Electronic Freedom Foundation Criticizes Ubuntu
The Electronic Frontier Foundation (EFF) publishes a blog post critical of the new search feature included in Ubuntu 12.10.
A blog post on the EFF website written by Micah Lee said, “Starting with the latest release of Ubuntu, Dash is also starting to search the Internet for you. While some people find this convenient, others find it a violation of their privacy. Luckily, Ubuntu makes it easy to turn this off.”
The feature can indeed be turned off by removing the “unity-lens-shopping” package, and instructions for doing so are provided within the EFF statement as well as elsewhere online.
However, the EFF also stated, “It’s a major privacy problem if you can’t find things on your own computer without broadcasting what you’re looking for to the world.”
The EFF mentioned that Ubuntu’s Third Party Privacy Policies webpage lists the third parties to which they may send search terms and IP address information, including Facebook, Amazon, Twitter, and YouTube. However, the webpage simply refers users to those third parties for clarification on their privacy policies. In other words, the EFF said, “once they give your data away, it’s no longer their problem.”
The post also noted that Canonical has listened to users’ feedback and is working on changes. The EFF said, “These changes are great, but it doesn’t change the fact that users’ search queries automatically get sent to third party companies without giving users a chance to opt-in.”
So, the EFF has outlined a list of policies and features they’d like Ubuntu to incorporate into future versions. These include:
- Disable “Include online search results” by default. Consider displaying a dialog upon first login that asks if users would like to opt-in.
- Explain in detail what is done with search queries and IP addresses, for example: how long they are stored and in what circumstances they’re given to third parties.
- Allow users to users toggle on and off specific online search results.
- Make sure that you respect your users’ privacy and security.
New release comes with better semantic search and improvements to Kontact.
Annual code quality report shows FOSS is more secure at all project size levels.
A new class of problems lets a malicious app pre-configure an invisible privilege update.
New Hack language adds static typing and other conveniences.
New crypto policy system will offer easier configuration and more uniform security.
Ubuntu founder denounces insecurity in proprietary, close-source software blobs.
Vulnerability affects many Linux web servers