Hi, I have just implemented lintian-privacy-breach tags [1,2]
These tags check for webpage fetching external documents and thus allowing to track our user. Lintian is beeing to run over the archive but nevertheless we get some partial result (expect full archive coverage in a week or two). I plan to mass bug the concerned package. They are some pattern in the privacy breaking website: - Valid html icons (w3.org). This one is problematic because we could not carry the icons in our tree (icons are not modifiable thus not free). Do we have an alternative ? - website logo => could be stripped I think (sourceforge/roots) - gpl/creative common logo => replace by packaged one - tracking website (cruel-carlota.gopagoda.com,sitemeter.com/onestat.com/, fastcounter.linkexchange.com, one pixel ebay image,) => should be ripped - donation website. This one is problematic. I consider unethical to strip completly the donation part on the documentation. Free software need money. But I consider unethical to track our user. Thus I personnaly think documentation in this case need to redirect (but asking for a user click and by loudly noting that user will be redirect to external site) to upstream website. I need some comment on this I plan to transform the generic tag to more fine tags depending of the category. I have some xslt script and I plan maybe to create a dh helper to run against common offenders. Feel free to comment Thanks Bastien [1] http://lintian.debian.org/tags/privacy-breach-generic.html [2] http://lintian.debian.org/tags/privacy-breach-google-adsense.html -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CAE2SPAYdHddZfcwjhivz9XWiMh5eCCJ_2z9=0mnl-w4n3de...@mail.gmail.com
