[Dev] [consensus due 11-11-16] Defining the nonprism repo

Thu Oct 27 22:28:07 GMT 2016

Luke <g4jc at openmailbox.org> writes:

> Hello All,
> Per the last consensus there was the recommendation to keep nonprism
> "secure", and to split the iceweasel package into two packages to avoid
> impacting users with less "features".[1]

I would expect [nonprism] would be secure by default,
but the repo should be activated as opt-in.

> The problem I see with this is, people are using nonprism thinking they
> are getting the most secure setup - and are not. However, it is still
> technically in line with the current purpose of nonprism which is "not
> using insecure/privacy invasive protocols". The nonprism repo's
> descriptive purpose is not very well defined on our wiki, so there is no
> statement as to how secure it should be. [2]
>
> To fix this issue I propose the following two proposals for consensus,
> and two questions:
>
> 1) Re-define or rename [nonprism] so that it also includes packages for
> hardened, secure defaults, and less metadata/fingerprinting.

I agree hardened packages belong here.

> 2) Provide a "meta package" that installs
> your-privacy-*hardened/options* rather than just your-privacy. It can
> recommend packages, but they will not be mandatory and should not
> conflict with other software, so that users can comfortably have
> "iceweasel"(insecure) and "iceweasel-hardened" both voluntarily
> installed on the same system.

Can't find any 'your-privacy' package.

> 3) Should we just remove iceweasel/icedove-nonprism instead of further
> complicating things by keeping 3 packages?
> e.g. icedove/iceweasel (insecure), icedove/iceweasel(nonprism/non-free
> protocols facebook and crapware removed), and iceweasel/icedove-hardened
> (which contain actual hardening and some resistance against fingerprinting.)

[libre]
iceweasel/icedove (insecure)

[nonprism]
iceweasel-hardened
icedove-hardened

Could this be installed side by side?

This way users could try running `iceweasel-hardened`
and use just `iceweasel` where needed.

Or maybe using a `iceweasel` (hardened)
and `iceweasel-without-privacy` where needed.
A logo and a warning on installation could help make people aware of
this options.

> 4) Should iceweasel/icedove-hardened be kept in [pcr] or moved back to
> [nonprism] when/if nonprism is re-defined to include hardening?

I vouch for Yes.

> I think it is the expectation of Parabola's privacy repo to provide the
> most secure/privacy respecting packages, even if that means breaking
> some features. However, for a reasonable compromise a voluntary meta
> package seems like the best option.

+1