Spyware in Ubuntu!

Although Richard Stallman’s tone is often too confrontational and absolute, this time it’s rather shocking news: According to him, in some versions of Ubuntu, any file searches you do are sent to Canonical, and from there to Amazon, to customize ads (like Google does with email). The details are few, such as which search interface we’re talking about, which versions of Ubuntu are affected, and how to actually turn this off (I looked in what I thought were likely places in the System Settings app of Ubuntu 12.04.1 LTS without any luck), but if this has actually reached mainline releases it’s bye, bye Ubuntu! Sending user information to somewhere which doesn’t provide a service which that user has requested is wrong, and sending it to a third party is just despicable.

I’m a long-time Ubuntu user and software developer, and I’d never heard of this – If I thought about the Ubuntu Software Center ads at all, it was as a nuisance which I could easily get around by using the web to find software I need.

I’m hoping to see more clear information about this soon, but the only other link in the Phoronix article is down at the moment.

Canonical’s Jono Bacon has a response (Google cache) which skips the actual issue completely: We should continue to cooperate with the Free Software Foundation, we’re doing great work with free software, and so on. But as you can see from the response there’s no mention of the possibility of asking the user if they want to opt in to this. At the absolute very least, users should not be helping third parties to serve more efficient ads unless they have knowingly agreed to it. This kind of software should not even be installed by default, in case it is “accidentally” activated. But since everybody knows that nobody reads EULAs, and Canonical obviously wants the money, I sincerely doubt this is going to get fixed.

3 thoughts on “Spyware in Ubuntu!

  1. The shopping lens is an advertized feature of Ubuntu. Therefore it’s not “sneaky” and unhanded as Stallman asserts. It’s also easily disabled for users who don’t want to use it. Bottom line: It takes money to fund Ubuntu’s innovations and inventions – which they then give away for free! If Canonical makes deals with Amazon or Google or Dell that can help fund that innovation without violating the users’ privacy, it’s fine by me. Seems to me that cloud-based computing is the future anyway, and Canonical is anticipating and preparing for it with these tools in the dash.

    • “Advertised” [sic] is a meaningless word in such a context – it could be anything from a note in the EULA to great blinking flaming words of warning. “Easy” is also meaningless when dealing with the 95-99% of users who couldn’t change the interface language if their sanity depended on it. Is it actually obvious before ever searching that your data is being shipped to third parties for whatever purposes they desire to use them for?

      If you don’t think a feature like this is a violation of users’ privacy, then we clearly have different definitions of “privacy”. You might not be aware just how easy it is to identify people from “anonymous” data. Combine that with searches for “That time I tried [embarrassing stuff here].avi” and unscrupulous or careless workers (like those cases of missing laptops containing databases) and you have a recipe for disasters. And what about slip-ups or clueless searches for strings which could be used for identity theft? Once you search, it’s too late to redact the information – if you search for something secret, who should you call? I wouldn’t know where to begin.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s