[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
www/philosophy ubuntu-spyware.html
From: |
Fabio J. Gonzalez |
Subject: |
www/philosophy ubuntu-spyware.html |
Date: |
Fri, 07 Dec 2012 15:14:48 +0000 |
CVSROOT: /web/www
Module name: www
Changes by: Fabio J. Gonzalez <gonzalfj> 12/12/07 15:14:47
Added files:
philosophy : ubuntu-spyware.html
Log message:
#787224: Publish RMS Ubuntu article: done
CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/philosophy/ubuntu-spyware.html?cvsroot=www&rev=1.1
Patches:
Index: ubuntu-spyware.html
===================================================================
RCS file: ubuntu-spyware.html
diff -N ubuntu-spyware.html
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ ubuntu-spyware.html 7 Dec 2012 15:14:47 -0000 1.1
@@ -0,0 +1,196 @@
+<!--#include virtual="/server/header.html" -->
+<!-- Parent-Version: 1.69 -->
+<title>Ubuntu Spyware: What to Do?
+ - GNU Project - Free Software Foundation</title>
+<!--#include virtual="/server/banner.html" -->
+<!--#include
virtual="/philosophy/po/programs-must-not-limit-freedom.translist" -->
+<h2>Ubuntu Spyware: What to Do?</h2>
+
+<p>by <a href="http://www.stallman.org/">Richard Stallman</a></p>
+
+<p>One of the major advantages of free software is that the community
+ protects users from malicious software. Now Ubuntu GNU/Linux has
+ become a counterexample. What should we do?</p>
+
+<p>Proprietary software is associated with malicious treatment of the user:
+ surveillance code, digital handcuffs (DRM or Digital Restrictions
+ Management) to restrict users, and back doors that can do nasty things
+ under remote control. Programs that do any of these things are
+ malware and should be treated as such. Widely used examples include
+ Windows, the iThings, and the Amazon "Kindle" product for virtual book
+ burning, which do all three; Macintosh and the Playstation III which
+ impose DRM; most portable phones, which do spying and have back doors;
+ Adobe Flash Player, which does spying and enforces DRM; and plenty of
+ apps for iThings and Android, which are guilty of one or more of these
+ nasty practices.</p>
+
+<p>Free software gives users a chance to protect themselves from
+ malicious software behaviors. Even better, usually the community
+ protects everyone, and most users don't have to move a muscle. Here's
+ how.</p>
+
+<p>Once in a while, users who know programming find that a free program
+ has malicious code. Generally the next thing they do is release a
+ corrected version of the program; with the four freedoms that define
+ free software (see <a
href="http://www.gnu.org/philosophy/free-sw.html">http://www.gnu.org/philosophy/free-sw.html</a>),
they
+ are free to do this. This is called a "fork" of the program. Soon
+ the community switches to the corrected fork, and the malicious
+ version is rejected. The prospect of ignominious rejection is not
+ very tempting; thus, most of the time, even those who are not stopped
+ by their consciences and social pressure refrain from putting
+ malfeatures in free software.</p>
+
+<p>But not always. Ubuntu, a widely used and influential GNU/Linux
+ distribution, has installed surveillance code. When the user searches
+ her own local files for a string using the Ubuntu desktop, Ubuntu
+ sends that string to one of Canonical's servers. (Canonical is the
+ company that develops Ubuntu.)</p>
+
+<p>This is just like the first surveillance practice I learned about in
+ Windows. My late friend Fravia told me that when he searched for a
+ string in the files of his Windows system, it sent a packet to some
+ server, which was detected by his firewall. Given that first example
+ I paid attention and learned about the propensity of "reputable"
+ proprietary software to be malware. Perhaps it is no coincidence that
+ Ubuntu sends the same information.</p>
+
+<p>Ubuntu uses the information about searches to show the user ads to buy
+ various things from Amazon. Amazon commits many wrongs (see
+ <a
href="http://stallman.org/amazon.html">http://stallman.org/amazon.html</a>); by
promoting Amazon, Canonical
+ contributes to them. However, the ads are not the core of the
+ problem. The main issue is the spying. Canonical says it does not
+ tell Amazon who searched for what. However, it is just as bad for
+ Canonical to collect your personal information as it would have been
+ for Amazon to collect it.</p>
+
+<p>People will certainly make a modified version of Ubuntu without this
+ surveillance. In fact, several GNU/Linux distros are modified
+ versions of Ubuntu. When those update to the latest Ubuntu as a base,
+ I expect they will remove this. Canonical surely expects that too.</p>
+
+<p>Most free software developers would abandon such a plan given the
+ prospect of a mass switch to someone else's corrected version. But
+ Canonical has not abandoned the Ubuntu spyware. Perhaps Canonical
+ figures that the name "Ubuntu" has so much momentum and influence that
+ it can avoid the usual consequences and get away with surveillance.</p>
+
+<p>Canonical says this feature searches the Internet in other ways.
