[uylug-varios] Ubuntu Spyware: What to Do?

Ismael Castagnet ismael.castagnet at gmail.com
Sun Dec 9 06:52:51 PST 2012 

si, se las mandó con todo
recién llego del consegi en belén do pará donde moderé dos charlas de
stallman y esa afirmación dejó de boca abierta a unos cuantos ...



2012/12/9 Federico Kouyoumdjian <fedekp at autistici.org>:
> http://www.fsf.org/blogs/rms/ubuntu-spyware-what-to-do
>
>  One of the major advantages of free software is that the community protects
> users from malicious software. Now Ubuntu GNU/Linux has become a
> counterexample. What should we do?
>
> One of the major advantages of free software is that the community protects
> users from malicious software. Now Ubuntu GNU/Linux has become a
> counterexample. What should we do?
>
> Proprietary software is associated with malicious treatment of the user:
> surveillance code, digital handcuffs (DRM or Digital Restrictions
> Management) to restrict users, and back doors that can do nasty things under
> remote control. Programs that do any of these things are malware and should
> be treated as such. Widely used examples include Windows, the iThings, and
> the Amazon "Kindle" product for virtual book burning, which do all three;
> Macintosh and the Playstation III which impose DRM; most portable phones,
> which do spying and have back doors; Adobe Flash Player, which does spying
> and enforces DRM; and plenty of apps for iThings and Android, which are
> guilty of one or more of these nasty practices.
>
> Free software gives users a chance to protect themselves from malicious
> software behaviors. Even better, usually the community protects everyone,
> and most users don't have to move a muscle. Here's how.
>
> Once in a while, users who know programming find that a free program has
> malicious code. Generally the next thing they do is release a corrected
> version of the program; with the four freedoms that define free software
> (see http://www.gnu.org/philosophy/free-sw.html), they are free to do this.
> This is called a "fork" of the program. Soon the community switches to the
> corrected fork, and the malicious version is rejected. The prospect of
> ignominious rejection is not very tempting; thus, most of the time, even
> those who are not stopped by their consciences and social pressure refrain
> from putting malfeatures in free software.
>
> But not always. Ubuntu, a widely used and influential GNU/Linux
> distribution, has installed surveillance code. When the user searches her
> own local files for a string using the Ubuntu desktop, Ubuntu sends that
> string to one of Canonical's servers. (Canonical is the company that
> develops Ubuntu.)
>
> This is just like the first surveillance practice I learned about in
> Windows. My late friend Fravia told me that when he searched for a string in
> the files of his Windows system, it sent a packet to some server, which was
> detected by his firewall. Given that first example I paid attention and
> learned about the propensity of "reputable" proprietary software to be
> malware. Perhaps it is no coincidence that Ubuntu sends the same
> information.
>
> Ubuntu uses the information about searches to show the user ads to buy
> various things from Amazon. Amazon commits many wrongs (see
> http://stallman.org/amazon.html); by promoting Amazon, Canonical contributes
> to them. However, the ads are not the core of the problem. The main issue is
> the spying. Canonical says it does not tell Amazon who searched for what.
> However, it is just as bad for Canonical to collect your personal
> information as it would have been for Amazon to collect it.
>
> People will certainly make a modified version of Ubuntu without this
> surveillance. In fact, several GNU/Linux distros are modified versions of
> Ubuntu. When those update to the latest Ubuntu as a base, I expect they will
> remove this. Canonical surely expects that too.
>
> Most free software developers would abandon such a plan given the prospect
> of a mass switch to someone else's corrected version. But Canonical has not
> abandoned the Ubuntu spyware. Perhaps Canonical figures that the name
> "Ubuntu" has so much momentum and influence that it can avoid the usual
> consequences and get away with surveillance.
>
> Canonical says this feature searches the Internet in other ways. Depending
> on the details, that might or might not make the problem bigger, but not
> smaller.
>
> Ubuntu allows users to switch the surveillance off. Clearly Canonical thinks
> that many Ubuntu users will leave this setting in the default state (on).
> And many may do so, because it doesn't occur to them to try to do anything
> about it. Thus, the existence of that switch does not make the surveillance
> feature ok.
>
> Even if it were disabled by default, the feature would still be dangerous:
> "opt in, once and for all" for a risky practice, where the risk varies
> depending on details, invites carelessness. To protect users' privacy,
> systems should make prudence easy: when a local search program has a network
> search feature, it should be up to the user to choose network search
> explicitly each time. This is easy: all it takes is to have separate buttons
> for network searches and local searches, as earlier versions of Ubuntu did.
> A network search feature should also inform the user clearly and concretely
> about who will get what personal information of hers, if and when she uses
> the feature.
>
> If a sufficient part of our community's opinion leaders view this issue in
> personal terms only, if they switch the surveillance off for themselves and
> continue to promote Ubuntu, Canonical might get away with it. That would be
> a great loss to the free software community.
>
> We who present free software as a defense against malware do not say it is a
> perfect defense. No perfect defense is known. We don't say the community
> will deter malware without fail. Thus, strictly speaking, the Ubuntu spyware
> example doesn't mean we have to eat our words.
>
> But there's more at stake here than whether some of us have to eat some
> words. What's at stake is whether our community can effectively use the
> argument based on proprietary spyware. If we can only say, "free software
> won't spy on you, unless it's Ubuntu," that's much less powerful than
> saying, "free software won't spy on you."
>
> It behooves us to give Canonical whatever rebuff is needed to make it stop
> this. Any excuse Canonical offers is inadequate; even if it used all the
> money it gets from Amazon to develop free software, that can hardly overcome
> what free software will lose if it ceases to offer an effective way to avoid
> abuse of the users.
>
> If you ever recommend or redistribute GNU/Linux, please remove Ubuntu from
> the distros you recommend or redistribute. If its practice of installing and
> recommending nonfree software didn't convince you to stop, let this convince
> you. In your install fests, in your Software Freedom Day events, in your
> FLISOL events, don't install or recommend Ubuntu. Instead, tell people that
> Ubuntu is shunned for spying.
>
> While you're at it, you can also tell them that Ubuntu contains nonfree
> programs and suggests other nonfree programs. (See
> http://www.gnu.org/distros/common-distros.html.) That will counteract the
> other form of negative influence that Ubuntu exerts in the free software
> community: legitimizing nonfree software.
>
> Copyright 2012 Richard Stallman
> Released under the Creative Commons Attribution Noderivatives 3.0 license
> _______________________________________________
> Uylug-varios mailing list
> Uylug-varios at listas.uylug.org.uy
> http://listas.uylug.org.uy/listinfo.cgi/uylug-varios-uylug.org.uy



-- 
-------------------------------------------------------------------------------------

Defender la alegría como una trinchera ...

Mario Benedetti

More information about the Uylug-varios mailing list