Privacy leaks via app APIs
Xfce devs, please take action on the two following items:
- List which APIs your application uses, and whether these APIs can be watched/inspected by a) other apps and b) eavesdroppers on users' network (including their own ISP);
- Assess c) how critical those APIs are to your application's functionality, and d) whether they could be replaced or e) the feature disabled without making the app useless.
In the case of the volume daemon, we should look to protect the communication channel between the Xfce app and the sound daemon by creating an encrypted or access controlled channel. Right now though, we're only looking at knowing how users can be spied on.