Input on privacy goal
Valorie Zimmerman
valorie.zimmerman at gmail.com
Sun Jan 21 22:05:52 GMT 2018
On Fri, Jan 19, 2018 at 12:24 PM, Carsten Pfeiffer <pfeiffer at kde.org> wrote:
> Am Freitag, 19. Januar 2018, 15:30:25 CET schrieb Volker Krause:
>
Hi,
>
> > Here are some thoughts on threat models for this, as a possible way to
> > better capture what we want to achieve.
>
> that's a good start!
>
> I'd like to add
>
> 6) Rogue local software
>
> Assume you run any kind of software not coming from a trusted source (your
> distribution). E.g. you clone a github repo and run the code. That code may
> pull in further untrusted dependencies (maven, node, ...). It should be
> easy
> to protect your personal data, kwallets, browser history, etc. and local
> network from that code.
>
> Possible counter-measures: easy and configurable sandboxing
>
> Thanks
> Carsten
>
On just this "rogue code" see this enjoyable post:
https://hackernoon.com/im-harvesting-credit-card-numbers-and-passwords-from-your-site-here-s-how-9a8cb347c5b5
Valorie
--
http://about.me/valoriez
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-community/attachments/20180121/8a1bcbfb/attachment.htm>
More information about the kde-community
mailing list