Just like the Task Manager that monitors all running processes is there a Privacy Manager that monitors processes consuming users data and metadata and maybe a button that keep users all data private. Users data privacy is very important today when the data consumption is exponentially growing and on the other end of the data pipe is an operating system responsible for users data privacy.
Are you implying that the Ubuntu community thinks it’s okay for Open Source applications to steal personal data? And that therefore some folks might want to be protected from such awful behavior?
Think again. Consensus in this community is that it’s NOT acceptable for any application to steal any kind of data. Any application discovered doing so will be reviled, the developers shunned, their professional reputations ruined.
- If you discover an application that unnecessarily consumes any data, personal or not, then please file a bug report.
- If you discover an application that is unexpectedly sending any of your data, personal or not, to a remote server, then please make some noise about it.
A button should not be necessary to do the right thing. Ubuntu already tries to do the right thing by default. That’s one of the reasons Ubuntu is popular.
Please link to the bug report you opened. I would like to understand, which data is unexpected or unnecessarily sent.
Thanks all for your reply,
The first line of defence for your data is your own device or your own operating system. With increasingly AI introduced in intelligent browsers and intelligent crawlers bots etc. what choice of privacy do I have ? The internet data pipe activities are invisible and I cant track what is happening to data on my machine accessed by the intelligent applications. AI could be used to decrypt anything ? And AI is out of humans judistriction ? This is why I was thinking to shifting all personal activities to Linux for a “Personal Space”. Earlier I used Linux only for programming and servers. Now I think it is time to switch my personal activities to Linux.
But still the question that remains is about one principle…
Is the operating system responsible for protecting the users data on the users device ? Then full control for application isolation and monitoring needed ? Even hardware rigging risks flagging and isolation ? OS could sense applications just like hardware ?
Is the operating system responsible for protecting the users data on the any device ? Then should anyone own a device or an account ?
This seems a mix of vagueness and (bad) movie references. I gently suggest that discussion should be limited to specific, real-world threats.
If worried about “data on my machine accessed by the intelligent applications,” then:
- Why is the valuable data un-encrypted?
- Why is valuable-but-unnecessary data stored on the system at all?
- Why is the sensitive-information-storage system networked instead of air-gapped?
- Why is the human admin permitting “intelligent applications” access to the system without sandboxing or containerization?
After so many poor choices, it seems unlikely to me that a hypothetical Privacy Manager will protect such a negligent user from their own folly.
I think we would all be quite interested in your proposal for exactly how such an application should work. How will it know which data is personal? How will it know which “intelligent applications” are good and which are bad? How will it know which applications are “intelligent” and which aren’t? Or does that matter? How will it know if a read/copy is benign or nefarious? You can leave off the bit about the button… we understand that.
Thank you for your reply,
Its just a developers thinking.
USER EXPERIENCE is a powerful tool that used today for trading USER’s PRIVACY. The convenience of visualising user data anywhere and the laziness to remember secrets and laziness to even powering on devices to view them even on handheld devices phones etc. are the weaknesses exploited very much in the name of responsiveness.
Browser injection of code and reduction in code to content ratio in web are some of the things as developers are experiencing today. The presentation layer being controlled by the browser or AI rather than the authors intention. The more screen time is for the handheld personal devices today than desktops or laptops.
The audience wants convenience sacrificing their privacy. Handheld devices plays a huge role. Developers are becoming more and more like content builders creating more content than code. Closed APIs and Closed platforms been provided for free…?
Data has now a very broad definition today and the data pipelines are already laid out all across the internet for data harvesting. Some of which are…
Documents - The app auto save
Photos - The app auto syncs, cloud face tagging, location tagging
Audio - Voice assistant, voice recognition etc.
Video - live streams
Clipboard - Browser auto save
Keypad strokes - Search autocompletes
Saved passwords - Browser auto save
Bookmarks - Browser auto save
Recent visited websites - Browser auto save
Screen time - Browser auto save
Battery Charge - Browser auto save
Find your device - App controlled from the cloud
GPS Location - Browser auto save
Recent Files - Browser auto save
Emails - Browser auto save
Virus Checks - App sends stats to cloud
Published websites - business audience tracked by cloud analytics
An AI working on all the above private data guessing from the metadata…?
The reason of this thinking is to bring back USER PRIVACY using USER EXPERIENCE on a trusted OS. To make privacy convenient to the user. What is needed are the tools that helps users make informed decisions. The thought of the privacy manager as a simple GUI or CMD to guide the user what the operating system recommends them to do to protect their data privacy and gives the user a personal space.
Let the user decide but do recommend ? Not like the terms and conditions that some companies do to achieve a particular User Experience. But just the opposite like a simple GUI or button saying keep private all data and then continue recommend user or provide OS tools locally for the user to check at runtime ? Maybe user signing locally the users data and activity for the os to understand legit operations ? Blockchain maybe ?
FYI this same conversation is also happening here:
Take that as you wish.
I have posted it there.
the answer to all of these are snap packages.
snapped apps can by design not see other apps’ data (prevented by a bunch of kernel mechanisms used to run them) and run with a per-app (well, rather “per snap”) home directory, they have interfaces to allow access to various information of your system that you can easily disable if the default security level of an app does not suit you.
Thanks for your reply,
Each one of those listed item is a independent data pipe from your operating system to a remote system. All the data collected will make sense on the remote system maybe with help of an AI ? What I was asking is that I like to see what is going out of my machine today and sign it so as to track my data and metadata. I like to sign my data going out of my system ?
@ubux123 Thank you for explaining your expectations regarding privacy and security. There are already many tools for monitoring the TCP packets being sent between your machine and the remote machines/servers. You can accordingly uninstall the software or containerize it with limited permissions, by using
snap or manually setting up
systemd-nspawn containers (or a
chroot. although it is easy to break out of it, by mounting the
proc partition inside and chrooting into the disk root outside from inside the chroot). However, the best solution (as many people have explained to you on the Linux Mint forums) is that you get rid of what you think is bad for privacy, instead of trying to restrict every non-free program/website that is known to be bad for privacy.
Also, the operating system (at least most GNU/Linux distributions) which you run on your computer cannot be held accountable for your mistakes. It is your fault if you install and run such programs, or open websites that do not respect your privacy.
Thanks for your reply
Wireshark cant intercept data in the secure HTTPS data pipes. Data needs to be screened before it reaches the closed data pipes and signed (approved) by the local user.
Maybe a 2 way signing contract between server and os established using a signoff document protocol so that the os could decrypt the data pipe and gain visibility and traceroute the data using local credentials. Today its a one way secure transaction. I was thinking of a 2 way real-time signed and secure transaction. Or a 2 way signed handshake network protocol ?