Discussion in 'privacy general' started by Pinga, Dec 8, 2012.
Incredible... I would have never thought that such things can happen in Linux. If i were to install Ubuntu, i would have never suspected that such "feature" existed and thus i wouldn't have shut it down.
Canonical, the Microsoft of Linux world?
Are all Ubuntu flavors (Xubuntu, Lubuntu, etc) doing this?
Stallman isn't to be taken seriously. His opinions can be summed up as "If it doesn't fall into my ridiculously restrictive views it's evil and terrible". He's incredibly childish, which has been the case for years.
No, it's not in any of those.
People should really read up about the feature before they call it spyware. It only sends what's in your Dash (as in if I type in "pidgin" it sends "pidgin", not any results like "pidgin.txt" or its contents). It sends it to Canonical, not Amazon.
So ask yourself what you type into the Dash that's sensitive. Ask whether you trust Canonical with that information or not.
If you don't trust Canonical with that information, don't bother disabling it (which is easy) because you've got much bigger problems. Canonical packages your kernel, system services, everything - if you don't trust them you'd best get to another OS.
Thanks for the info, Hungry Man and Pinga. Since I use Ubuntu One, I guess I trust them, but how would you disable the dash feedback?
Just type "Privacy" into the Dash and the privacy settings will come up.
Thank you. I know that setting but did not know it applies to the dash.
There's a difference imo between online purchases/searches (and letting Canonical making money of it) and private doc searches and sharing (anonymized) info on both.
Does Dash actually work that way? (Haven't got it installed).
Could a private, f.i. medical, Google Drive (or local drive) doc search in Dash result in an Amazon recommendation?
In the context of things (lots of other privacy leaking going on) I'm left wondering what (what agenda) motivated him to single out Canonical and to sensationalize this (5-6week old) news.
If I search for a file like "example.txt" all Amazon sees is "example.txt" from Canonical. If example.txt contains my credit card info they don't see it, no one in this situation would.
If I then open it via the Dash they still don't see anything more than "example.txt".
The reason I stayed with 12.04 is different than this, but the Amazon integration is worse than previously known. What is Ubuntu becoming?
It would be very foolish to dismiss what he says simply on the basis that his views are restrictive to common business practices and he is uncompromising. The points he raised in his article, which IMO should be the focus rather than him, are reasonable ones. Canonical pulled a sleazy maneuver and, frankly, I think we all (including you) know that. The inclusion of an opt-out mechanism doesn't really change that. At best, it makes the move "less sleazy but still sleazy". To those who know about it that is. It is reasonable to expect that many users remain unaware of it. Given Canonical representative statements to the effect that it intends to extend the practice, it is appropriate to remain concerned about new/additional information security and privacy issues cropping up down the road.
Readers should not only consider what they themselves (might) search for, but also what others (possibly including professionals that could be working with the reader's personal information and/or files) might search for. Now and in the future. It is a fact that filenames can and often do contain personal or other sensitive information. By extension, it is probable and possibly certain that this change has resulted in sensitive information being sent to Canonical and yes, by extension, to Amazon as well. Even in cases where the information isn't considered by its owner to be sensitive, there is still a valid "no need to know" argument that Canonical shouldn't have changed things so that it is collected/forwarded by default. Here again, we don't know how things will change down the road and whether that could result in new/additional information being collected/forwarded to same or other parties.
Conceptually, and in fact historically I would say, it is one thing to "trust" an entity to release software that is reasonably secure/safe including against (potentially sensitive) information leakage, but it is an altogether different thing to "trust" that entity with the information itself. IOW, the "if you trust us enough to run our software you should trust us with your information" argument is a poor one. Even those who believe it is appropriate to "trust" a developer should realize there are degrees of "trust".
Not new, been discussed here: https://www.wilderssecurity.com/showthread.php?t=335051
I have decided to replace all of my Ubuntu installs with something else.
From the article
In language a linux noob can understand, how does one tell if a distro like Xubuntu contains this code?
I think only Unity desktop environment has this.. so Xubuntu/Kubuntu and others should be fine.
It doesn't. They don't have Unity.
There's also 0 reason for a modified Ubuntu version as you can easily disable this feature or just uninstall the component.
I don't consider it sleazy at all.
I think it is a very small minority of users who will be typing any sensitive information into the Dash - typically file names don't contain sensitive information. In the rare instance that someone does input sensitive info into the Dash they can opt-out.
My point is that people are stating they worry what Canonical will do with the information. If they're worried about Canonical using their information they should use another OS.
Does windows really send search queries?
