Story: Ubuntu has a bigger problem than its Amazon blunderTotal Replies: 24
Author Content

Oct 03, 2012
2:35 PM EDT

Oct 03, 2012
2:37 PM EDT
But don't ignore the story. This is more than Canonical getting some commercial ad money-- it's data-mining, possibly to the point of spyware.

Oct 03, 2012
3:20 PM EDT
What I like about gnu/Linux is that we have the tools to see "calling home" activity and to block it.

Think about the mobile space now. The only way to get root access on most mobile devices is by applying an exploit, and without root you won't be running a packet capture or be tweaking your firewall to detect and block unsavory activity. (Notable exceptions to this are webos and meego, both of which provide vendor supported root access.)

Yes, Ubuntu has blundered here, but we detected it and brought it into the light of day. That's the good news.

Oct 03, 2012
3:34 PM EDT
Sunlight is the best disinfectant.

Oct 03, 2012
4:07 PM EDT
Quoting: Sunlight is the best disinfectant.
Especially as here, where the stakeholders aren't afraid to apply Mister Pointy.

Oct 05, 2012
2:21 PM EDT
As usual, it's the way the "feature" was introduced (abruptly and with no discussion) and how the PR was handled (the "erm, we have root" comment from SABDFL) that made the whole thing much worse.

Oct 05, 2012
5:41 PM EDT
I have to wonder isn't this type of blunder something that Jono Bacon is hired to avoid?

Oct 05, 2012
5:53 PM EDT
@slacker_mike, I believe I've alluded to that aspect of Jono Bacon's employment by Canonical, before. Although he and Canonical deny it what he does is very much a PR role.

Oct 05, 2012
6:53 PM EDT
@tracyanne, even if someone says he isn't PR I think keeping the community informed of this and engaging them in the Amazon integration is his job.

Oct 05, 2012
8:11 PM EDT
Quoting:I have to wonder isn't this type of blunder something that Jono Bacon is hired to avoid?

I feel sorry for Jono. I really do. He's always left to clean up the mess.

Oct 06, 2012
1:11 AM EDT
I guess you could feel sorry for Jono but to do that you would have to believe that he is kept in the dark about such things or not permitted to engage the community in advance of such changes for strategic reasons. It is a shame because Ubuntu isn't that bad, they just seem prone to these types of gaffes.

On a related note I am trying Ubuntu for the first time since Hardy Heron I believe. After trying Gnome Shell for about a month on Fedora and now Unity on 12.10 I believe that Canonical actually has the better "shell" for Gnome.

Oct 06, 2012
8:46 AM EDT
I hardly think screwbuntu is the only guilty party. Almost any "dash", add-on, plug-in, or other freebie menu or toolbar is a potential data mining point. It's the same with Google's dashboard or Mozilla's helpful menu/dash thingie. Heck, the entire cookies framework is to provide the providers with info. It's certainly not for your benefit, as they would have you believe. Auto-updates, dashboards, cookies, etc. All these alleged "features" are merely a ruse by 3rd parties to get access to your computer.

BTW, what's this stuff about Littleworth having "root"? Is screwbuntu really that compromised?

Oct 06, 2012
1:46 PM EDT
In effect you "trust" the repositories from which your package manager(s) pull(s) software. You look for signed packages. And there needs to be trust there.

But you can always choose NOT to install those packages or updates. You could look at source, compile your own, use other repositories, set up your own repositories, or turn off all of them. Or change distributions entirely. Shuttleworth doesn't control your freedom in that sense.

Shuttleworth doesn't have root, even though he said "erm, we have root." That was a stupid thing to say.

Do you think SABDFL rung up Jono and said, "Hey mate, what do you think of me saying, "Erm, we have root?'" Had this happened, and I'm sure it didn't, I'm fairly certain Jono would have said something along the lines of , "Don't be an idiot, spaceman."

