | https://www.wgdd.de/
GPG-Key RSA4096 / BEED4DED5544A4C03E283DC74BCD0567C296D05D
GPG-Key ED25519 / BD3C132D8B3805D1808123AB7ACE00941E338C78
https://www.fiverr.com/dleidert
https://www.patreon.com/join/dleidert
signature.asc
Description: This is a digitally signed message part
Bug#765503: lintian: Downgrade most of privacy-breach* tags from severity: error to pedantic
I'm not sure why this x-post over a dozen addresses, but if you wish so... Am Freitag, dem 10.09.2021 um 13:56 +0200 schrieb Bill Allombert: > On Fri, Sep 10, 2021 at 04:05:32AM -0700, Felix Lechner wrote: > > Hi, > > > > > The severity chosen for these tags/checks is not justified by any of our > > > policies, neither the Debian policy, not the best packaging practises nor > > > any legal reason! > > > > > > There is no technical nor social justification for this severity. > > > > > > making our package compliant to this new privacy-policy doesn't add > > > any value to our users. [snip] > Thanks for taking this stance. Phoning home without the user consent has > always been treated as a RC bug. Please provide examples. > Lintian errors do not by themselves create more work to package > maintainers since they can be ignored, a) This is untrue. To put packages through NEW they have to be lintian clean. b) So what you are saying is, that I can ignore these? So then WHY make this a serious offense then? Why not downgrade the severity as I have requested? Again: The severity is not backed up by any of our policies. Please proove your point if you disagree. Instead it is IMHO a personal objective that is forced onto developers by a severity that is not justified by our policy. And once again: What is the sense and what right do we have to remove donation requests just because they use icons of paypal/patreon/github/whatever which we cannot distribute? > instead they present an > advance warning of a potential bug report about privacy violation, > which can save time unless the maintainers plan was to hide the issue > under the carpet which contradict SC #3 "we will not hide problems". This rule of the SC refers to something completely different. Please don't misuse the SC for your personal objectives. But JFTR: Ignoring this bug report with the other one for 7 years smells a lot more like "hiding/ignoring the issue". Neither of the reports requested to remove the affected tags. It was requested to lower the severity as the chosen severity is not justified. Regards, Daniel signature.asc Description: This is a digitally signed message part
Bug#765503: lintian: Downgrade most of privacy-breach* tags from severity: error to pedantic
Le ven. 10 sept. 2021 à 11:06, Felix Lechner
a écrit :
>
> Hi,
>
> > The severity chosen for these tags/checks is not justified by any of our
> > policies, neither the Debian policy, not the best packaging practises nor
> > any legal reason!
> >
> > There is no technical nor social justification for this severity.
> >
> > making our package compliant to this new privacy-policy doesn't add
> > any value to our users.
>
> I believe Debian users have a reasonable expectation to read static
> files on their own storage media without being monitored. That
> objection is based on my own everyday experience in working to improve
> Debian, the Golden rule [2] and item #4 of Debian's social contract
> ("Our priorities are our users"). [2]
>
> The legal landscape is also changing. At least Europe and California
> have seen shifts toward greater privacy protections for consumers
> since the bug was filed.
>
> [1] https://en.wikipedia.org/wiki/Golden_Rule
> [2] https://www.debian.org/social_contract
>
> > I simply morally disagree with removing donation requests from authors
>
> It is not the solicitation but the unexpected loading of network
> resources that violates privacy expectations. Many micro-donation
> services offer resources like images or active HTML components to
> evoke feelings of familiarity or goodwill. That allows them to see who
> is using which software, and who chooses not to donate. While such
> gamesmanship may be common while browsing online (there are tools to
> fight it [3][4]) it is unexpected when browsing static files located
> on one's own storage media.
>
> Another, more generalized solution could be to modify all browsers
> shipped in Debian so they do not load online resources without
> confirmation. Unfortunately, that separates the solution from the
> problems. It is more reliable to address the privacy breaches where
> they occur, i.e. in the affected files.
>
> There is no issue with authors requesting donations (or even with
> Debian promoting such requests, for example in package metadata). The
> moral charge that Lintian's privacy expectations starve authors is not
> reasonable. The request just has to be made without unexpectedly
> loading online resources.
>
> [3] https://privacybadger.org/
> [4] https://noscript.net/
>
> > I find it unacceptable that the burden to make packages "privacy"-
> > compliant to some users is put on the shoulders of myself and fellow DDs.
>
> Lintian already reduces the workload by locating the issues for
> maintainers. (We hope that most of our tags do that.) As for the
> actual burden, the task of creating patches that drop lines from
> upstream files is well within the capabilities of any DD with upload
> privileges. The burden is not unreasonable.
>
> I will likely close this bug without action.
>
> Please reply to Bug#743694 if your response concerns Lintian's
> treatment of privacy breaches. Thanks!
>
> Kind regards
> Felix Lechner
Note that I am working on a dh_fixhtml helper to automate the cleaning
of privacy breach.
