User explicitly requests connection to a specific server (e.g. navigates to debian.org), so browser makes a connection to debian.org: Not telemetry.
User explicitly requests a connection to a specific server (e.g. navigates debian.org), then browser makes a connection to mozilla.org to upload metadata: Telemetry.
In general telemetry is when the software connects to a server chosen by the developers and not telemetry is when the software connects to a server chosen by the user.
When I open Slack, to which servers am I explicitly requesting a connection?
I see your point, but my point is that implementing this is either impossible or would require changing how networks are used by programs at a fundamental level.
A middle ground might be to create a distro that uses something like SELinux to prevent all network access to non-system processes. Then each package would have to be audited to determine which addresses it can bind to, and/or which name lookups it can do, and how those capabilities are connected to actions performed by the user. Then there is still the question of what to do about software that accesses the network independent of the user, but maybe you can argue that shouldn't exist. How do updates work? Besides, if I allow Slack to connect to mychats.slack.com, nothing prevents the software from sending telemetry to that endpoint. You would need an army of manual enforcers, and that's not to mention non-free software.
> When I open Slack, to which servers am I explicitly requesting a connection?
Debian only supplies open source software. Proprietary apps that only support the vendor's service aren't included as it is. Open source apps using standard protocols like Matrix or similar do allow the user to choose the server.
> A middle ground might be to create a distro that uses something like SELinux to prevent all network access to non-system processes.
We're talking about open source software in the official repositories. You're not putting it in a jail to thwart it from defecting on you, you're modifying the code so that it doesn't even try.
> How do updates work?
When you install Debian it asks you which mirror you want to use for updates. Several of them are provided by universities etc. You can also make your own and some large organizations do that.
You're referring to requests from the same page as the one the user requested, rather than requests by the browser at the behest of the browser developer. Loading it is presumably what the user intended by navigating to the page and if it isn't then at that point it's in the bailiwick of uBlock etc.
User explicitly requests connection to a specific server (e.g. navigates to debian.org), so browser makes a connection to debian.org: Not telemetry.
User explicitly requests a connection to a specific server (e.g. navigates debian.org), then browser makes a connection to mozilla.org to upload metadata: Telemetry.
In general telemetry is when the software connects to a server chosen by the developers and not telemetry is when the software connects to a server chosen by the user.
When I open Slack, to which servers am I explicitly requesting a connection?
I see your point, but my point is that implementing this is either impossible or would require changing how networks are used by programs at a fundamental level.
A middle ground might be to create a distro that uses something like SELinux to prevent all network access to non-system processes. Then each package would have to be audited to determine which addresses it can bind to, and/or which name lookups it can do, and how those capabilities are connected to actions performed by the user. Then there is still the question of what to do about software that accesses the network independent of the user, but maybe you can argue that shouldn't exist. How do updates work? Besides, if I allow Slack to connect to mychats.slack.com, nothing prevents the software from sending telemetry to that endpoint. You would need an army of manual enforcers, and that's not to mention non-free software.
> When I open Slack, to which servers am I explicitly requesting a connection?
Debian only supplies open source software. Proprietary apps that only support the vendor's service aren't included as it is. Open source apps using standard protocols like Matrix or similar do allow the user to choose the server.
> A middle ground might be to create a distro that uses something like SELinux to prevent all network access to non-system processes.
We're talking about open source software in the official repositories. You're not putting it in a jail to thwart it from defecting on you, you're modifying the code so that it doesn't even try.
> How do updates work?
When you install Debian it asks you which mirror you want to use for updates. Several of them are provided by universities etc. You can also make your own and some large organizations do that.
Would cdn-debian.org be allowed? Its on a different domain, but I've noticed a lot of websites use a different domain to host their CDN.
You're referring to requests from the same page as the one the user requested, rather than requests by the browser at the behest of the browser developer. Loading it is presumably what the user intended by navigating to the page and if it isn't then at that point it's in the bailiwick of uBlock etc.