diff options
author | Christian Grothoff <christian@grothoff.org> | 2020-10-11 13:29:45 +0200 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2020-10-11 13:29:45 +0200 |
commit | 1ae0306a3cf2ea27f60b2d205789994d260c2cce (patch) | |
tree | 53117a55c27601e92172ea82f1d8cd11d355c06c /talermerchantdemos/blog/articles/en/ubuntu-spyware.html | |
parent | 2e665813a44988bfd906c0fab773f82652047841 (diff) | |
download | taler-merchant-demos-1ae0306a3cf2ea27f60b2d205789994d260c2cce.tar.gz taler-merchant-demos-1ae0306a3cf2ea27f60b2d205789994d260c2cce.tar.bz2 taler-merchant-demos-1ae0306a3cf2ea27f60b2d205789994d260c2cce.zip |
add i18n FSFS
Diffstat (limited to 'talermerchantdemos/blog/articles/en/ubuntu-spyware.html')
-rw-r--r-- | talermerchantdemos/blog/articles/en/ubuntu-spyware.html | 234 |
1 files changed, 234 insertions, 0 deletions
diff --git a/talermerchantdemos/blog/articles/en/ubuntu-spyware.html b/talermerchantdemos/blog/articles/en/ubuntu-spyware.html new file mode 100644 index 0000000..2885bf3 --- /dev/null +++ b/talermerchantdemos/blog/articles/en/ubuntu-spyware.html @@ -0,0 +1,234 @@ +<!--#include virtual="/server/header.html" --> +<!-- Parent-Version: 1.90 --> +<title>Ubuntu Spyware: What to Do? + - GNU Project - Free Software Foundation</title> +<!--#include virtual="/philosophy/po/ubuntu-spyware.translist" --> +<!--#include virtual="/server/banner.html" --> +<h2>Ubuntu Spyware: What to Do?</h2> + +<address class="byline">by +<a href="http://www.stallman.org/">Richard Stallman</a></address> +<hr class="thin" /> + +<blockquote> +<p>Since <a href="http://fossbytes.com/the-spyware-feature-in-ubuntu-will-be-disabled-in-ubuntu-16-04-xenial-xerus/">Ubuntu +version 16.04</a>, the spyware search facility is now disabled by +default. It appears that the campaign of pressure launched by this +article has been partly successful. Nonetheless, offering the spyware +search facility as an option is still a problem, as explained below. +Ubuntu should make the network search a command users can execute from +time to time, not a semipermanent option for users to enable (and +probably forget). +</p> + +<p>Even though the factual situation described in the rest of this +page has partly changed, the page is still important. This example +should teach our community not to do such things again, but in order +for that to happen, we must continue to talk about it.</p> +</blockquote> +<div class="column-limit"></div> + +<p>One of the major advantages of free software is that the community + protects users from malicious software. Now + Ubuntu <a href="/gnu/linux-and-gnu.html"> GNU/Linux </a> has become + a counterexample. What should we do?</p> + +<p>Proprietary software is associated with malicious treatment of the user: + surveillance code, digital handcuffs (DRM or Digital Restrictions + Management) to restrict users, and back doors that can do nasty things + under remote control. Programs that do any of these things are + malware and should be treated as such. Widely used examples include + Windows, the <a + href="/philosophy/why-call-it-the-swindle.html">iThings</a>, and the + Amazon “Kindle” product for virtual book + burning, which do all three; Macintosh and the Playstation III which + impose DRM; most portable phones, which do spying and have back doors; + Adobe Flash Player, which does spying and enforces DRM; and plenty of + apps for iThings and Android, which are guilty of one or more of these + nasty practices.</p> + +<p><a href="/philosophy/free-software-even-more-important.html"> + Free software gives users a chance to protect themselves from + malicious software behaviors</a>. Even better, usually the community + protects everyone, and most users don't have to move a muscle. Here's + how.</p> + +<p>Once in a while, users who know programming find that a free program + has malicious code. Generally the next thing they do is release a + corrected version of the program; with the four freedoms that define + free software (see <a href="/philosophy/free-sw.html">http://www.gnu.org/philosophy/free-sw.html</a>), they + are free to do this. This is called a “fork” of the program. Soon + the community switches to the corrected fork, and the malicious + version is rejected. The prospect of ignominious rejection is not + very tempting; thus, most of the time, even those who are not stopped + by their consciences and social pressure refrain from putting + malfeatures in free software.