Lecture: Towards a more secure operating system without sacrificing usability
aka the GNOME challenge:
GNOME is a desktop that cares about its users and their freedom. To be free also includes to have the freedom to use your computer without having to fear of getting compromised or anyone listening to your communication. GNOME takes tries hard to put the user back into the control seat regarding security and privacy. We will see two examples of how GNOME gives you back that control. The first is a classic: The problem of signing OpenPGP keys. The second is the protection against malicious USB devices.
The new GNOME 3.24 brings many visible improvements will be delivered to users around the world. While many people already excitedly use GNOME 3 with the new user experience, some features of the new and elegant desktop like LibreOffice integration or editing photos with non-destructive GEGL operations are not yet wildly known. We also did many things on the plumbing layer such as containerisation of apps using Flatpak.
In this talk, you will see examples of how GNOME tries to give you back control over your computing. Firstly, we have Flatpak, the containerisation of desktop apps. With Flatpak, users can sandbox their applications while still having them integrated into their desktop, e.g. have them started like native apps, have them print documents, or open and save files. This level of integration make it arguably more complex than, say, using Docker or rkt to run your applications. Secondly, GNOME tries to address the problem of signing OpenPGP keys. Currently, that is a tedious process with many things that can (and will) go wrong. Finally, a prototypical protection against malicious USB devices is shown. Do you know when you use your USB? And when you don't? And, more importantly, when someone uses your USB? We present an approach which may be well suited for preventing abuse of your computing.