Privacy on package level


#1

Hello,

we are currently re-evaluating a “privacy enhanced” repository for Parabola (an other FSF endorsed OS), see this issue.

To see, what other privacy focused OS are doing, I would like to ask:

  • What is done in PureOS to enhance the users privacy on the packaging level?
  • Are there any of the packages patched to be more privacy friendly?
  • Are any packages blacklisted due to privacy reasons?
  • Are there any privacy guidelines for packages to be in PureOS’ repositories or to be blacklisted/removed?

Thanks for your work and answer.


#2

Giving 502 Bad Gateway. Could be temporary but you may want to look into that.

Firefox is. However Purism is changing their strategy on that in the near future.

Depends what exactly you mean by privacy. The whole ethos of excluding blobs from the system, never mind about the repository, is privacy enhancing. However that isn’t specifically blacklisting an open source package for privacy reasons.

By the way, I have no connection with Purism. If you want an answer from Purism, best to contact them explicitly via email. https://puri.sm/contact/


#3

Yes, this was temporary. Thanks for the hint.

That the OS should be free is out of question. The question is, what can be done to enhance the users privacy beyond having a free OS.

Ok, wrote them an email. I will post the answer here.