Ubuntu Founder Pledges No Back Doors In Linux

Mark Shuttleworth, founder of Canonical and Ubuntu Foundation, gave an interview to eWeek this week ahead of Ubuntu Online Summit (UOS). In the wide-ranging interview, Shuttleworth teased some features that we could expect in Ubuntu 16.10, and also talked about security and privacy. From the report: One thing that Ubuntu Linux users will also continue to rely on is the strong principled stance that Shuttleworth has on encryption. With the rapid growth of the Linux Foundation's Let's Encrypt free Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificate platform this year, Shuttleworth noted that it's a good idea to consider how that might work in an integrated way with Ubuntu. Overall, he said, the move to encryption as a universal expectation is really important. "We don't do encryption to hide things; we do encryption so we can choose what to share," Shuttleworth said. "That's a profound choice we should all be able to make." Shuttleworth emphasized that on the encryption debate, Canonical and Ubuntu are crystal clear. "We will never backdoor Ubuntu; we will never weaken encryption," he said.

Canonical should make an official statement

[LichtSpektren]

Nothing drives me further from Microsoft and Blackberry than their CEOs being wishy-washy about if your device is secure, even against "lawful interception" or whatever the gentle euphemism for backdoor is these days. But my only qualm here is that Mark Shuttleworth isn't currently the CEO of Canonical, perhaps the company itself should make a strong statement to this effect?

Re:Canonical should make an official statement

Agreed. When Linus was directly confronted about whether he has been approached about backdoors in Linux, he said no, but while nodding his head. What a trustworthy guy!

Are you familiar with the concept of national security letters
Saying yes is the kind of action that makes you end up in a secret court where you aren't allowed to disclose any information to your lawyer.
By saying no while nodding he has given us the information we need without breaking the gag-order.

Re: That must mean...

[gfxguy]

Exactly...he didn't try to hide it, and it's easy enough to disable. Yes, I know these kinds of things should be opt-in, but the difference between Ubuntu and, for example, Windows, is your getting a polished OS at zero financial cost to you - and to add insult to injury, in after paying for Windows it's nearly impossible to stop all the spying on you (especially for an average to newer user)... And I say that as someone who actually likes Windows 10, too.

No, the problem with CEOs and Presidents making claims like "no back doors" is that he can't control every employee, and while an employee might suffer the repercussions of an indiscretion like leaving a back-door in a program, so does the CEO and the company.

Re: That must mean...

Ultimately, I can configure the Linux kernel to block all outgoing traffic except to a proxy server, and only the web browser would use that, so any other programs on the machine will not be able to phone home. Windows, who knows what is phoning home, and where. The only way I can ensure a Windows box isn't yapping to unknown people is to place it on its own subnet/VLAN and use a proxy server for applications like Firefox that have a separate credential/proxy storage.