Nadal nie wdrożyłeś ustawy dot.RODO.Sprawdź.

[Kancelaria Prawna]

Zadbaj o bezpieczeństwo danych osobowych w Twojej firmie.



Wdrożymy dla Ciebie wszystkie procedury, aby były zgodne z RODO.



Przeszkolimy Twój personel.



Przygotujemy spersonalizowaną dokumentację.



Jeżeli chcesz wiedzieć więcej odpisz na tą wiadomość *TAK* i pozostaw swój 
_numer telefonu_, zadzwonimy do Ciebie najszybciej jak to możliwe.


__
Z wyrazami szacunku,


Kancelaria Prawna

Bug#941256: ITP: ukui-interface -- Provides the interface for system configuration.

[handsome_feng]

Package: wnpp
Severity: wishlist
Owner: handsome_feng 

* Package name: ukui-interface
  Version : 1.0.0
  Upstream Author : Liu Hao 
* URL : https://github.com/ukui/ukui-interface
* License : GPL-3.0+
  Programming Lang: C
  Description : Povides the interface for system configuration.
  Contains the interface of print, application, background, date, default
programs, desktop, font, keyboard, marcogeneral, mouse, network, power,
screensaver, session, system info, touchpad, user and so on.

  And kylin team will maintain this package.

Re: Mozilla Firefox DoH to CloudFlare by default (for US users)?

[Florian Weimer]

* Adam Borowski:

> Let's compare; by "ISP" I mean every hop on the network path.
>
> With local DNS:
> * the target server knows about you (duh!)
> * the ISP can read the destination of every connection
>   [reading the DNS packets, reading the IP header, reading SNI header]
> * the ISP can block such connections
>   [blocking DNS packets, blocking actual connection]
> * DNSSEC forbids falsifying DNS
>
> With DoH:
> * the target server knows about you (duh!)
> * the ISP can read the destination of every connection
>   [reading the IP header, reading SNI header]
> * the ISP can block such connections
>   [blocking actual connection]
> * Cloudflare can read the destination of every connection
>   [they serve the DNS...]
> * Cloudflare can falsify DNS¹
> * Cloudflare can block connections
>   [blocking or falsifying DNS response]
>
> So currently DoH is strictly worse.

Furthermore, you don't have a paid contract with Cloudflare, but you
usually have one with the ISP that runs the recursive DNS resolver.

If you look at 

  

you will see that the data is shared with APNIC for “research”:

| Under the terms of a cooperative agreement, APNIC will have limited
| access to query the transaction data for the purpose of conducting
| research related to the operation of the DNS system.

And:

| Specifically, APNIC will be permitted to access query names, query
| types, resolver location



Typically, APNIC will only see a subset of the queries if you use your
ISP's DNS resolver (or run your own recursive resolver).

Cloudflare only promises to “never sell your data”.  That doesn't
exclude sharing it for free with interested parties.

(Some people may find it amusing that I'm concerned by this because I
opened that particular can of worms fifteen years ago.)

Re: Mozilla Firefox DoH to CloudFlare by default (for US users)?

[Florian Weimer]

* Robert Edmonds:

> The entire DNS root zone is only 1 MB compressed and is updated about
> once a day. It would be even better for privacy if the whole root zone
> were distributed via HTTPS, as the initiator would not reveal to the
> server any information about what TLD is being looked up.
>
> There are currently ~1500 TLDs in the root zone. Dividing 1 MB by the
> number of TLDs, this is ~700 bytes per TLD, which is roughly the amount
> of bandwidth required by a query/response pair of UDP DNS packets to
> obtain the delegation for a TLD.

Or you can turn on query minimization and NSEC-based NXDOMAIN
synthesis, at which point there is hardly any privacy leak left.

The challenge with the root zone is that anyone can become a de-facto
root server operator for their own part of the Internet (at least with
physical control over machines), by inviting some of the established
operators to host an anycast node on their network.  It's very
difficult to guarantee privacy in such a widely distributed system.

Re: Mozilla Firefox DoH to CloudFlare by default (for US users)?

