[Freedombox-discuss] FreedomBox Privacy Principles

nathan nolast nathan1465 at gmail.com
Mon Jul 4 14:31:24 UTC 2011 

both very good comments

I think we keep trying to figure out how to allow freedombox users to
identify themselves or others in an environment that we want a strong
working privacy, which to be honest requires anonymity.  Im all for
developing services/projects/protocols/ect that allow users to communicate
in an anonymous way, but we need the entire system to support the same
purpose and protocols of protecting the source, anonymizing the users, easy
to use, etc.  i think we are putting the horse before the buggy. What we
should be nailing down is how the freedombox's are going to communicate in a
secure and anonymous way, how the networking is going to work, private
mesh's, darknet, ect. If not, we could create an idea that will cause issues
when trying to implement it in  code.

also, i think we are forgetting what we are trying to achieve here, we are
allowing users to use the Internet freely because our governments are
failing us with intrusive measures and suppressing free speach. The services
we are using are handing over our personal information without question...
ect

im bring this up because when we allow users to publish information and post
there free thoughts, there is going to be pressure who would love to put us
away. Just like some services/governments/ISP are blocking TOR.. so its in
our best interest to implemenet protocols that are resilient in nature, that
dont require other services we dont control, and that protocols the end
users. If the users of wikileaks used freedombox's to communicate and share
information, and there freedombox's was confiscated, would their information
and sources be safe?

so, with that said, users using the freedombox will use other services that
could compromise their own privacy/anonymity .. should we create other
simular services that are more in-tune with our vision? I think so.  Should
we also implement features that will still protect the users privacy when
that one idiot connects to their personal facebook page without ssl and
sends his friends his cool new address where his freedombox is hooked up at?
You bet we should. The insecure practices of one users could hurt many many
people, and the networks reputation. Telling users isnt enough.



On Mon, Jul 4, 2011 at 4:44 AM, Mike Macgirvin <mike at macgirvin.com> wrote:

> Here's the issue, and apologies but Friendika's hosting service is having
> some serious database issues at the moment... and may be down.
>
> - You have a "group" (aspect,circle, whatever)
> - You send this group a private message.
>
> All is well. However if your group includes *any* people from networks with
> no privacy mechanisms (e.g. status.net, Twitter, etc.), your privacy
> expectations have been compromised. Your private message may now be visible
> on public portals and visible in public search results.
>
> There are several ways your privacy could leak once you cross network
> boundaries, unless all said networks are aligned in privacy principles.
>
> For instance we've also encountered holes (this time it was our fault),
> where a profile wall was "hidden" on Facebook, but we weren't aware of it
> due to limitations in the Facebook API. So we imported this stuff onto the
> Friendika wall where it leaked. (We now have a workaround, and can
> completely close off the Friendika wall also.) Previously we expected the
> privacy rights of the messages themselves to determine visibility, but there
> may be privacy rights attached to some web page on another system which are
> not reflected in the messages contained therein.
>
> These are just issues you should be aware of. We try our best to warn
> somebody when there is a potential privacy violation, but people are finicky
> and just expect to be able to communicate privately with anybody on any
> network and for everything to just work.
>
> The real world is a bit more complicated.
>
>
>
>
>
> ______________________________**_________________
> Freedombox-discuss mailing list
> Freedombox-discuss at lists.**alioth.debian.org<Freedombox-discuss at lists.alioth.debian.org>
> http://lists.alioth.debian.**org/cgi-bin/mailman/listinfo/**
> freedombox-discuss<http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss>
>



-- 
Thank you for your time
~Nathan
nathan1465 at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20110704/e6ee51cb/attachment-0001.html>

More information about the Freedombox-discuss mailing list