-
Notifications
You must be signed in to change notification settings - Fork 184
Trust
We would like to minimize the amount of trust you need to place in the uProxy team when using uProxy.
Our work in this direction is ongoing. This document exists to state where we are, and the tactics we're using to reduce the trust you need to place in us.
-
Code Audits. We received an initial code design audit from Cure53 in fall of 2014, and hope to continue receiving code audits in the future. Prefer the firefox build which undergoes an independent code reivew process from mozilla when updates are pushed.
-
Principle of Least Priviledge. The bulk of uProxy code is run in web-workers, which do not have access to priviledged browser-extension APIs. This helps reduce the size of the trusted code base to the freedom.js library. We will continue testing and hardening that library with a focus on code containment.
-
Extendable Social networks. We have built uProxy such that the packaged social providers can be extended by those written by 3rd parties. Some examples of social providers you can host yourself without trusting us are social-xmpp, social-IRC, and social-email. We expect to continue improving our user interface to make use of these alternative networks simpler.
-
Do not enable metric data collection, or report feedback. These options will cause requests to be made from your machine to uProxy.org servers. Reporting feedback in particular will send personally identifiable information like your IP address to us.
-
Do not log into the facebook or google network. These networks will reveal your use of uProxy to your network, and to the social providers. The facebook provider implements presence notifications through firebase, so that network also may leak information of your uproxy usage to firebase and google. Instead, prefer the one-off "copy-paste" initation, passing invitations over an out-of-band secure channel. In the tactics above, we describe how we hope to improve the experience for this effort in the future.