Linux Privacy Manager is needed

[mintx123]

Just like the Task Manager that monitors all running processes is there a Privacy Manager that monitors processes consuming users data and metadata and maybe a button that keep users all data private. Users data privacy is very important today when the data consumption is exponentially growing and on the other end of the data pipe is an operating system responsible for users data privacy.

[jjp2145-oldtimer]

Just like the Task Manager that monitors all running processes is there a Privacy Manager that monitors processes consuming users data and metadata and maybe a button that keep users all data private. Users data privacy is very important today when the data consumption is exponentially growing and on the other end of the data pipe is an operating system responsible for users data privacy.

I had a chuckle reading your question. You seem to think that processes consume data and metadata and that the operating system is responsible for the user's data privacy. The internal data engine is an idea that fills me with great mirth.

Now that we have that out of the way, are you talking about preserving anonymity online? Are you worried about being hacked? Are you worried about physical access to your computer?

I personally encrypt everything. Because I don't like the idea of people being able to read my data. I run firefox with noscript extension. I have Facebook blacklisted. I am loathed to install anything that is not in the official repositories, although I have done so.

What your asking for is not possible. You can cut your internet access, that is the only way to assure that your data is protected from people without physical access to your computer. And yes, I do own a computer that has never been connected to the internet.

[mintx123]

Thanks for your reply.
The way the browser is changing today its just a matter of time to see a AI version of it will be on every personal device. Some operating systems are already shipping out with inbuilt AI. If the underlying host system cannot guarantee the safety its users data from the application stack residing on top then what else can ? Data harvesting from the applications is happening in a very rapid pace today and very difficult to trace mostly through browsers and applications. We can see companies putting up online privacy dashboards that users manage what data they keep about the user. Just wondering if there is any way the os can provide a local privacy dashboard or privacy manager for the user to decide on the os level locally before the users data is gone somewhere else.

[jjp2145-oldtimer]

Can you point to a privacy dashboard that is not an illusion of control for the end-user? I just looked up what Microsoft is saying about their privacy dashboard, One, it is stored in the cloud. Two, you have to log into a Microsoft account to access it. Three, Bing and Cortana log what you searched for in the first place. Do you trust Microsoft? If you value your privacy, don't store stuff on other people's computers.

[mintx123]

Thanks for your reply,
The last time I checked it I saw my c drive remaining space as well as find my device and antivirus scan results. Does that mean my files list on my device is imaged somewhere. With AI introduced in intelligent browsers and intelligent crawlers what choice of privacy do I have ? The data pipe activities are invisible and cant track what is happening to data on my machine accessed by these intelligent applications. AI that can be used to decrypt anything ? And AI is out of humans judistriction ? This is why I was thinking to shifting all personal activities to Linux. Earlier I used Linux only for programming activities. Now I think it is time to switch my personal activities to it. Just like you mentioned an offline computer.

But still the question that remains is about one principle...

1. Is the operating system responsible for protecting the users data on the users device ? Then full control for application isolation and monitoring needed ? Even hardware rigging risks and isolation ?

2. Is the operating system responsible for protecting the users data on the any device ? Then should anyone own a device or an account ?

[jjp2145-oldtimer]

1. Is the operating system responsible for protecting the users data on the users device ? Then full control for application isolation and monitoring needed ? Even hardware rigging risks and isolation ?

2. Is the operating system responsible for protecting the users data on the any device ? Then should anyone own a device or an account ?

1) The definition of data is too broad for me to answer the question. I get the sense that you are referring to your digital footprint, in which case the answer is no, the operating system is not responsible for masking your identity online. Your firewall, browser, and a VPN to cloak your IP address are the solutions to this particular problem. On Linux Mint I would suggest firejail to sandbox your browser if you are worried about it. But I just changed the definition of data mid-paragraph. Cutting the internet altogether is the safest bet, so yes removing the hardware needed to connect to the internet is a solution.

2) I take it you have a Microsoft account. Do you log into it when you log into your machine? I personally don't think anyone should have such an account that follows then around from machine to machine. This was a major turn-off when support for Windows 7 came to an end. No Linux Distro has such an account. This does not mean that the operating system is protecting you, it means something closer to the operating system does not require you to hurt yourself.

[Portreve]

Hey mintx123:

Just like the Task Manager that monitors all running processes is there a Privacy Manager that monitors processes consuming users data and metadata and maybe a button that keep users all data private. Users data privacy is very important today when the data consumption is exponentially growing and on the other end of the data pipe is an operating system responsible for users data privacy.

