Sorry, last post was sent from my wrong email address. Please use this
address for replies.
Dear Fedora Team,
I recently raised this issue with security@ and it was suggested that
desktop@ might be a more suitable place.
Please note that I'm talking about the average home user here. He has
one computer and one printer. If he mentions networking he's talking
about connecting to his ISP, and he has to be his own sysadmin with
little or no knowledge.
The feature needed for home users is the ability to block programs from
accessing open network ports in a very similar manner to the older 3.x
series of Zone Alarm for Windows. The standard options of “accept” and
“deny” are not enough, they also want the option “always ask”.
For people that live in rural areas internet access is slow and
incredibly expensive, at the moment just disabling packagekitd saves $10
a month, but I don't think this is an ideal solution. People in cities
don't seem to understand the inconvenience that comes with this too,
Packagekit doing a 25 Mb download means the internet connection is too
slow to be used for anything else until Packagekit has finished –
roughly 40 minutes. It would be so much better if the firewall popped up
a box saying "packagekitd is trying to access the internet. Do you wish
to allow this? [y n ?]"
And it's not just software updates that are helping themselves without
asking, try using Wine. These issues became important to me when Win8
first came out, people hated it so much that that one third of my
community is now running Fedora. Now that I've got a little more
information and feedback about Win10 I predict that number will double.
That means a wider range of devices and drivers including propriety
drivers. As they become more popular they'll become more sophisticated
and start including spyware. “Your Canon printer driver is trying to
access the internet. Do you wish to allow this? [y n ?]” Just blocking
:80 is not going to be very helpful.
Please make this topic part of your discussions, there's a lot more
people living in rural areas than you might think.
Next meeting is Wednesday, 2015-Aug-05 at 1400 UTC / 10:00am
* What are the next steps for Atomic Workstation?
I've kept the agenda short because there wasn't time for this item
last meeting, and I think it will easily consume the hour. (The
password policy can and should be sorted out on list at this point.)
However, if there are urgent additions please feel free to respond
with a suggestion!
Paul W. Frields http://paul.frields.org/
gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717
http://redhat.com/ - - - - http://pfrields.fedorapeople.org/
The open source story continues to grow: http://opensource.com