</p> + +<p>But not always. Ubuntu, a widely used and + influential <a href="/gnu/linux-and-gnu.html"> GNU/Linux </a> + distribution, has installed surveillance code. When the user + searches her own local files for a string using the Ubuntu desktop, + Ubuntu sends that string to one of Canonical's servers. (Canonical + is the company that develops Ubuntu.)</p> + +<p>This is just like the first surveillance practice I learned about in + Windows. My late friend Fravia told me that when he searched for a + string in the files of his Windows system, it sent a packet to some + server, which was detected by his firewall. Given that first example + I paid attention and learned about the propensity of “reputable” + proprietary software to be malware. Perhaps it is no coincidence that + Ubuntu sends the same information.</p> + +<p>Ubuntu uses the information about searches to show the user ads to buy + various things from Amazon. + <a href="http://stallman.org/amazon.html">Amazon commits many + wrongs</a>; by promoting Amazon, Canonical contributes to them. + However, the ads are not the core of the problem. The main issue is + the spying. Canonical says it does not tell Amazon who searched for + what. However, it is just as bad for Canonical to collect your + personal information as it would have been for Amazon to collect it. + Ubuntu surveillance + is <a href="https://jagadees.wordpress.com/2014/08/27/ubuntu-dash-search-is-not-anonymous/">not + anonymous</a>.</p> + +<p>People will certainly make a modified version of Ubuntu without this + surveillance. In fact, several GNU/Linux distros are modified + versions of Ubuntu. When those update to the latest Ubuntu as a base, + I expect they will remove this. Canonical surely expects that too.</p> + +<p>Most free software developers would abandon such a plan given the + prospect of a mass switch to someone else's corrected version. But + Canonical has not abandoned the Ubuntu spyware. Perhaps Canonical + figures that the name “Ubuntu” has so much momentum and influence that + it can avoid the usual consequences and get away with surveillance.</p> + +<p>Canonical says this feature searches the Internet in other ways. + Depending on the details, that might or might not make the problem + bigger, but not smaller.</p> + +<p>Ubuntu allows users to switch the surveillance off. Clearly Canonical + thinks that many Ubuntu users will leave this setting in the default + state (on). And many may do so, because it doesn't occur to them to + try to do anything about it. Thus, the existence of that switch does + not make the surveillance feature ok.</p> + +<p>Even if it were disabled by default, the feature would still be + dangerous: “opt in, once and for all” for a risky practice, where the + risk varies depending on details, invites carelessness. To protect + users' privacy, systems should make prudence easy: when a local search + program has a network search feature, it should be up to the user to + choose network search explicitly <em>each time</em>. This is easy: + all it takes is to have separate buttons for network searches and + local searches, as earlier versions of Ubuntu did. A network search + feature should also inform the user clearly and concretely about who + will get what personal information of hers, if and when she uses the + feature.</p> + +<p>If a sufficient part of our community's opinion leaders view this + issue in personal terms only, if they switch the surveillance off for + themselves and continue to promote Ubuntu, Canonical might get away + with it. That would be a great loss to the free software community.</p> + +<p>We who present free software as a defense against malware do not say + it is a perfect defense. No perfect defense is known. We don't say + the community will deter malware <em>without fail</em>. Thus, + strictly speaking, the Ubuntu spyware example doesn't mean we have to + eat our words.