Ubuntu – Ubuntu with spyware

Security

Richard Stallman states that Ubuntu "has installed surveillance code".
See: Ubuntu Spyware -What to Do?

Is this true?

I agree with him that "Any excuse Canonical offers is inadequate….".

Best Answer

Depends on your point of view. The controversy is over the "unity shopping lens". The shopping lens lets you look for "things" right from your computer. So if you look for "candles" you will get results, even though it's not a file or app. You will be presented with a choice to buy candles.

The real problem isn't that this lens exists, stuff like this has existed for a long time, the problem is the dashboard includes the results by default. So when you press the super key and the dash in unity pops up you type "can" and you get some applications, some files, and some amazon search results. You can scope you search to just files, or just applications, but by default, you search for everything (including shopping results).

Canonical has stated that the results go to their server, are made "more" anonymous and then sent to amazon. With Canonical acting as a go between.

The truth is it's probably not a totally bad idea. It would be nice to press super, type Mountain Dew, and have someone bring me a cold can of caffeine. However, the implementation leaves a lot to be desired. Most notably that it's on by default. It smacks of evil marketing, and it is quite offensive to many Linux users.

The good news is that it's very easy to remove or turn off.

From system setting, under privacy, disable "Internet searches".

It that's not good enough you can sudo apt-get remove unity-shopping-lens

Personally, I have it turned off and everything works fine. I do find it very annoying that my OS had "ads" in them, but at the same time, I can see how, properly matured, it could be friggin' awesome.

Honestly, we will just have to wait and see how the general community plays out, and rather it's accepted as the first step to a more awesome feature or totally unacceptable data mining.

A few other things to keep in mind:

It only effects Unity (Ubuntu default Desktop Environment)
It's easy to turn off
Ton's of other "searchers" existed before hand, this is just one that Canonical supports and makes use of
Stallman is a bit of a nut on some topics, and has a history of going, what most would consider 100% overboard on some issues.
The lens in question is about the same as the amazon store plugin in Amarok, Banshee, Rhythmbox, etc.
There are tons of people who want this feature and add it in via scripts, extensions, and add-ons.
Ubuntu's only real sin is having it on by default, and handling the PR extreamly poorly.

This article and the related ones may help you to decide.

Related Solutions

Ubuntu – Does Ubuntu come with a firewall by default

Yes Ubuntu has a firewall installed by default.

The Firewall in Ubuntu is iptables . It also comes with an easy to use command line frontend called UFW (Uncomplicated Firewall).

If you want to change any settings, you can use the graphical front end to that command line front end, GUFW

alt text

As for your other question, getting a warning when an application connects to the internet:

I don't know of any programs that do this*, but I have written one. Now, this isn't great quality software - it's a quick hack in fact -but it works all right. You'll notice I haven't packaged it in any way, because I don't have any use for it and I don't think its tested well enough to be deployed on Anything That Matters™

It doesn't even have a name, here's how it looks:

alt text

(ignore the German captions, they will be in your local language)

And here's how to use it:

Install Python 3
download it and save it as a file on your computer
Via the file properties, mark it as executable
Double click and choose "Run"

The program will issue a warning for every application that tries to access the internet. It will not prevent it from doing so, but it'll let you know. You then have the option of putting it on a "White List" of trusted applications, which causes it to not warn you again about this particular program.

If you start it from a terminal, you'll get a few useful messages about what it's doing.

Again I have to stress, even though it works, I haven't tested it properly (i.e. with many users trying it out).

For the purposes of support, you may send me email about it, I don't mind

* It seems UFW is able to do it!

This section is really better suited for someone managing servers than for desktop users:

UFW comes with an Application Filter. It's configuration is a simple text file at /etc/ufw/applications.d.

To get a list of all the application filters, type

sudo ufw app list

Which should look like this:

Available applications:
  Apache
  Apache Full
  Apache Secure
  CUPS

To get more details on any one application, type - for example:

sudo ufw app info 'Apache Full'

More details are available in the relevant Ubuntu help wiki page

As for the question of default configuration: By default, Ubuntu ships with no open ports on public interfaces
Source

Ubuntu – n application or method to log of data transfers

It appears that inotifywatch can do the job. Refer to the IBM document I reference in the comment above for more information and its manual page. To install:

apt-cache search inotify

inotifywait - wait for changes to files using inotify
inotifywatch - gather filesystem access statistics using inotify

Best Answer

Related Solutions

Ubuntu – Does Ubuntu come with a firewall by default

Ubuntu – n application or method to log of data transfers

Related Question