Feeds

Privacy group damns Ubuntu's Amazon search marriage

Unhelpful when you're searching your pr0n library

SANS - Survey on application security programs

Privacy activists have taken Canonical to task for exposing users' web searches and searches of their local hard drives to sites such as Amazon, Facebook and the BBC.

The Electronic Frontier Foundation has called Canonical's integration of the Ubuntu 12.10 Dash search feature with results from Amazon "a major privacy problem".

The integration comes courtesy of the Unity Dash search feature, introduced with Ubuntu 12.10 earlier in October. It caused a storm among users but was defended by Ubuntu daddy Mark Shuttleworth, although Canonical subsequently released a kill switch.

EEF highlighted a number of situations where you could be searching your Ubuntu PC's hard drive and wouldn't want results beamed out to the Canonical server that then sucks back in Amazon matches.

These include searching for the latest version of your résumé at work, looking for a domestic abuse hotline PDF, divorce documents, looking for documents with file names that will gave away trade secrets or activism plans ... or even tracking down that one piece of porn you just can't seem get your hands on.

"There are many reasons why you wouldn't want any of these search queries to leave your computer," the group said.

The EEF has posted tips on uninstalling the Dash-Amazon feature and advised people on moving to Gnome 3, KDE or Cinnamon.

The group also upbraided Canonical for not clearly disclosing to Ubuntu users who it is sharing their data with.

Dash 12.10 features a new, and not immediately obvious, legal notice that says that by using Dash, you automatically agree to send your search terms and IP address to third parties "including" Facebook, Twitter, BBC and Amazon.

"Canonical is not clear about which third parties it sends data to and when, but it appears that many of these third parties only get searched in certain circumstances," EEF wrote.

EEF listed four points of action for Canonical: disable the inclusion of online searches by default; explain in detail what happens to search queries and IP addresses; let users toggle on and off between specific online search results; and "respect users' privacy and security".

EEF said it loved that Ubuntu is "bold enough to break new ground and compete directly with the large proprietary operating systems" but that Canonical should not follow moves by software companies to share users' data without the users' express consent to "maximise profits for their shareholders". ®

3 Big data security analytics techniques

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
IRS boss on XP migration: 'Classic fix the airplane while you're flying it attempt'
Plus: Condoleezza Rice at Dropbox 'maybe she can find ... weapons of mass destruction'
Ditch the sync, paddle in the Streem: Upstart offers syncless sharing
Upload, delete and carry on sharing afterwards?
New Facebook phone app allows you to stalk your mates
Nearby Friends feature goes live in a few weeks
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.