Better Website Privacy Policies
- Inicie sesión o regístrese para enviar comentarios
Hi is there a campaign to document how privacy friendly websites are, like privacy safe? kind of like how some websites have a privacy policy that documents how much information is collected?
I know that sites like eff catalogue some of the differences as a third party and there are things like the web of trust which tells you about a browser before you see it or while you see it, but we need a better implementation, unless that already exists.
Then We have spyblock/privacy badger which blocks or lets you see 3rd party trackers and librejs that blocks non free js code. For Librejs, there is a popup that can link you to the pages contact page to contact them, but maybe there could be a link to the privacy policy page from the main page. There is the do not track security feature of firefox browsers.
There is also certificate patrol which notifies certificate changes.
Does this make sense?
There is also things like lightbeam which show websites you've visited.
There is the Fossology project which aims to distinguish between proprietary and free software projects which may be of relevance: http://www.fossology.org/projects/fossology
And most particularly, in F-Droid in application details before installing it says whether an app invades your privacy and while you install something to your android or cyanogenmod or replicant smartphone it tells you what exact features it has access too: history, passwords, downloads, contacts, gps, etc.
Of course, there should be a warning that no system is 100% privacy friendly like tor and tails warns on their pages, and that blindly trusting an extension can have its problems and having a critical mind and being willing to look things up on DDG, starpage, YaCy, wikipedia (not google!) is important.
Or maybe we shouldn't make things easier for the end-user, but instead implement a internet's drivers liscense like many have proposed including jacob appelbaum that like a drivers liscense tests whether you understand what privacy, anonymity is, what SSL, HTTPs, and other protocols are before using something that you interface in daily life that is so powerful.
I hope this wasn't too much for a post.
There is a project called Terms of Service; Didn't Read that rates website Terms of Service on a scale of "Class A" to "Class E". There is a TOS;DR Browser Add-on that can get the ratings for a site you are on (Affero GPLv3 Licensed.)
Thanks SSD. This seems really interesting. Is there something like this for apps like how smartphones detail what power they have over your computer?
I am having a hard time understanding your question. Are you asking if there is a database of how trustworthy programs are?
Sort of. In android phones there is a feature that tells you what permissions an app can have when it is installed - almost becoming like a EULA. You can see more pictures of this in action here: http://www.androidcentral.com/android-permissions-privacy-security. However when you install apps from synaptic manager, none of this information is given, like this app can have access to your storage, tools, etc.
Or maybe we don't have to worry about this in gnu/linux?
This really doesn't matter for libre programs; you can check the source code of a program if you want to, and malicious features are extremely rare. Trying to sandbox everything to protect yourself from malicious features is a much weaker defense.
Perhaps this has to do with application sandboxing - maybe SELinux or somewhat. Apparently I've learned that Apparmor was GNU/Linux's approach while not being nearly as userfriendly, but I guess it is our job to not inherently trust any developer without vetting the source code.
Yes, unlike Android, most programs running on an unmodified Trisquel system are not sandboxed. I think Abrowser is sandboxed using apparmor.
- Inicie sesión o regístrese para enviar comentarios