[ubuntu-studio-devel] US Wiki/ help regarding data protection

Set Hallstrom set at ubuntustudio.org
Mon Jun 20 19:47:37 UTC 2016 

On 2016-06-20 21:08, lukefromdc at hushmail.com wrote:
> Here is a short, simple overview that could be used as a starting 
> point by  nearly anyone able to boot US live:
> 
> Due to the growth even in open source of applications that "phone 
> home," when it is necessary for privacy or security reasons to be 
> able to deny having produced a media item, it should be done on a 
> computer that is not connected to the Internet.  The finished media 
> can be moved by a new flash drive to another computer in another 
> location for publication.
> 
> When even more security is needed, UbuntuStudio can be run from the 
> live DVD or flash drive, and the raw media clips can be kept on 
> removable media and editing applications set to put their temporary 
> files on the same media. When the job is done the media containing 
> the raw material (USB 3 flash drive or the original camera card) can 
> simply be destroyed. A USB 3 flash drive will give far better 
> performance when running "live" than a DVD or a USB 2 flash drive 
> will.
> 
> UbuntuStudio is almost opposite say, Windows 10 when it comes to 
> security. No automatic backup to cloud servers, no automatic sharing 
> of encryption keys with Microsoft, no "unique advertising ID," and so
> on. UbuntuStudio is not financed by selling your personal information
> to advertisers.
> 
> On the other hand,  even things like automatic checks for updates
> can reveal the existance not only of a computer but a computer with
> a media editing program consistant with what adversaries believe the
>  media in question was produced on. Automatic crash reports can do
> the same. All of these generate server logs that can be accessed by 
> authorities or just plain stolen by hostile hackers.  A computer
> that is not connected to the Internet can't connect to cloud servers
> nor be listened in on over the network.
> 
Thank you Luke, it is well formulated and benevolent. You have some very
good points, but i would like to avoid handing out "general/good
practices". I'd rather issue a firm warning and link to some trusted and
well furbished documentation source: Handing out good-practices would
require us to be very detailed and i think it is out of Ubuntu Studio's
scope. It could also render us responsible for failed attempts to remain
invisible. If not in the public eye, in the eyes of a victimized user.

How about this?:
> Because Ubuntu Studio is open, cares for freedom, strives for 
> transparency, and is not financed by selling your personal 
> information to advertisers, it's true that Ubuntu Studio offers 
> better control over your privacy than proprietary operating systems 
> usually do. Ubuntu Studio does not include software for encryption 
> and/or anonymity, but you can and are free to install such tools. 
> However, even when you use tools known to grant the strongest 
> available privacy, there are still pitfalls.
> 
> As soon as a computer is connected to the Internet, user errors and 
> misunderstandings, can render even the strongest protections useless:
> Third parties not necessarily need to do something manipulative; a
> user's lack of knowledge can easily make sensitive information
> public, usage-patterns can easily make the origin of sensitive
> information identifiable and once such data is stored on the
> Internet, there's no way to control it.
> 
> Journalists, activists or anybody else working with sensitive 
> information should consider never connecting computers containing 
> such information to the Internet. To learn more about how to
> transfer sensitive information to Internet securely, read [link to
> some guide] or (preferably) ask someone tech-savvy close to you who
> you that you trust deeply.




-- 
Set Hallstrom aka sakrecoer


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-studio-devel/attachments/20160620/67d88ee4/attachment.pgp>

More information about the ubuntu-studio-devel mailing list