According to the US, if a company is registered in the US, all data they hold anywhere in the world is fair game. So this includes all servers used by Microsoft, Amazon and Google anywhere in the world according to the US. And in the last few days there has been another example of this:
"Google is the next major company to admit Patriot Act issues, as it admits to handing over data held in a European datacenter back to U.S. intelligence." ZDNET, August 11, 2011
I am not a lawyer and not related to Ubuntu One/Canonical and not a lot of users here are legal experts with knowledge about this situation so an answer to your question will all be conjecture. And it also depends on how stubborn the EU is about enforcing own law and opposing the US Patriot Act.
Ubuntu One Terms of Services
This agreement is governed by the laws of England and any dispute will be heard by the courts in England. Failure by Canonical to enforce any right or provision of this agreement shall not constitute a waiver of such right or provision. If any part of this agreement is held invalid or unenforceable, that part will be construed to reflect the partie's original intent, and the remaining portions will remain in full force and effect. The terms of this agreement do not affect your statutory rights.
Ubuntu One is based in the UK so the company is subject to the EU laws and the European Data Protection Directive
. So the answer to your question should be no Ubuntu one is not affected by this if you store the data on a EU server
If you want to make sure before you start using Ubuntu One that your data will not be handed over to the US you can contact them yourself and get an official responce (from Ubuntu privacy policy):
Please submit any questions or comments about this Privacy Policy, or about our use of your personally identifiable information to our account assistance form at /help/contact/ or by postal mail at the following address: Canonical Group Ltd, 27th Floor Millbank Tower, 21-24 Millbank, London, England, SW1Q 4QP.
Any data stored on a cloud worth protecting should be encrypted. Might not stop the US from getting it and also might not stop the US from decrypting it but it should be made as problematic as possible ;-)
From my experience, I would say that once you set up a Ubuntu box properly, normal users won't make it crash easily. My parents are not exactly technical people, and they have been using Linux distributions for years without larger problems (actually they got a Fedora box just now).
Best Answer
No, you shouldn't expect that.
An uninvited connection merely means that someone sent packets your way. Anybody can do that, and it's a good thing. I suspect that krfb has opened a port on the firewall, which isn't a problem - again. You do want it to accept invited connections, so it has to be exposed to the public internet.
If you, for example, run a web-server, you might get hundreds of break-in attempts per day.
The important bit is that they are attempts. Security is only compromised when you have, for example, a weak password for your SSH login (and accept connections on the SSH port, and have SSH installed). Another possibility is that a specially crafted message to a program can trigger a Bug in the program that allows arbitrary code execution. This is very dangerous. But: on Ubuntu, it's also comparatively rare, these vulnerabilities get fixed very quickly(1, 2, 3)*.
Use secure passwords
Don't install server software you don't need,
and if you do, don't expose it to the public internet, if you don't have to.
Regularly update your system
If you follow this very basic advice, you should be absolutely fine.
Absolute security doesn't exist, and there is always some danger, but:
This would be major headlines on all of the IT news sites. It's extremely unlikely.
If you really want to dig deep into the subject, there are two papers I found very interesting:
Installing, Running and Maintaining Large Linux Clusters at CERN
Quantifying Information Leak Vulnerabilities
This is just a small snapshot of the security landscape, but you might find them valuable.
*: Note, Ubuntu, with the help of Canonical, takes great care to deal with security related bugs very quickly. However, there is some software that Ubuntu have no control over. This is software that is installed from the
universe
andmultiverse
repositories. There, the onus is on the authors. Some of this software is very secure indeed, some isn't. If you are extra-paranoid, use only software from themain
repository.1. http://www.theregister.co.uk/2004/10/22/security_report_windows_vs_linux/
2. http://cryptome.org/cyberinsecurity.htm
3. http://www.technewsworld.com/story/55722.html