TuxGuardian looks a good start but it needs adding to the Ubuntu repositories. Sadly setting iptables rules based on program name is simply not an option for a "normal" desktop user. It is far too "Low level" for anyone but a "techie".
I believe that with Hardy Heron, KDE4, the Acer eee etc. etc. Linux will soon start making inroads into the general publics desktops and this issue of user privacy should be addressed well before that point. If anything at all has been learned from the last couple of decades of computing it should be that the network is not to be trusted and that sending data out to the internet should be a matter for tight indiviudal control. The default policy should be deny all. Since making my original post I've also run a couple of self written programs which opened a socket to my server and uploaded a few randomly selected files from my desktop (it was a Python exercise) Other than looking through my log files there was no indication that these programs had just uploaded, potentially sensitive, information to the internet. This is not a good thing ! Sadly I think this issue will only get any attention when the first wave of Linux malware starts appearing. For a "home desktop" machine the default policy should definitely be that no program whatsoever can connect to a resource outside the box without the user first being notified and giving explicit permissiosn that the program can: a) Connect this time, ask when it wants to connect again. b) Connect this time, In the future can connect without asking. c) Disallow this time, ask when it wants to connect again. d) Disallow permanently, don't ask again. Mechanisms (GUI & command line facilities) should also exist so the user can easily view and modify their list of program access decisions. And yes I really do mean every program should have to ask first. Even ntp daemons, all browsers, all mail clients, samba etc. etc. Everything must ask first. -- All programs in Ubuntu need to do more to respect users privacy https://bugs.launchpad.net/bugs/155347 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs