Slashdot Mirror
Mark Shuttleworth Addresses Ubuntu Privacy Issues
sfcrazy writes "Mark Shuttleworth has for the first time talked about the privacy issues in Ubuntu Dash after being criticized by EFF and FSF. He mentioned some changes in the way use can 'disable' the search results. However the company has showed that under no circumstances they will disable the online search by default as demanded by EFF and FSF. Shuttleworth was simply spinning the wheel moving things around to give an impression that something has been done where as the core problem remains — Dash sends keystrokes by default and legally every user agrees to send such keystrokes to PRODUCT.canonical.com server to be shared with partners like Facebook."
127.0.0.1 product.canonical.com
I want to delete my account but Slashdot doesn't allow it.
All that will happen is people will move to fedora or mint or countless other Linux distros.
Mark, if you want to make some money try selling something worthwhile. Games would be one idea, hell get steam to give you a cut if you make installation of steam optional during OS install. Selling users data is a bad idea.
It amazes me that when somebody does something as a business that it infuriates people especially when they get something for free. Yes, Ubuntu is taking free software, wrapping it as a supportable bundle and distributing it. So now they've hooked into the information sharing arrangement. It's easy enough to disable as well and the hosts file solution is also there. I wonder if just charging $10 a download / dvd would make more sense then adding another keylogging data collector out there. Frankly Facebook is the worst and the network of data collectors it's partnered with is becoming more and more troublesome.
Harrison's Postulate - "For every action there is an equal and opposite criticism"
I would say that pretty much ends the usefulness of the Ubuntu line. Anyone who thinks that sending all my keystrokes to their server - which they can in turn sell off to third parties - is, in my not so humble opinion, bat fucking crazy.
You should not have to edit hosts files or anything else to make a product usable, because that product should not be spying on you from install forward. I do believe my personal response to Mark is a big "FUCK OFF AND DIE". End of story. End of Ubuntu.
Dream as if you'll live forever.
Live as if you'll die tomorrow.
~Anonymous~
I replaced Ubuntu with Mint when I was first confronted by Unity because I couldn't abide the new UI.
Sounds like that was the least of the reasons to go...
I was thinking that it's been a while and that I should have another look at how Unity has evolved, but not if they are reduced to doing this to stay in business.
> We will aim to enforce this at the kernel level, hence
> the CC to Jamie S who leads our security team.
WTF? Why is that needed? To keep jr devs from accidentally re-enabling it? Or, in fine /. conspiratorial tradition, is the keylogging built into the kernel?!
~.~
I'm a peripheral visionary.
Parent is flamebaiting a bit, but I agree. There are no lack of Debian-based distros which don't come with the increasingly concerning baggage that Ubuntu is being bundled with. I retired my last Ubuntu machine about eight months ago and am Debian-only now.
The world's burning. Moped Jesus spotted on I50. Details at 11.
No. There's a world of difference between the stuff I might put up on a blog, Facebook, G+ and whatever else social network exists, and the data I use my computer to handle. What if you're having legal troubles? IRS are after you? You have applications for a Betty Ford-like clinique? Tax returns? These are things that you're NOT going to be putting up on Facebook or your blog, but documents you might have to have. This is data Ubuntu has no business knowing that I have on my computer.
Mark Shuttleworth has devolved. He's decided to accept the definition of User as something other than Owner. He's raised the port cullis and thrown open the doors for third parties to hunt User metadata, revealing his allegiance, defaulting to a state of non-concern for the least among us.
I'm sure it's convenient for him to imagine he's still engaged in promoting Linux, but at what cost?
How much did he get for his soul? How much did he get for everyone else's?
This is the problem with "success" of open projects as they grow they require more and more money to continue to reinforce their expansion and it only snowballs downhill from there. Before you know it your out there selling your soul and your users data to the highest bidder. You can still reap profit on support alone but you can't expect it to support an organization of any size with fat paychecks for all doing this. There aint any shortage of corporate customers happily willing to purchase yearly support subscriptions whether they actually need it or use it.
