[Freedombox-discuss] FreedomBox Privacy Principles

John Walsh fiftyfour at waldevin.com
Mon Jul 4 08:25:16 UTC 2011


Hi Everybody,
 
Through this mailing list, I was recently introduced to Friendika, a one
year old BSD licensed privacy-driven social networking software. The
software features are very impressive for a one year old project and have
their own privacy protocol (DFRN), which tick the majority of boxes for me.
Unfortunately, in the last few releases Friendika started to connect to
other social networks (Facebook, Flickr, Twitter, Ostatus) and have found
that these services "have serious privacy issues which either may or will
disclose your private information to others".(1) The project has decided to
created a fork, Friendika-Z, within the community which will have all the
features of DFRN and "for your protection it will not connect with members
of any network which has serious privacy issues". The project does not
mention what are the privacy issues or how they were identified. 
 
I thought it worth mentioning because there may be some lessons for
FreedomBox here. Reading the FreedomBox mailing list there seems to be
consensus around the following Privacy Principles;

1.	Once a connection has been established (no consensus on how to
connect), all future communications between individuals (person-to-person)
will be encrypted to prevent eavesdropping and anonymised on an TCP IP4
network through the use of Tor, as long as the performance is reasonable
2.	For person-to-business connections it will not be possible to
encrypt or anonymise the connections until business's have a FreedomBox
Network presence like they have on Facebook/Twitter now. Until that time,
there seems to be best practise privacy measures such as "push(ing) back
against ISPs, search engines, and advertisers without having to route
everything through Tor. We can use local proxies that automate best
practices for direct surfing, things like the HTTPS-everywhere, TrackMeNot,
and CustomizeGoogle firefox plugins."

I have a few user questions;
Q1. Will these privacy principles protect the FreedomBox from experiencing
the same problems as Friendika?
Q2. Will FreedomBox have its own social network or will it connect to other
"privacy social networks"?
Q3. If Freedom Box connects to other "privacy social networks" will the
above Privacy Principles criteria apply?
Q4. Will FreedomBox have a mechanism in place to disable "privacy social
networks" until such time that network's privacy issues are resolved?
Q5. Will the privacy measures in point 2. require user-intervention or will
it be automated by the server in the background?
 
(1) http://project.friendika.com/node/119
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20110704/5dec648b/attachment-0001.html>


More information about the Freedombox-discuss mailing list