[Bjørn Mork]

Robert Edmonds  writes:

> The entire DNS root zone is only 1 MB compressed and is updated about
> once a day. It would be even better for privacy if the whole root zone
> were distributed via HTTPS, as the initiator would not reveal to the
> server any information about what TLD is being looked up.

Running a local root instance is possible and easy.  See
https://tools.ietf.org/html/rfc7706


Bjørn

Bug#941268: ITP: spview -- a spectrum viewer for high-resolution molecular analyses

[Cyril Richard]

Package: wnpp
Owner: Cyril Richard 
Severity: wishlist
X-Debbugs-Cc: debian-devel@lists.debian.org,debian-scie...@lists.debian.org

* Package name: spview
  Version : 2.0.0~beta1
  Upstream Author : Cyril Richard 
* URL : https://gitlab.com/lock042/spview
* License : GPL-3+
  Programming Lang: Java
  Description : SPVIEW is a multiplatform Java application that allows
graphical assignment of high-resolution molecular spectra.

It will be maintained within the Debian Science Working Group. A git
repository could be created on salsa.

Best regards

Cyril

[1] : https://www.sciencedirect.com/science/article/pii/S0022285208000532

Bug#941271: ITP: golang-github-morikuni-aec -- Golang wrapper for ANSI escape code

[Dmitry Smirnov]

Package: wnpp
Severity: wishlist
Owner: Dmitry Smirnov 
X-Debbugs-CC: debian-devel@lists.debian.org, 
pkg-go-maintain...@lists.alioth.debian.org

   Package name: golang-github-morikuni-aec
Version: 1.0.0
Upstream Author: Taihei Morikuni
License: Expat
URL: https://github.com/morikuni/aec
Vcs-Browser: 
https://salsa.debian.org/go-team/packages/golang-github-morikuni-aec
Description: Golang wrapper for ANSI escape code
 Golang library to manage ANSI escape codes.


signature.asc
Description: This is a digitally signed message part.

Re: Mozilla Firefox DoH to CloudFlare by default (for US users)?

[Nicholas D Steeves]

Wouter Verhelst  writes:

> On Sun, Sep 08, 2019 at 11:17:13PM +0200, Marco d'Itri wrote:
>> On Sep 08, Ondřej Surý  wrote:
>> 
>> > I would rather see an explicit statement. I would be very surprised 
>> > with Debian’s usual stance regarding the users’ privacy that we would 
>> > not consider this as a privacy violation, but again I am not Firefox 
>> > maintainer in Debian and I would rather hear from them than speculate 
>> > on my own.
>> I think that this is a privacy enhancement, since it prevents some major 
>> ISPs from spying on users DNS queries.
>
[snip]
>> It would be a terrible signal if Debian decided to disable an 
>> anti-censoship feature provided by an upstream vendor.
>
> Except DoH is *not* an anti-censorship feature. It is a feature that
> provides a net reduction in privacy.
>
> CloudFlare says that it won't read your DNS requests -- scout's honour!
> -- but even if that's true and we can believe it, there's no reason to
> assume it will continue to do so forever, past any potential future
> acquisitions or CEO changes.
>
> Mozilla really missed the ball on this one. OpenBSD already made the
> necessary changes to Firefox. I think we should, too.
>

+1 !

Especially because

Florian Weimer  writes:

> If you look at 
>
>   
>
> you will see that the data is shared with APNIC for “research”:
>
> | Under the terms of a cooperative agreement, APNIC will have limited
> | access to query the transaction data for the purpose of conducting
> | research related to the operation of the DNS system.
>
> And:
>
> | Specifically, APNIC will be permitted to access query names, query
> | types, resolver location
>
> 
>
> Typically, APNIC will only see a subset of the queries if you use your
> ISP's DNS resolver (or run your own recursive resolver).
>
> Cloudflare only promises to “never sell your data”.  That doesn't
> exclude sharing it for free with interested parties.
>

So a metadata leak (by design) to an unbounded number of entities,
affecting all Firefox users, at a time when this data is gold?

How is this not as bad or worse than GAFA?


Regards,
Nicholas


signature.asc
Description: PGP signature