That comment of his seemed to refer to something in the probably distant past and the wording is vague enough that I find it hard to decide whether he meant "surveillance" as in "telling a server *when* the user searched" or "telling a server *what* the user searched for". Going back at least as far as XP, perhaps farther I can't remember now, search companion would communicate with remote servers. A quick search turned up this description: http://technet.microsoft.com/en-us/library/bb457178.aspx. I've always walled off its Internet activity via Search Companion settings, Group Policy, and firewall rules. I haven't spent enough time with newer versions of Windows to comment on their various settings/behaviors.
If you were REdesigning a bridge would you say "I think only a small minority of traffic is 18-wheelers so we should only design the new bridge to carry lighter weight vehicles. For the 18-wheelers, we'll put a warning in fine print on some sign somewhere. Yeah, they might not see that but oh well"? When it comes to software vulnerabilities, do you believe the only ones that should be addressed are those which will, per your own estimate, actually come to affect the vast majority of users? IOW, do you not understand the concept of conservative engineering decisions and designing solutions that will reliably work *for the problem scenarios* even if/when they are thought to be less likely than the non-problem scenarios?
Many people remain unaware of things that they would want to know about, certainly when those things aren't overtly brought to their attention via clear and unavoidable disclosure at the specific time/place of the thing. Many people forget to address all of the things that they do know about. In some cases, and I think this could come into play when people use Ubuntu live CDs, the repetitive burdens of readjusting things as desired wear people down and they often give in to things they don't want to give in to. I think when it comes to controversial changes such as this, those that choose opt-out over another approach (opt-in or actively prompting the user to set a preference as desired) are very well aware of the situation and want people to overlook it, forget about it, give in, etc. IOW, they are literally trying to sneak/push something past users who would object to it. When you advocate the use of opt-out for this change and such a "feature", is that what you are advocating?
I have to agree with Stallman on this, lousy move by Cannonical and after putting a donation page up aswell I have to say turn it up. Really you can't be asking for donations and then putting spyware into your operating system, seriously money grubbing tactics and a big WTF.
I'm still on Ubuntu 12.04LTS but this might be the last Ubuntu I use.
I hate this as I think Stallman is a flake on so many things, but he's right about this.
I don't see these situations as analogous at all.
The implementation of this feature is the issue. I think the installer should be the same as Windows SmartScreen, where they state that a feature will connect out to provide a service - to be clear, not opting in, the feature is enabled and users are made aware and they can then choose to opt-out at install time. The feature itself is not nearly as terrible as Stallman is trying to pass it off as, nor the media at large, which will jump on anything remotely controversial.
I think it's a perfectly acceptable means of generating revenue, teaming with Amazon to present ads based on a user's preferences. There is no "big ugly ape" of an app dispensing with all of your pron and card numbers.
Having said that, I'll stay with Linux Mint if it's all the same to you.
Here are basic scenarios...
1) A feature is enabled by default and someone wanting it to be disabled has to become aware of that, possibly remember that for awhile, find the setting, then disable it. There is the potential for someone not wanting such a feature to be enabled to overlook that it is enabled. This is what most people mean when they say "opt-out".
2) A feature is disabled by default and someone wanting it to be enabled has to become aware of that, possibly remember that for awhile, find the setting, then enable it. There is the potential for someone not wanting such a feature to be disabled to overlook that it is disabled. This is what most people mean when they say "opt-in".
In cases such as this where a feature is controversial because it can have adverse consequences for users, the potential to overlook its setting(s) is obviously a problem. Assuming the developer isn't trying to push/sneak *their* preference past the user, they will address this problem by forcing the user to confront the situation and set things the way they want things *before* the feature can come into play. The developer *asks* the user what *they* want. The developer can ask in different ways. For example if just enable/disable are the appropriate options...
3) On a page have two mutually exclusive check boxes ("radio buttons"), one for enable and one for disable, with *neither* checked by default. This approach a) does not bias the user towards one or the other, and b) in most implementations would also prevent the user from inadvertently and without realizing it clicking |Next| and ending up with a setting they didn't want.
4) On a page have two mutually exclusive check boxes, one for enable and one for disable, with the enable box checked by default. If the user doesn't want it enabled they must click the disable box. If you call doing so opt-out you conflict with item 1 above and create confusion. Perhaps "disable it when required to make a choice" would be satisfactory.
5) On a page have two mutually exclusive check boxes, one for enable and one for disable, with the disable box checked by default. If the user doesn't want it disabled they must click the enable box. If you call this opt-in you conflict with item 2 above and create confusion. Perhaps "enable it when required to make a choice" would be satisfactory.
I don't want to misinterpret or misrepresent anything here, so I ask you to please reply and answer:
1) Which approach do you think Canonical should be using?
2) Which approach do you think Canonical is using?
That's their job, isn't it?
Separate names with a comma.