+ Depending on the details, that might or might not make the problem
+ bigger, but not smaller.</p>
+
+<p>Ubuntu allows users to switch the surveillance off. Clearly Canonical
+ thinks that many Ubuntu users will leave this setting in the default
+ state (on). And many may do so, because it doesn't occur to them to
+ try to do anything about it. Thus, the existence of that switch does
+ not make the surveillance feature ok.</p>
+
+<p>Even if it were disabled by default, the feature would still be
+ dangerous: "opt in, once and for all" for a risky practice, where the
+ risk varies depending on details, invites carelessness. To protect
+ users' privacy, systems should make prudence easy: when a local search
+ program has a network search feature, it should be up to the user to
+ choose network search explicitly <em>each time</em>. This is easy:
+ all it takes is to have separate buttons for network searches and
+ local searches, as earlier versions of Ubuntu did. A network search
+ feature should also inform the user clearly and concretely about who
+ will get what personal information of hers, if and when she uses the
+ feature.</p>
+
+<p>If a sufficient part of our community's opinion leaders view this
+ issue in personal terms only, if they switch the surveillance off for
+ themselves and continue to promote Ubuntu, Canonical might get away
+ with it. That would be a great loss to the free software community.</p>
+
+<p>We who present free software as a defense against malware do not say
+ it is a perfect defense. No perfect defense is known. We don't say
+ the community will deter malware <em>without fail</em>. Thus,
+ strictly speaking, the Ubuntu spyware example doesn't mean we have to
+ eat our words.</p>
+
+<p>But there's more at stake here than whether some of us have to eat
+ some words. What's at stake is whether our community can effectively
+ use the argument based on proprietary spyware. If we can only say,
+ "free software won't spy on you, unless it's Ubuntu," that's much less
+ powerful than saying, "free software won't spy on you."</p>
+
+<p>It behooves us to give Canonical whatever rebuff is needed to make it
+ stop this. Any excuse Canonical offers is inadequate; even if it used
+ all the money it gets from Amazon to develop free software, that can
+ hardly overcome what free software will lose if it ceases to offer an
+ effective way to avoid abuse of the users.</p>
+
+<p>If you ever recommend or redistribute GNU/Linux, please remove Ubuntu
+ from the distros you recommend or redistribute. If its practice of
+ installing and recommending nonfree software didn't convince you to
+ stop, let this convince you. In your install fests, in your Software
+ Freedom Day events, in your FLISOL events, don't install or recommend
+ Ubuntu. Instead, tell people that Ubuntu is shunned for spying.</p>
+
+<p>While you're at it, you can also tell them that Ubuntu contains
+ nonfree programs and suggests other nonfree programs. (See
+ <a href="http://www.gnu.org/distros/common-distros.html">
+ http://www.gnu.org/distros/common-distros.html</a>.) That will counteract
+ the other form of negative influence that Ubuntu exerts in the free
+ software community: legitimizing nonfree software.</p>
+
+<!-- If needed, change the copyright block at the bottom. In general,
+ pages on the GNU web server should be under CC BY-ND 3.0 US.
+ Please do NOT change or remove this without talking
+ with the webmasters or licensing team first.
+ Please make sure the copyright date is consistent with the document.
+ For web pages, it is ok to list just the latest year the document
+ was modified, or published.
+
+ If you wish to list earlier years, that is ok too.
+ Either "2001, 2002, 2003" or "2001-2003" are ok for specifying
+ years, as long as each year in the range is in fact a copyrightable
+ year, i.e., a year in which the document was published (including
+ being publicly visible on the web or in a revision control system).
+
+ There is more detail about copyright years in the GNU Maintainers
+ Information document, www.gnu.org/prep/maintain. -->
+
+
+</div><!-- for id="content", starts in the include above -->
+<!--#include virtual="/server/footer.html" -->
+<div id="footer">
+
+ <p>Please send general FSF & GNU inquiries to
+ <a href="mailto:address@hidden"><address@hidden></a>.
+ There are also <a href="/contact/">other ways to contact</a>
+ the FSF. Broken links and other corrections or suggestions can be sent
+ to <a href="mailto:address@hidden"><address@hidden></a>.</p>
+
+ <p><!-- TRANSLATORS: Ignore the original text in this paragraph,
+ replace it with the translation of these two:
+
+ We work hard and do our best to provide accurate, good quality
+ translations. However, we are not exempt from imperfection.
+ Please send your comments and general suggestions in this regard
+ to <a href="mailto:address@hidden">
+ <address@hidden></a>.</p>
+
+ <p>For information on coordinating and submitting translations of
+ our web pages, see <a
+
href="/server/standards/README.translations.html">Translations
+ README</a>. -->
+ Please see the <a
+
href="/server/standards/README.translations.html">Translations
+ README</a> for information on coordinating and submitting translations
+ of this article.</p>
+
+ <p>Copyright © 2012 Richard Stallman</p>
+
+ <p>This page is licensed under a <a rel="license"
+
href="http://creativecommons.org/licenses/by-nd/3.0/us/">Creative
+ Commons Attribution-NoDerivs 3.0 United States License</a>.</p>
+
+ <p>Updated:
+ <!-- timestamp start -->
+ $Date: 2012/12/07 15:14:47 $
+ <!-- timestamp end -->
+ </p>
+</div>
+</div>
+</body>
+</html>
- www/philosophy ubuntu-spyware.html,
Fabio J. Gonzalez <=