--- and ---

1. Is the operating system responsible for protecting the users data on the users device ? Then full control for application isolation and monitoring needed ? Even hardware rigging risks and isolation ?

2. Is the operating system responsible for protecting the users data on the any device ? Then should anyone own a device or an account ?

So, I think your questions are based on a total lack of understanding how things work.

Data privacy has NOTHING to do with your computer or the operating system it's running, so long as the OS in question doesn't by some mechanism report any of your information to some external location. As GNU+Linux distributions don't go around doing that (certain exceptions to this related to Canonical's stuff and the "popularity" package which doesn't share your actual user data nothwithstanding) this isn't a relevant factor for those running such operating systems. As Linux Mint falls under that rubric, this is not a relevant factor for its users, by definition.

You can't locally control what someone else is doing somewhere outside of your local control. To put this another way, your decision not to allow the ownership of baseball bats in your house and on your property doesn't prevent someone who lives elsewhere from hitting you over the head with a baseball bat when you go to the mall.

If you don't want to be compromised, don't go to places that will compromise you by the very nature of what they do (for example, social media sites) and don't open yourself up to vulnerability through various forms of phishing, through interacting with malware-ridden email, etc.

[mintx123]

Thank you for your replies,

Its just a developers thinking.

USER EXPERIENCE is a powerful tool that used today for trading USER's PRIVACY. The convenience of visualising user data anywhere and the laziness to remember secrets and laziness to even powering on devices to view them even on handheld devices phones etc. are the weaknesses exploited very much in the name of responsiveness.

Browser injection of code and reduction in code to content ratio in web are some of the things as developers are experiencing today. The presentation layer being controlled by the browser or AI rather than the authors intention. The more screen time is for the handheld personal devices today than desktops or laptops.

The audience wants convenience sacrificing their privacy. Handheld devices plays a huge role. Developers are becoming more and more like content builders creating more content than code. Closed APIs and Closed platforms been provided for free...?

Data has now a very broad definition today and the data pipelines are already laid out all across the internet for data harvesting. Some of which are...

Documents - The app auto save
Photos - The app auto syncs, cloud face tagging, location tagging
Audio - Voice assistant, voice recognition etc.
Video - live streams
Clipboard - Browser auto save
Keypad strokes - Search autocompletes
Saved passwords - Browser auto save
Bookmarks - Browser auto save
Recent visited websites - Browser auto save
Screen time - Browser auto save
Battery Charge - Browser auto save
Find your device - App controlled from the cloud
GPS Location - Browser auto save
Recent Files - Browser auto save
Emails - Browser auto save
Virus Checks - App sends stats to cloud
Published websites - business audience tracked by cloud analytics
An AI working on all the above private data...?

The reason of this thinking is to bring back USER PRIVACY using USER EXPERIENCE on a trusted OS. To make privacy convenient to the user. What is needed are the tools that helps users make informed decisions. The thought of the privacy manager as a simple GUI or CMD to guide the user what the operating system recommends them to do to protect their data privacy and gives the user a personal space. Let the user decide but do recommend ? Not like the terms and conditions that some companies do to achieve a particular User Experience. But just the opposite like a simple GUI or button saying keep private all data and then continue recommend user or provide OS recommendation tools locally for the user to check at runtime.

[antikythera]

I believe you may find Tails interesting if you haven't heard of it

[mintx123]

Thanks for the info.

[mintx123]

How can I see what data is going out of my machine today and how can I sign it ?
Is this a possibility today ?

[t42]

You can see it all with Wireshark

[Moem]

Thank you for your replies,

It's nice to thank people for their replies but it's better to show that you have actually read and understood them, by replying to what people are saying. Copy-pasting your own replies from identical conversations on other forums makes you sound like you aren't listening, and are just interested in repeating your own talking points.

How can I see what data is going out of my machine today and how can I sign it ?

What do you mean by 'sign it'?

[t42]

What do you mean by 'sign it'?

and how? hijack own SSL session as a 'person' in the middle and inject packets with a signature ? that's clever ... ISOC needs to initiate RFC for the new network protocol.

[mintx123]

Thanks,

Yes so if you see now in the internet the trend is a one way signing contract. Means that as a server and client relationship of data exchange the server signs the data and the data pipe. The client has no access to the data pipe.

What I was thinking was a 2 way signing contract for data exchange with a signoff document protocol. Means as a client as provider of my data I need access to the data pipe. I need full transparency of my data on the data pipe (traceroute my data). Means that I will be able to decrypt the data pipe with my local credentials. The data pipe becomes open both ways like a 2 way pipe. 2 way signed secure data exchange. Today its a one way secure exchange.

