Privacy Funds Session

Notes from session held at GUADEC 2016, presented and chaired by CosimoCecchi.

Cosimo's Presentation

Main ideas that we could pursue:

• TOR VPN integration
• Home encryption in control-center/initial-setup
• Securely reset the machine

Other ideas

• Seahorse redesign/modernization
• Password manager - "one password"

Open discussion

• Home encryption in control-center/initial-setup
  • Michael: home encryption alone isn't sufficient. Need to encrypt /var etc, which needs to be done in distro installers.
  • Alberto: this is what the Fedora security team are working on - it could be possible.
  • Michael: yes but that's something better done downstream.
  • Cosimo: some encryption is better than nothing
• Stef Walters - TOFU a way to confirm the identity of people you're communicating with. Would be for mail or chat app?
• Nathan Willis - add a private switch for some apps, perhaps using similar techniques to the Tor browser (eg. maps). "Steed" email encryption; simplifies PGP setup.
• Complete the redesign of seahorse.
• Michael Catanzaro: there's a wiki page with ideas. A lot focus on the Telepathy stack which has some serious issues. We should take a look.
  • Cosimo: yes but Telepathy isn't really used. Maybe better to focus on something that more users would benefit from.
• Allan - we don't have to spend the money on one big feature - could be a collection of smaller fixes.
• Lennart Poettering - for single user machines, the last password used can be stored and reused. That's a realistic thing to do.
• Need to consider how to message these features - don't want to promise security when it's not 100%
• Federico: it's not GNOME's job to provide an extremely high security solution like Tails. Our responsibility is to protect people from more everyday threats.