Re: [Tracker] Fear and Loathing in Las Vegas

[fr33domlover <fr33domlover riseup net>]

On 2014-07-10
Martyn Russell <martyn lanedo com> wrote:

> On 05/05/14 10:28, Philip Van Hoof wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Hi Vishesh,
> >
> > It's a long time item on the wishlist to have more fine grained access
> > control on Tracker's metadata (which applications are permitted to
> > access which data). This is (just) an idea on how to implement it.
> >
> > The subject is a reference to a movie.
>
> I have to say, I am a bit averse to this sort of thing, but mainly 
> because I worry about performance.
>
> However, you can't escape requirements by some to have some level of 
> protection over their data in the database when it's being shared 
> /accessed by others putting their own content in there too.
>
> For a while, using multiple DBs was an idea but we've been down that 
> path and it's ugly and complex at times.
>
> Using a hash or secure method is certainly a nice alternative (if it 
> works). My immediate thoughts are about how queries would actually work 
> and what kind of performance hit this would have.
>
> With increasing processing power, perhaps this is less of an issue?
>
> Philip, while this is all great hot air we're producing here, is there 
> an actual requirement for this from someone for something real? :)
>
> Thanks,

I think it can be useful, here's an example: Assume you have Tracker installed,
and you want to install some photo album manager which has a tendency to find
your photos and upload to the "cloud". The problem is that it also takes some
personal photos you don't want to share, and you can't configure it to ignore
those photos.

While this is an app problem, it would be so nice if you could tell Tracker
"don't let that app access these photos", problem solved instantly.

It doesn't even have to be about hashes and crypto - just have an ontology for
"data access permissions" and use it to describe which software can access
which info. When doing a query, cross the result with that data to filter out
the hidden parts.

I think the in general Tracker should be a desktop/mobile data manager, and the
apps should have less control. For example, many 3rd party mobile apps spy on
you and read all your private data. Wouldn't it be so powerful to allow Tracker
to manage this on its end, so that you can give less trust to those apps?

Having the plain option without hashes would also be faster, and you don't have
to fight crackers all the time, since people who desperately want your data can
just sneak behind Tracker to the DB or parse the DB files etc. Of course it's
also nice to have crypto for those who really want it.



I'm not a Tracker user/develop but I've been working on semantic desktop
related things, just wanted to share my thoughts on this.


-- fr33