Comment by AnthonyMouse

1 year ago

Debian feature request: A system-wide switch to disable all telemetry and "cloud integration" features that make any network connection to the developers' or developers' partners' servers, applied to all software distributed in the official repositories.

22 comments

AnthonyMouse

Reply
7373737373  1 year ago

It's time for distributions to only include browsers developed by non-profits

  • roenxi  1 year ago

    If Debian could just stick to free software that'd be grand. It is a good ideology and there is no need to change it. Introducing ideological confusion is one of the paths to organisational rot.

    • account42  1 year ago

      Debian already doesn't just stick to free software. Let's say I have a program in debain's main repos. Suppose tomorrow I release a new version that uploads all your data (including shitcoin vallets ant passwords) to my server. All fully open source of course. Do you think Debian should include this update? Does rejecting it cause ideological confusion?

akimbostrawman  1 year ago

Just use https://librewolf.net

  • AnthonyMouse  1 year ago

    So:

      # apt install librewolf
  Reading package lists... Done
  Building dependency tree... Done
  Reading state information... Done
  E: Unable to locate package librewolf

    If the thing that doesn't suck isn't the thing that comes with the OS, it's time to fix the OS.

    Also, that feature should exist. The next time I see a story about MS training ChatGPT on your nude selfies, I want to be able to show people the big red switch that says "All Telemetry: OFF" as an example of something Microsoft will never give them.

    But you first have to provide it in order to show to them that you provide it.

    • rasmus-kirk  1 year ago

      Apt is basically just a bad package manager:

        nix run nixpkgs#librewolf

      But I do agree, it's hard to find these alternatives, and have them be "just works". Librewolf still sometimes have weird issues (for good reasons!), but it means I don't recommend it to "normies". I just tell them to use firefox and most importantly adblock, giving up ads is a huge ROI both in terms of quality of life and data privacy. Everything else is almost marginal in comparison.

      1 reply →

  • mFixman  1 year ago

    Why Librewolf and not Waterfox or any other open source fork?

    • akimbostrawman  1 year ago

      because I don't think a tiny browser fork that moves too far from the original is maintainable and secure long term. even someone of microsofts size seems to think so. librewolf is mostly config changes and couple small patches removing superficial anti-feature like pocket.

account42  1 year ago

Surely you mean a systemwide switch you can optionally enable to allow programs to send telemetry.

Or just disable it altogether because there is no real user benefit.

MathMonkeyMan  1 year ago

Which network access is telemetry?

  • AnthonyMouse  1 year ago

    User explicitly requests connection to a specific server (e.g. navigates to debian.org), so browser makes a connection to debian.org: Not telemetry.

    User explicitly requests a connection to a specific server (e.g. navigates debian.org), then browser makes a connection to mozilla.org to upload metadata: Telemetry.

    In general telemetry is when the software connects to a server chosen by the developers and not telemetry is when the software connects to a server chosen by the user.

    • MathMonkeyMan  1 year ago

      When I open Slack, to which servers am I explicitly requesting a connection?

      I see your point, but my point is that implementing this is either impossible or would require changing how networks are used by programs at a fundamental level.

      A middle ground might be to create a distro that uses something like SELinux to prevent all network access to non-system processes. Then each package would have to be audited to determine which addresses it can bind to, and/or which name lookups it can do, and how those capabilities are connected to actions performed by the user. Then there is still the question of what to do about software that accesses the network independent of the user, but maybe you can argue that shouldn't exist. How do updates work? Besides, if I allow Slack to connect to mychats.slack.com, nothing prevents the software from sending telemetry to that endpoint. You would need an army of manual enforcers, and that's not to mention non-free software.

      1 reply →

    • aembleton  1 year ago

      Would cdn-debian.org be allowed? Its on a different domain, but I've noticed a lot of websites use a different domain to host their CDN.

      1 reply →