rms on ubuntu spyware

15 replies [Last post]
ahj
ahj

I am a member!

Offline
Joined: 06/03/2012

Fresh from the FSF:

One of the major advantages of free software is that the community protects users from malicious software. Now Ubuntu GNU/Linux has become a counterexample. What should we do?

One of the major advantages of free software is that the community protects users from malicious software. Now Ubuntu GNU/Linux has become a counterexample. What should we do?

Source: https://www.fsf.org/blogs/rms/ubuntu-spyware-what-to-do

Hopefully this sparks greater interest in fully free operating systems that respect the users' freedom and community. I also hope it emphasizes the subtle but critical differences between open source and free software.

Zancudo
Offline
Joined: 09/19/2012

thank you for that information!

do you know if that malware "feature" was corrected in Trisquel 5.5 and 6.0?

Magic Banana

I am a member!

I am a translator!

Offline
Joined: 07/24/2010

Trisquel 6.0 is based upon Ubuntu 12.04. The search terms are sent to Ubuntu (and, in a sequence, to Amazon) since Ubuntu 12.10.

lammi87

I am a member!

Offline
Joined: 07/27/2012

Can we remove this search reporting feature by removing some packages?

Magic Banana

I am a member!

I am a translator!

Offline
Joined: 07/24/2010

You had better ask this question to the Ubuntu community. Again, Trisquel does not track its users.

MagicFab
Offline
Joined: 12/13/2010

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Le 12-12-08 05:45 AM, name at domain a écrit :
> Fresh from the FSF:
>
> One of the major advantages of free software is that the community
protects users from malicious software. Now Ubuntu GNU/Linux has become
a counterexample. What should we do?
>
> One of the major advantages of free software is that the community
protects users from malicious software. Now Ubuntu GNU/Linux has become
a counterexample. What should we do?
>
> Source: https://www.fsf.org/blogs/rms/ubuntu-spyware-what-to-do
>
>
> Hopefully this sparks greater interest in fully free operating systems
that respect the users' freedom and community. I also hope it emphasizes
the subtle but critical differences between open source and free software.
>

I've made a translation to French here:
http://www.fabianrodriguez.com/blog/?p=5150

Cheers,

Fabian Rodriguez
http://trisquel.magicfab.ca

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: PGP/Mime available upon request
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iEYEARECAAYFAlDDXYsACgkQfUcTXFrypNWYNwCguf+eEIejd7X0ept2M9DdnJ9G
KvIAn18NKBpSVwdyvbaGxuqlv8qj0tcN
=vlfX
-----END PGP SIGNATURE-----

Magic Banana

I am a member!

I am a translator!

Offline
Joined: 07/24/2010

The April and Framalang have already achieved this translation to French.

Chris

I am a member!

Offline
Joined: 04/23/2011

Good article. I like some of his ideas on how to solve the privacy problem within the 'feature'. I have some other ideas on how it might be solved without destroying the business model. Tor allows one to anatomize the requests. Now the only problem that I see then would be if a user enters something in and of itself personal like a social security number, a persons name, etc.

mateotti
Offline
Joined: 10/01/2012

The stuff that's sent is already "anonymized" according to Canonical. Your dash search goes to Canonical servers and is then submitted to Amazon. So Amazon never really knows who searched for what unless they buy it.

akirashinigami

I am a member!

I am a translator!

Offline
Joined: 02/25/2010

But Canonical does. How is that any better?

mateotti
Offline
Joined: 10/01/2012

Thats a part of my point. You can "anonymize" it all you want, its still a bad feature that shouldn't be there in the first place. At the very least it should be opt-in.

Chris

I am a member!

Offline
Joined: 04/23/2011

I might agree that it is still a bad/useless/whatever feature although I'm not sure how it is a privacy issue if you solve the privacy problem. Canonical acting as a middleman didn't solve that.

MagicFab
Offline
Joined: 12/13/2010

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Le 12-12-09 02:33 AM, name at domain a écrit :
> I might agree that it is still a bad/useless/whatever feature although I'm not sure how it is a
privacy issue if you solve the privacy problem. I don't like the feature
for various reasons. It isn't a feature for users. It's a feature to
drive revenue. That isn't a bad thing though. There isn't anything wrong
with making money off free software.

It's still a problem because it's implemented "their way".

Ask DropBox (or, well, the many banks and financial instritutions with
data breaches) how closed-source implementations of security worked for
them.

Even a free open source implementation of that policy can't be without
its flaws. The bottom line is when you have such a feature introduced
it's not a matter of if it will fail but when.

Making money comes in many different models. Pre-installing some opt-out
'maybe we'll get it right this way, you know, we're not perfect, sorry!'
feature is not how I see this going forward.

F.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: PGP/Mime available upon request
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iEYEARECAAYFAlDEjl4ACgkQfUcTXFrypNW2kQCg3XalHSyRTGpGm3EAj6LqWFM6
dsYAoJA0DZm3YSdxNywBL+i0RnViqU+J
=FQuw
-----END PGP SIGNATURE-----

Chris

I am a member!

Offline
Joined: 04/23/2011

I don't recall the problem with DropBox and I'm not sure how this relates to non-free software exactly. Unity is free.

The core of the privacy problem is Canonical is getting your data even if Amazon isn't. If either are going to get the data it should not be known who submitted it. I think a technical solution could solve this where a policy can't.

t3g
t3g
Offline
Joined: 05/15/2011

If RMS is talking about the Amazon results in dash, the unity shopping lens cans be uninstalled and the package made not available in the Trisquel 6.5 repos if needed.

t3g
t3g
Offline
Joined: 05/15/2011

Jono Bacon at Canonical recently responded to RMS calling what he said as FUD: http://www.jonobacon.org/2012/12/07/on-richard-stallman-and-ubuntu/

I have disagreed with RMS in the past, but I am 100% in agreement with him in how the Amazon integration is bad news. Why do Amazon and Canonical need to know what I am searching for on my computer? We all know it ends up in the "cloud" where they store the info and do what they want with it. Heck, could even turn you into the police without you knowing.