But everybody wants to get paid, and I'm sure Jono does too. That's become his job -- smoothing things over when Shuttleworth pushes things because it's his distro, he's SABDFL, and he wants it his way. Would it kill him to propose something instead of doing it first and having Jono act sorry later?

It's pure ego. On many levels, Ubuntu is a great product. And yes, a great deal of that is SABDFL's vision.

But in the true spirit of free, open-source culture, there needs to be a little collaboration, even if the extent of it is, "Run it by Jono to make sure you're not coming off like a big jerk and alienating the community."

Oct 06, 2012
6:33 PM EDT
@notbob, cookies are not some 3rd party scam. Cookies are how you keep a stateless connection based on TCP/IP, such as that between your browser and a server on the Internet, stateful. Without cookies the server would not "know" anything about the communication between your Browser and the server.

The fact that Advertisers and other shonky people use cookies for all sorts of other purposes, because thay can, in no way invalidates the use of cookies as a primary means of keeping state while your browser interacts with a particular server.

Oct 06, 2012
7:22 PM EDT
And it can (is?) all done with 'web-bugs" now, too.

I think much of the fuss made over cookies is now essentially a smokescreen.


Oct 06, 2012
10:06 PM EDT
> @notbob, cookies are not some 3rd party scam.

....and nowhere in my post can you show me where I made such a statement! Don't go putting words in my mouth, Tracy.

"A stateful connection is one in which some information about a connection between two systems is retained for future use"

If I want a provider to retain ANY information about my host/connection, I will be the one to make that decision. The usual setup on all my computers is, all cookies are permanently disabled. Not so strangely, it is less than one in twenty websites that refuse full connectivity due to this choice. If I want to do business with a website or join some online group --like this forum-- and there are some cookie requirements, it's my call. Also, I can go in and delete all cookies at any time, though both my browser and some websites would seek to make this more difficult. Why would they do that? The prevailing practice is, cookies are allowed by default. Why is that? Best security practices would dictate cookies are disabled by default.

I'm no hacker nor security guru, but it's only common sense that one's own computer should be controlled SOLEY by the owner of said computer. Not the OS provider or the software provider or the application/program provider or even the website provider. Unfortunately, such has not been the case for a very long time and "3rd" parties will do everything within their power to wrest control of YOUR computer away from YOU, all the while espousing the benefits of such a move. Now! ....if you would like to call that a "scam" be my guest. You might well guess what I would call it, but my term is nowhere near as polite. :)


Oct 07, 2012
3:01 AM EDT

Quoting:Auto-updates, dashboards, cookies, etc. All these alleged "features" are merely a ruse by 3rd parties to get access to your computer.

One of those "All these alleged "features"" that you refer to as "a ruse by 3rd parties to get access to your computer." is cookies. Now I could be wrong but your statements seems pretty inclusive, and pretty emphatic.

I pretty certain I placed no words you didn't utter anywhere near your mouth.

Oh wait a minute, you didn't use the word "scam", I sincerely apologise. You simply used words that pretty much meant the same thing, ruse, for example.

Oct 07, 2012
9:52 AM EDT
Perhaps in your vocabulary. In mine, there is an obvious distinction. A ruse is a deception, like omitting a truth. A scam is an outright swindle, often used in the past tense. One can often be scammed, but rarely "rused". I guess one could equate the two if one desires. I did not.

Regardless, your detour down this little semantics side road has nada to do with the facts, which are, cookies are not there for my benefit and have been used in a "deceptive" manner in the past. If not, then why did Google insert cookies that did not expire for 38 YEARS! and why did the govt feel it necessary to pass legislation limiting the lifespan of cookies to 1 yr? Why have newer Mozilla browsers made it more difficult to erase cookies, en masse, in essence limiting user control over the intrusive little turds?

