KDE Privacy Sprint - Find a date

Sandro Knauß sknauss at kde.org
Wed Nov 28 12:56:54 GMT 2018


Hey,

We volunteered to organize a KDE Privacy Sprint. We wanted to make it happen 
in March. We think at a sprint of five days. The main goal for the sprint is 
to locate privacy issues and after locating them hopefully fix them. Let's 
take the advantage to speak in person with multiple people of different part 
in KDE to find solutions. Currently the date is not fixed, so we doodle for 
one:

https://bitpoll.mafiasi.de/poll/8BYKJA5B/

Please add yourself to the doodle fast, so that we can have a fixed date 
within the next weeks.

Explicitly we would like to invite people from following teams:
    Plasma
    Plasma mobile
    Vault
    Falkon
    Choqok
    KDE Pim
    Frameworks

Please feel also invited, if you are not in such a team an be simply 
interested in that topic!

The sprint will either be located in Leipzig(Germany) or Les Magnas (France) 
http://auxsaisons.free.fr/. At the moment both options are still open, but 
soon we need to decide. What is your preference of place?

Some issues that came into my mind:

*  currently when clicking on a link in an email the url is accessed within 
Plasma and than forward this to Firefox. If the user wants to use TorBrowser 
as default browser it is a Privacy Breach.
 *  having an interface to torify/vpn applications

Wifi:

* detect wiki login pages - do not access internet before, e.g. you are 
using inet of a hotel
*  have a way to allow/dissallow applications interact with inet for specific 
wifis, e.g. you are using inet of a hotel

TLS:

* detecting bad SSL standards aka only TLS 1.0...
* more helpful SSL problem dialog (properly if you have a wifi login page)

Mails:

* Encrypting headers of mails to give less metadata to surveillance T742.
* Make it possible to search in encrypted mails, as until now, the encrypted 
data are a binary blob for the search. The search important to find mails 
again T8447.
* Add GnuPG TOFU (Trust On First Use) trust model support for KMail. With 
TOFU you will get more security without exchanging the gpg fingerprints. To 
make it clear, exchanging fingerprints gives better security, but is 
exhausting.
* Make Akregator webviewer protect against ad trackers T7528.

For more information look at https://phabricator.kde.org/T8622.

Share your thoughts and see you!

louise and hefee
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/plasma-devel/attachments/20181128/520244fb/attachment.sig>


More information about the Plasma-devel mailing list