Bastien
Bug#743694: lintian: Downgrade most of privacy-breach* tags from severity: error to pedantic
On Fri, Sep 10, 2021 at 04:05:32AM -0700, Felix Lechner wrote:
> Hi,
>
> > The severity chosen for these tags/checks is not justified by any of our
> > policies, neither the Debian policy, not the best packaging practises nor
> > any legal reason!
> >
> > There is no technical nor social justification for this severity.
> >
> > making our package compliant to this new privacy-policy doesn't add
> > any value to our users.
>
> I believe Debian users have a reasonable expectation to read static
> files on their own storage media without being monitored. That
> objection is based on my own everyday experience in working to improve
> Debian, the Golden rule [2] and item #4 of Debian's social contract
> ("Our priorities are our users"). [2]
>
> The legal landscape is also changing. At least Europe and California
> have seen shifts toward greater privacy protections for consumers
> since the bug was filed.
>
> [1] https://en.wikipedia.org/wiki/Golden_Rule
> [2] https://www.debian.org/social_contract
>
> > I simply morally disagree with removing donation requests from authors
>
> It is not the solicitation but the unexpected loading of network
> resources that violates privacy expectations. Many micro-donation
> services offer resources like images or active HTML components to
> evoke feelings of familiarity or goodwill. That allows them to see who
> is using which software, and who chooses not to donate. While such
> gamesmanship may be common while browsing online (there are tools to
> fight it [3][4]) it is unexpected when browsing static files located
> on one's own storage media.
>
> Another, more generalized solution could be to modify all browsers
> shipped in Debian so they do not load online resources without
> confirmation. Unfortunately, that separates the solution from the
> problems. It is more reliable to address the privacy breaches where
> they occur, i.e. in the affected files.
>
> There is no issue with authors requesting donations (or even with
> Debian promoting such requests, for example in package metadata). The
> moral charge that Lintian's privacy expectations starve authors is not
> reasonable. The request just has to be made without unexpectedly
> loading online resources.
>
> [3] https://privacybadger.org/
> [4] https://noscript.net/
>
> > I find it unacceptable that the burden to make packages "privacy"-
> > compliant to some users is put on the shoulders of myself and fellow DDs.
>
> Lintian already reduces the workload by locating the issues for
> maintainers. (We hope that most of our tags do that.) As for the
> actual burden, the task of creating patches that drop lines from
> upstream files is well within the capabilities of any DD with upload
> privileges. The burden is not unreasonable.
Thanks for taking this stance. Phoning home without the user consent has
always been treated as a RC bug.
Lintian errors do not by themselves create more work to package
maintainers since they can be ignored, instead they present an
advance warning of a potential bug report about privacy violation,
which can save time unless the maintainers plan was to hide the issue
under the carpet which contradict SC #3 "we will not hide problems".
Cheers,
--
Bill.
Imagine a large red swirl here.
Bug#743694: lintian: Downgrade most of privacy-breach* tags from severity: error to pedantic
Hi,
> The severity chosen for these tags/checks is not justified by any of our
> policies, neither the Debian policy, not the best packaging practises nor
> any legal reason!
>
> There is no technical nor social justification for this severity.
>
> making our package compliant to this new privacy-policy doesn't add
> any value to our users.
I believe Debian users have a reasonable expectation to read static
files on their own storage media without being monitored. That
objection is based on my own everyday experience in working to improve
Debian, the Golden rule [2] and item #4 of Debian's social contract
("Our priorities are our users"). [2]
The legal landscape is also changing. At least Europe and California
have seen shifts toward greater privacy protections for consumers
since the bug was filed.
[1] https://en.wikipedia.org/wiki/Golden_Rule
[2] https://www.debian.org/social_contract
> I simply morally disagree with removing donation requests from authors
It is not the solicitation but the unexpected loading of network
resources that violates privacy expectations. Many micro-donation
services offer resources like images or active HTML components to
evoke feelings of familiarity or goodwill. That allows them to see who
is using which software, and who chooses not to donate. While such
gamesmanship may be common while browsing online (there are tools to
fight it [3][4]) it is unexpected when browsing static files located
on one's own storage media.
Another, more generalized solution could be to modify all browsers
shipped in Debian so they do not load online resources without
confirmation. Unfortunately, that separates the solution from the
problems. It is more reliable to address the privacy breaches where
they occur, i.e. in the affected files.
There is no issue with authors requesting donations (or even with
Debian promoting such requests, for example in package metadata). The
moral charge that Lintian's privacy expectations starve authors is not
reasonable. The request just has to be made without unexpectedly
loading online resources.
[3] https://privacybadger.org/
[4] https://noscript.net/
> I find it unacceptable that the burden to make packages "privacy"-
> compliant to some users is put on the shoulders of myself and fellow DDs.
Lintian already reduces the workload by locating the issues for
maintainers. (We hope that most of our tags do that.) As for the
actual burden, the task of creating patches that drop lines from
upstream files is well within the capabilities of any DD with upload
privileges. The burden is not unreasonable.
I will likely close this bug without action.
Please reply to Bug#743694 if your response concerns Lintian's
treatment of privacy breaches. Thanks!
Kind regards
Felix Lechner