And AGAIN! ....why do 95% of the websites I visit not give a rat's ass if I have cookies disabled, but the other 5% throw up all kindsa error warnings exhorting how I cannot access their precious content until I let them insert their cookies on MY computer?? It's bullpucky. Is what I can do is back the eff up and go to another ten websites jes like it, thank you very much.

One can call it a ruse or a scam, I care not. Judging by your stance in this little discussion, I suspect you would call it a "feature". Me? I call it bending one over and inserting something "intrusive".

Oct 07, 2012
6:24 PM EDT
notbob you will need to show me the web sites for me to answer that question.

And if you are that worried about the ruse that is being played on you, you can always set your cookies to expire when you close the browser, and you can also install Better Privacy to block trackers, and No script and Adblock plus, as I do. Or even browse in Privacy mode.

Oct 07, 2012
8:45 PM EDT
Quoting: notbob you will need to show me the web sites for me to answer that question....

You've been in IT for 30 yrs, but you need me to show you this stuff!?

As if.

Quoting: ....ruse that is being played on you... ....block trackers, and No script....

Not being played on me, darlin', cuz I've been there and done all that. (yawn)

Do you actually read my posts or jes fire off a shotgun response? ;)

Oct 07, 2012
9:53 PM EDT
Quoting:You've been in IT for 30 yrs, but you need me to show you this stuff!?

Unless you tell me which sites in particular you are referring to, I can make no comment on why they require what they require.

No I don't bother reading your posts for the most part, as so much of what you write is whiny ignorant shite, and for the most part you don't appear interested in learning anything new, so I just go for the highlights.

Oct 08, 2012
3:18 PM EDT
I really like cookies, especially chocolate chip cookies.

Oct 09, 2012
10:07 PM EDT
In regards to defending Canonical's "Amazon blunder", a commentator wrote above:
Quoting:But you can always choose NOT to install those packages or updates. You could look at source, compile your own, use other repositories, set up your own repositories, or turn off all of them. Or change distributions entirely. Shuttleworth doesn't control your freedom in that sense.
OTOH, potential Ubuntu 12.10 end-users much less technically advanced than this particular commentator might not [yet] realize that they indeed can "choose NOT to install those packages or updates". In other words, Ubuntu's sending search queries to Amazon by default within Unity's Dash could, in effect, automatically Opt-in such end-users to become subject to this particular "ruse or scam". Until, that is, such end-users should happen to realize that they can disable this "feature", as reported at such pieces as ZDNet's Canonical performs u-turn over Amazon search results in Ubuntu 12.10.

In an another apparent twist to the automatic Dash/Amazon Opt-in behavior of Ubuntu 12.10, Canonical is now "encouraging" users to donate to the operating system. And this "encouragement" comes in the form of Ubuntu's introducing a ‘contribute’ screen as part of the desktop download process. In the words of the above-quoted commentator's "sorrowful Jono":
Quoting:The ['contribute'] page appears on the site before you download an ISO (thus making it easier to find) and it provides the opportunity to contribute. For those who don’t wish to contribute in this way you can simply click the Not now, take me to the download › to bypass the page. Obviously our users are not required contribute.
(source for this is Jono Bacon's blogpiece Easier Financial Contributions To Ubuntu)

While perhaps not "requiring" Ubuntu users to financially contribute to Canonical, Canonical is now certainly requiring ISO-downloading users to endure the nagging 'contribute' screen (popup?) whether they like it or not. See also the latest SJVN piece 'Ubuntu Linux: Donationware?', linked to at LXer via http://lxer.com/module/newswire/view/174757.


Oct 09, 2012
10:42 PM EDT
Well they won't get anything from me... they are using Paypal

Oct 10, 2012
4:18 PM EDT
I think it's going to be a hard slog for Ubuntu to solicit contributions, but I've been wrong before.

That they are making it so easy to contribute is a good thing. I hope other projects follow suit and create such easy-to-use, flexible (as to where the money goes) donation frameworks.

Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]

Becoming a member of LXer is easy and free. Join Us!