If a 2 way signing contract is not possible then the privacy manager should intercept the data before it enters the closed data pipes. Tools like Wireshark cant get into the secure HTTPS data pipes. Data needs to be screened before it enters the data pipe and signed (approved) locally ?

[t42]

Tools like Wireshark cant get into the secure HTTPS data pipes. Data needs to be screened before it enters the data pipe and signed (approved) locally ?

And that's a good thing. With wireshark you can analyze streams directions, ports and protocols used, and be sure that you can't access the content. But to dismantle data safety status quo and concurrently became the ruler of the world? ...oh-so-clever...

[mintx123]

Thanks for your reply,

The concept I am thinking a pretty basic. In a simple data exchange contract between 2 operating systems via, a secure channel all I am saying is both parties should sign the contract. Both parties should have visibility and transparency to the transaction involving their data. One side should not be blinded.

The process of signing on data exchange establishes that the other party has the rights to use the data from the signing side. A secure data exchange protocol (not SSL) could enforce this mechanism to bring clarity on the data routes. Especially when multiple network hops are involved where tools like Wireshark cant help the protocol itself should inform the privacy managers on both parties on the data traceroutes. 2 way decryption. Peer to Peer Trust or Trust Circles (Linux local groups) or Trust Ledger. More like a 2 way real-time signed secure handshake network protocol. Hypothetical privacy manager becomes the tool for signing data contracts for the user experience ?

As a signing party to a data contract as a local user I need to exactly know what my data is used for and where it went ? Will this be fair to know ?

[Hoser Rob]

Thanks for your reply,

The concept I am thinking a pretty basic. In a simple data exchange contract between 2 operating systems via, a secure channel all I am saying is both parties should sign the contract. Both parties should have visibility and transparency to the transaction involving their data. One side should not be blinded.

The process of signing on data exchange establishes that the other party has the rights to use the data from the signing side. A secure data exchange protocol (not SSL) could enforce this mechanism to bring clarity on the data routes. Especially when multiple network hops are involved where tools like Wireshark cant help the protocol itself should inform the privacy managers on both parties on the data traceroutes. 2 way decryption. Peer to Peer Trust or Trust Circles (Linux local groups) or Trust Ledger. More like a 2 way real-time signed secure handshake network protocol. Hypothetical privacy manager becomes the tool for signing data contracts for the user experience ?

As a signing party to a data contract as a local user I need to exactly know what my data is used for and where it went ? Will this be fair to know ?

For "pretty basic" substitute "extremely ill informed". None of what you suggest is simple, it's in fact unworkable.

[mintx123]

Thanks for your reply,

Information is what you learn around you.

In a RADIO to tune in a frequency the RADIO doesn't tell you to get off the frequency because it is unsafe. One way broadcast ?

A church timings or a school timings website on http today the browser will tell its unsecure ? Two way transmission ? The choice protocols should it be enforced ? Why anyone should unnecessarily buy security certificates if they don't need it to be on the internet ? Why the internet channels have increasingly become closed ? Can AI decrypt SSL ? Just thinking...

The programming in the past 10 years heavily shifted focus to data harvesting, analytics, micro servers and AI. The trend is to build high speed data analysis programs, highspeed data broadcasting containerized micro servers, mathematical style inline syntax languages to be coded further by AI, high speed network lines and of course smartphones with high storage capacity for personal data and high speed network for sync.

Every thing today revolves around the valuable commodity called DATA. When browsers and apps are increasingly converting requesting clients into metadata broadcasting micro servers. It is becoming more and more important to secure data. The operating system has a key role today to be capable of this.

There is no rule to have a single internet or a single protocol. For a clean slate ?

In a real world example say I am visiting a bank and submitting some personal identity document copies what I usually do is attest these copies and put my signature before handing it over to the bank. Now if the bank wants to give my details to a third party loan department they will forward my signed copy copies by additionally signing it. In this way when I approach the loan department I will see the copy of my id signed by me and the bank and then I will understand the trust chain. From the data trail and the signature trail. The bank, loan department and me are all authorized to see the document and know who it is shared with when requested. Open network in trust circle.

Cant Linux machines interact with each other to exchange data today in a open network between native peer to peer trust circles just like the real world examples ? Is this unworkable ?

[tuxoneseven]

Why the internet channels have increasingly become closed ?

Because centralized services are a very profitable business. The model is simple, the user pays money and owns nothing. If the service is "free", the user gets screwed in another way. No free lunch

> You WILL own nothing.
> You WILL be happy.
> Dissidents will be executed

Can AI decrypt SSL ? Just thinking...

Not using publicly available technologies, but SSL can be decrypted.