I sent out this email a long time ago, but it never went through.
I saw it in my folder, so decided to try to send it again.
I hope it is not out of context at this point and still relevant.
- First, this is my first time replying to the list, so I should thank everyone first for the great software.
I also want to thank all the users who gave their input, which helped Jitsi development and Jitsi to become a better software.
- I agree with Chris and all his points.
I was also wondering the following:
- Maybe the reason for the lack of secure default settings was chosen in order to make it as simple as possible for non-techy users at first, and users from previous software?
If that was the case, then maybe an extra option can be added when running Jitsi for the first time?
a) As the user runs the software for the first time, then Jitsi asks him if he wants to start with the following choices of settings:
Or something along those lines, and a description of what settings this entails can be written under each choice or when hovering over it
Thus, the normal non-techy user will not have to go through the details of how to set this up himself, but it will be setup for him, based on the option chosen.
If he chooses the “Custom” option, then it will take him directly into the settings of the program, where he can adjust and set whatever he wants.
b) If the user decides to change his choice later on, then he/she can have the following:
There can be an option available to re-run the Wizard again so that the user can choos a different security option
Or he can just go into the detail settings and modify things himself, which at that point, Jitsi will change the setting of the program from whatever registered choice it was before to “Custom”
c) These preset options, whether “Very Secure”, Moderate Security", or “Normal User”, are like a Settings templates, for which it would be interesting to have a kind of plugin or function to be able to import or export settings that were set in the “Custom” option.
Then when the person runs the Wizard again, then his/her saved template can become part of the Wizard from which he/she can choose from.
- Maybe this was already suggested, but just in case.
Date: Thu, 1 May 2014 18:27:02 +0200 From: Philipp ?berbacher <firstname.lastname@example.org> To: email@example.com Subject: Re: [jitsi-users] Fwd: default settings - ever questioned...?! On Thu, 1 May 2014 17:01:29 +0200 Jitsi Mailman <firstname.lastname@example.org> wrote: > ---------- Forwarded message ---------- > From: Chris Kaspro <email@example.com> > Date: Sun, Apr 27, 2014 at 7:07 AM > Subject: default settings - ever questioned...?! > To: firstname.lastname@example.org > > > Hello everybody, > new here so first a quick and big thanks to this great piece of > software. Ever since Sky** was swallowed and now even changed it's > policies, I try to convince as many as friends as I can to use > Jitsi :) Now, to the point: > For many users which are not as 'comfortable' with the computer, I > think some options on the default install should be changed - or > discussed :) These are: > 1.: !!Backup Resolver: Due to privacy reasons, I very much dislike > this "Google option" - now, by default, ALL THE TIME I start up > Jitsi / make a call / invite a friend, Google knows where I am and to > what domain I want to call - as this option is enabled by default! > There are a lot of other, un- logged/filtered public DNS servers out > there (e.g. see [http://www.wikileaks.org/wiki/Alternative_DNS](http://www.wikileaks.org/wiki/Alternative_DNS) ) to > use. This is the a very critical issue for privacy reasons, and > probably most of the users haven't even seen that / looked up the > IP's of "your" Backup resolver. I very much agree with this point. I think that many users of jitsi are privacy-conscious and use it because they do not want to use skype for privacy and security reasons. Those people also don't like to provide information to a company that makes its money with the users private data. Google can easily be avoided, so please do it. Thanks Chris, I was not aware of this and switched to a different DNS server, but this is something my not so tech-savy friends won't do. > 2.:Autostart: is generally disabled. If I want to reach people, they > have to have Jitsi running, but at the beginning I jumped over the > "Autostart on startup" option - so now, many users are simply only > reachable on Sky**. Bugger! I vouch that it is switched to "enabled" > by default, so that people are reachable. I don't see a downside for > this, just positives. > > 3.: Automatically initiate private messaging: Also something I have > overseen at first. I'm going through all the "hassle" of setting up > encryption, but every time I have to be sure that I turn it on? I > don't think there's that much CPU/additional bandwidth involved that > this couldn't be turned on by default (as, when I don't have the > contact verified, it obviously works as a normal chat anyways)? If we > can encrypt, I think we should. I agree, encryption should automatically be enabled if possible. > 4.: Logging: I have seen (at least on the Linux version) that logging > is enabled for all protocols by default. I think this is an > unnecessary risk(if also not big, but it's there - IP addresses etc. > are stored) and performance/disk usage factor (again, not big, but - > how many users even know what that data is?). If I do have an issue > and know how to decipher the logs, then I also know where to enable > it...?! > > I hope that's not too much in one post and thanks in advance for > consideration, > Cheers Chris I don't have strong opinions, one way or the other, on the other points. Regards, Philipp