From 1ae0306a3cf2ea27f60b2d205789994d260c2cce Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sun, 11 Oct 2020 13:29:45 +0200 Subject: add i18n FSFS --- .../blog/articles/en/ubuntu-spyware.html | 234 +++++++++++++++++++++ 1 file changed, 234 insertions(+) create mode 100644 talermerchantdemos/blog/articles/en/ubuntu-spyware.html (limited to 'talermerchantdemos/blog/articles/en/ubuntu-spyware.html') diff --git a/talermerchantdemos/blog/articles/en/ubuntu-spyware.html b/talermerchantdemos/blog/articles/en/ubuntu-spyware.html new file mode 100644 index 0000000..2885bf3 --- /dev/null +++ b/talermerchantdemos/blog/articles/en/ubuntu-spyware.html @@ -0,0 +1,234 @@ + + +Ubuntu Spyware: What to Do? + - GNU Project - Free Software Foundation + + +

Ubuntu Spyware: What to Do?

+ +
by +Richard Stallman
+
+ +
+

Since Ubuntu +version 16.04, the spyware search facility is now disabled by +default. It appears that the campaign of pressure launched by this +article has been partly successful. Nonetheless, offering the spyware +search facility as an option is still a problem, as explained below. +Ubuntu should make the network search a command users can execute from +time to time, not a semipermanent option for users to enable (and +probably forget). +

+ +

Even though the factual situation described in the rest of this +page has partly changed, the page is still important. This example +should teach our community not to do such things again, but in order +for that to happen, we must continue to talk about it.

+
+
+ +

One of the major advantages of free software is that the community + protects users from malicious software. Now + Ubuntu GNU/Linux has become + a counterexample. What should we do?

+ +

Proprietary software is associated with malicious treatment of the user: + surveillance code, digital handcuffs (DRM or Digital Restrictions + Management) to restrict users, and back doors that can do nasty things + under remote control. Programs that do any of these things are + malware and should be treated as such. Widely used examples include + Windows, the iThings, and the + Amazon “Kindle” product for virtual book + burning, which do all three; Macintosh and the Playstation III which + impose DRM; most portable phones, which do spying and have back doors; + Adobe Flash Player, which does spying and enforces DRM; and plenty of + apps for iThings and Android, which are guilty of one or more of these + nasty practices.

+ +

+ Free software gives users a chance to protect themselves from + malicious software behaviors. Even better, usually the community + protects everyone, and most users don't have to move a muscle. Here's + how.

+ +

Once in a while, users who know programming find that a free program + has malicious code. Generally the next thing they do is release a + corrected version of the program; with the four freedoms that define + free software (see http://www.gnu.org/philosophy/free-sw.html), they + are free to do this. This is called a “fork” of the program. Soon + the community switches to the corrected fork, and the malicious + version is rejected. The prospect of ignominious rejection is not + very tempting; thus, most of the time, even those who are not stopped + by their consciences and social pressure refrain from putting + malfeatures in free software.

+ +

But not always. Ubuntu, a widely used and + influential GNU/Linux + distribution, has installed surveillance code. When the user + searches her own local files for a string using the Ubuntu desktop, + Ubuntu sends that string to one of Canonical's servers. (Canonical + is the company that develops Ubuntu.)

+ +

This is just like the first surveillance practice I learned about in + Windows. My late friend Fravia told me that when he searched for a + string in the files of his Windows system, it sent a packet to some + server, which was detected by his firewall. Given that first example + I paid attention and learned about the propensity of “reputable” + proprietary software to be malware. Perhaps it is no coincidence that + Ubuntu sends the same information.

+ +

Ubuntu uses the information about searches to show the user ads to buy + various things from Amazon. + Amazon commits many + wrongs; by promoting Amazon, Canonical contributes to them. + However, the ads are not the core of the problem. The main issue is + the spying. Canonical says it does not tell Amazon who searched for + what. However, it is just as bad for Canonical to collect your + personal information as it would have been for Amazon to collect it. + Ubuntu surveillance + is not + anonymous.

+ +

People will certainly make a modified version of Ubuntu without this + surveillance. In fact, several GNU/Linux distros are modified + versions of Ubuntu. When those update to the latest Ubuntu as a base, + I expect they will remove this. Canonical surely expects that too.

+ +

Most free software developers would abandon such a plan given the + prospect of a mass switch to someone else's corrected version. But + Canonical has not abandoned the Ubuntu spyware. Perhaps Canonical + figures that the name “Ubuntu” has so much momentum and influence that + it can avoid the usual consequences and get away with surveillance.

+ +

Canonical says this feature searches the Internet in other ways. + Depending on the details, that might or might not make the problem + bigger, but not smaller.

+ +

Ubuntu allows users to switch the surveillance off. Clearly Canonical + thinks that many Ubuntu users will leave this setting in the default + state (on). And many may do so, because it doesn't occur to them to + try to do anything about it. Thus, the existence of that switch does + not make the surveillance feature ok.

+ +

Even if it were disabled by default, the feature would still be + dangerous: “opt in, once and for all” for a risky practice, where the + risk varies depending on details, invites carelessness. To protect + users' privacy, systems should make prudence easy: when a local search + program has a network search feature, it should be up to the user to + choose network search explicitly each time. This is easy: + all it takes is to have separate buttons for network searches and + local searches, as earlier versions of Ubuntu did. A network search + feature should also inform the user clearly and concretely about who + will get what personal information of hers, if and when she uses the + feature.

+ +

If a sufficient part of our community's opinion leaders view this + issue in personal terms only, if they switch the surveillance off for + themselves and continue to promote Ubuntu, Canonical might get away + with it. That would be a great loss to the free software community.

+ +

We who present free software as a defense against malware do not say + it is a perfect defense. No perfect defense is known. We don't say + the community will deter malware without fail. Thus, + strictly speaking, the Ubuntu spyware example doesn't mean we have to + eat our words.

+ +

But there's more at stake here than whether some of us have to eat + some words. What's at stake is whether our community can effectively + use the argument based on proprietary spyware. If we can only say, + “free software won't spy on you, unless it's Ubuntu,” that's much less + powerful than saying, “free software won't spy on you.”

+ +

It behooves us to give Canonical whatever rebuff is needed to make it + stop this. Any excuse Canonical offers is inadequate; even if it used + all the money it gets from Amazon to develop free software, that can + hardly overcome what free software will lose if it ceases to offer an + effective way to avoid abuse of the users.

+ +

If you ever recommend or redistribute GNU/Linux, please remove Ubuntu + from the distros you recommend or redistribute. If its practice of + installing and recommending nonfree software didn't convince you to + stop, let this convince you. In your install fests, in your Software + Freedom Day events, in your FLISOL events, don't install or recommend + Ubuntu. Instead, tell people that Ubuntu is shunned for spying.

+ +

While you're at it, you can also tell them that Ubuntu contains + nonfree programs and suggests other nonfree programs. (See + + http://www.gnu.org/distros/common-distros.html.) That will counteract + the other form of negative influence that Ubuntu exerts in the free + software community: legitimizing nonfree software.

+ +
+

+The presence of nonfree software in Ubuntu is a separate ethical +issue. For Ubuntu to be ethical, that too must be fixed. +

+
+ + + + + + + -- cgit v1.2.3