Comment by pabs3
1 day ago
There are numerous privacy issues in distros, some known, most probably unknown, some examples from Debian:
https://wiki.debian.org/PrivacyIssues
Luckily there are things like opensnitch that can block some of these issues:
Your link is about privacy issues in upstream software that Debian hasn't sufficiently worked around yet. The main advantage of the Distro model (as opposed to developer-maintained package ecosystems) is exactly that there is someone protecting you from questionable software "features".
Agreed, but it is definitely not enough, which is why some Debian folks packaged opensnitch.
I don't think Debian intentionally shields you from privacy-invading software. Other distros may differ on this point.
Debian does not mandate anything about privacy in its Policy Manual (which are the standards for selecting and packaging software that maintainers must adhere to): https://www.debian.org/doc/debian-policy/search.html?q=priva...
There's also no insistence on privacy in the Debian Social Contract or DFSG (not that these would be appropriate places for it, they're mainly about licensing)
> I don't think Debian intentionally shields you from privacy-invading software
There is a culture of valuing privacy though, including patching out privacy issues. Especially since a lot of Debian folks are from Europe, with corresponding GDPR knowledge.
I know that the lintian warnings pointing out privacy issues in HTML documentation do get a lot of patches.
Also, opensnitch is packaged as a mitigation.
You are right about the policy problem, Debian really needs to do something about that.
There is at least a privacy policy for Debian services.
https://www.debian.org/legal/privacy
> I don't think Debian intentionally shields you from privacy-invading software.
Don't they change the Firefox defaults for more privacy?
1 reply →
Who protects you when the packagers decide to trust a shady CA (adding it to the root store) because it's used by the distro's infra?
Is this supposed to be some kind of gotcha argument? Against what?
1 reply →
That is interesting.
There is nothing in that list anything like as bad as this. The next worst is Chromium which is no surprise.
Are you saying it's an ordinary behavior? There's nothing coming close in your links, especially in Debian.