Distributions put together by people who give a shit don't have this problem. The cost of packaging in time and effort is such a minsicule effort and mostly a solved problem contrasted with the effort required to produce operating system and software bundled with it.
What if bash maintainers decided they need more money too and decided to ship your keystrokes off to facebook as well? What if the maintainers of every one of the thousands of packages that go into a modern distribution followed suite? Spying by default is indefensible.
I use a couple of different Linux distros currently, many more in the past and also *BSD now.
What Ubuntu does that no one has done was make it easy for the user. The way Ubuntu does things is a Windows killer - if it weren't for the pre-installation of Windows on every fucking thing that's not Apple or handheld.
See, unlike everyother distro, when you install something on Ubuntu, it'll work (sample: everything I've installed) - and I mean using the distro's software manager - even Windows can't make that claim. Calibre for example. Updating Calibre on XP involves uninstalling and installing again; otherwise if you don't do the uninstall f the old version, when you run it, you get the old version. Ubuntu just upgrades with no hassles.
Ubuntu does have a user experience that is superior to every other distro out there - and I think they know it.
And don't get me started on how spell check for Slashdot on firefox foesn't work on Mint.
Does everything I need and doesn't waste a bunch of resources.
PHEM - party like it's 1997-2003!
Using Ubuntu these days goes against why I used Linux to start with.
"If any question why we died, Tell them because our fathers lied."
This really isn't the only reason to avoid Ubuntu, but it is the most compelling. Aside from dependency hell, Unity, and the ridiculous amount of patches that get applied to all the packages, that many times break applications (I'm a developer for http://getnightingale.com/ - Ubuntu's taglib is completely hosed from our perspective), and in general it is TOO friendly to the user, making them dumb and complacent in most cases.
I talked to Hak5's Darren recently and he's moving away from Ubuntu, and I did 4 years ago to Arch for my single user machines and Debian for my servers. I haven't looked back since. Most other distros are much more in line with the open standards and software that Linux is all about than Shuttlebuntu. Give some other distros a try, and you may find one that just blows your mind...like Archlinux, Debian, Mint, or whatever else.
I wish I was trolling, but up to now I've been a huge proponent of OSS: the fact that the source code is available for review makes it relatively secure. For the common user Open Source's flagship products are Libre Office, Firefox, and Ubuntu. Now I find out Ubuntu wants to sneak in ads and sell user data and I have to wonder, if they do this what other product is also doing it or plans to?
Please, open source developers, do it for free or charge for it upfront, but don't sneak in hidden "features." It goes against the spirit of the movement and creates huge distrust in the community.
Hopefully this is limited to systems with GUI's installed and not headless servers.
The issues have not been addressed.
If opportunity came disguised as temptation, one knock would be enough.
3^2 * 67^1 * 977^1
Anyone caught posting the above will be beaten severely with their own keyboard.
<-- This. Please don't propagate this "please don't propagate this 'this' meme anymore" anymore.
How do you do that in Arch, now that the hosts file has been eliminated by the bloody, I mean, bleeding edge ...of change ...for the sake of change?
Is this something I don't know about? I used Arch on my laptops for some 4 years or so, until as recently as last week(*), and /etc/hosts worked just fine.
* [digression] I enjoyed the ride with Arch for a long time, having migrated from Slackware. Years ago, it was the similarity to Slackware (i.e. simplicity) in combination with a more feature-laden package manager that attracted me to Arch, but now a lot of that simplicity has evaporated in favour of all sorts of trendy doodads. I sort of got used to things getting broken in the course of rolling-release upgrades (or in some cases just staying broken from the start), but when pacman borked my machine for the umpteenth time last week, I blew Arch away and reinstalled Slackware. It was like coming home: everything "just works", and any individual applications that I want to be really current can be built by myself or obtained from trusted repositories.
I didn't post the comment to which you responded, but I would make the point that with Slack, you can have all the advantages of an up-to-date desktop system and simple UNIX sysadmin. Of course, the more current you want it, the more you (may) have to build yourself, but it's a nice compromise where you only need to bother rebuilding things that will actually make a difference to your experience. Plus, I'm quite certain I can depend on Pat not to introduce spyware.