</p> + +<p>But there's more at stake here than whether some of us have to eat + some words. What's at stake is whether our community can effectively + use the argument based on proprietary spyware. If we can only say, + “free software won't spy on you, unless it's Ubuntu,” that's much less + powerful than saying, “free software won't spy on you.”</p> + +<p>It behooves us to give Canonical whatever rebuff is needed to make it + stop this. Any excuse Canonical offers is inadequate; even if it used + all the money it gets from Amazon to develop free software, that can + hardly overcome what free software will lose if it ceases to offer an + effective way to avoid abuse of the users.</p> + +<p>If you ever recommend or redistribute GNU/Linux, please remove Ubuntu + from the distros you recommend or redistribute. If its practice of + installing and recommending nonfree software didn't convince you to + stop, let this convince you. In your install fests, in your Software + Freedom Day events, in your FLISOL events, don't install or recommend + Ubuntu. Instead, tell people that Ubuntu is shunned for spying.</p> + +<p>While you're at it, you can also tell them that Ubuntu contains + nonfree programs and suggests other nonfree programs. (See + <a href="/distros/common-distros.html"> + http://www.gnu.org/distros/common-distros.html</a>.) That will counteract + the other form of negative influence that Ubuntu exerts in the free + software community: legitimizing nonfree software.</p> + +<blockquote class="important"> +<p> +The presence of nonfree software in Ubuntu is a separate ethical +issue. For Ubuntu to be ethical, that too must be fixed. +</p> +</blockquote> + +</div><!-- for id="content", starts in the include above --> +<!--#include virtual="/server/footer.html" --> +<div id="footer"> +<div class="unprintable"> + +<p>Please send general FSF & GNU inquiries to +<a href="mailto:gnu@gnu.org"><gnu@gnu.org></a>. +There are also <a href="/contact/">other ways to contact</a> +the FSF. Broken links and other corrections or suggestions can be sent +to <a href="mailto:webmasters@gnu.org"><webmasters@gnu.org></a>.</p> + +<p><!-- TRANSLATORS: Ignore the original text in this paragraph, + replace it with the translation of these two: + + We work hard and do our best to provide accurate, good quality + translations. However, we are not exempt from imperfection. + Please send your comments and general suggestions in this regard + to <a href="mailto:web-translators@gnu.org"> + <web-translators@gnu.org></a>.</p> + + <p>For information on coordinating and submitting translations of + our web pages, see <a + href="/server/standards/README.translations.html">Translations + README</a>. --> +Please see the <a +href="/server/standards/README.translations.html">Translations +README</a> for information on coordinating and submitting translations +of this article.</p> +</div> + +<!-- Regarding copyright, in general, standalone pages (as opposed to + files generated as part of manuals) on the GNU web server should + be under CC BY-ND 4.0. Please do NOT change or remove this + without talking with the webmasters or licensing team first. + Please make sure the copyright date is consistent with the + document. For web pages, it is ok to list just the latest year the + document was modified, or published. + + If you wish to list earlier years, that is ok too. + Either "2001, 2002, 2003" or "2001-2003" are ok for specifying + years, as long as each year in the range is in fact a copyrightable + year, i.e., a year in which the document was published (including + being publicly visible on the web or in a revision control system). + + There is more detail about copyright years in the GNU Maintainers + Information document, www.gnu.org/prep/maintain. --> + +<p>Copyright © 2012, 2016, 2017, 2018, 2019, 2020 Richard Stallman</p> + +<p>This page is licensed under a <a rel="license" +href="http://creativecommons.org/licenses/by-nd/4.0/">Creative +Commons Attribution-NoDerivatives 4.0 International License</a>.</p> + +<!--#include virtual="/server/bottom-notes.html" --> + +<p class="unprintable">Updated: +<!-- timestamp start --> +$Date: 2020/10/06 08:25:53 $ +<!-- timestamp end --> +</p> +</div> +</div><!-- for class="inner", starts in the banner include --> +</body> +</html> |