Introduction

• Introduction to the Safety and Privacy Team

• Sandboxed applications, part 1

• Sandboxed applications, part 2

• My free software will respect users or it will be bullshit

• Ideas from the Privacy Campaign in 2013

Contact

We discuss things on desktop-devel-list, for general awareness.

We chat in irc.gnome.org in the #safety channel.

Pending tasks

Bugs

• All bugs with "safety" in the status whiteboard

If you find a bug relevant for the safety and privacy team, please put "safety" in the status whiteboard field of the bug. This will help us find it easily.

SSL/TLS all the things

See the minutes of the initial meeting at GUADEC 2014 for more details. These packages need TLS-ification:

• Gnome-weather - 736814

• Gnome-maps (FIXME: bug?)
• Gnome-music (FIXME: bug?)
• Gravatar (FIXME: bug? Which code fetches the avatars?)

• Seahorse 617383

How do we do certificate pinning for "random" applications like those? Can we centralize that functionality (in libsoup)?

Content sharing / service APIs

See Design/OS/Sharing for inspiration from other OSes, and for a proposed workflow.

Forget passphrases when screensaver activates

We should probably forget the user's typed passphrases (for ssh, GPG, etc.) when the screensaver activates, and/or when the user suspends the machine.

Metadata scrubbers

When we have a service API to share files, we'll need to offer the user a way to scrub metadata. See the Metadata Anonymisation Toolkit (MAT) for an implementation.

Meeting minutes

Initial meeting at GUADEC 2014

People present at the initial GUADEC 2014 BoF

• Matthew Garret
• Nicklas Lindgren

• Garret LeSage

• FedericoMenaQuintero

• D. Spindel Ljungmark
• Hans Petter Jansson
• Gunnar Andersson
• Elad Alfassa
• And others forgotten and missed.

Interesting links

• Ethics for Programmers: Primum non Nocere with an interesting analogy to the Hippocratic Oath.