Feeds

Privacy group damns Ubuntu's Amazon search marriage

Unhelpful when you're searching your pr0n library

Protecting users from Firesheep and other Sidejacking attacks with SSL

Privacy activists have taken Canonical to task for exposing users' web searches and searches of their local hard drives to sites such as Amazon, Facebook and the BBC.

The Electronic Frontier Foundation has called Canonical's integration of the Ubuntu 12.10 Dash search feature with results from Amazon "a major privacy problem".

The integration comes courtesy of the Unity Dash search feature, introduced with Ubuntu 12.10 earlier in October. It caused a storm among users but was defended by Ubuntu daddy Mark Shuttleworth, although Canonical subsequently released a kill switch.

EEF highlighted a number of situations where you could be searching your Ubuntu PC's hard drive and wouldn't want results beamed out to the Canonical server that then sucks back in Amazon matches.

These include searching for the latest version of your résumé at work, looking for a domestic abuse hotline PDF, divorce documents, looking for documents with file names that will gave away trade secrets or activism plans ... or even tracking down that one piece of porn you just can't seem get your hands on.

"There are many reasons why you wouldn't want any of these search queries to leave your computer," the group said.

The EEF has posted tips on uninstalling the Dash-Amazon feature and advised people on moving to Gnome 3, KDE or Cinnamon.

The group also upbraided Canonical for not clearly disclosing to Ubuntu users who it is sharing their data with.

Dash 12.10 features a new, and not immediately obvious, legal notice that says that by using Dash, you automatically agree to send your search terms and IP address to third parties "including" Facebook, Twitter, BBC and Amazon.

"Canonical is not clear about which third parties it sends data to and when, but it appears that many of these third parties only get searched in certain circumstances," EEF wrote.

EEF listed four points of action for Canonical: disable the inclusion of online searches by default; explain in detail what happens to search queries and IP addresses; let users toggle on and off between specific online search results; and "respect users' privacy and security".

EEF said it loved that Ubuntu is "bold enough to break new ground and compete directly with the large proprietary operating systems" but that Canonical should not follow moves by software companies to share users' data without the users' express consent to "maximise profits for their shareholders". ®

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
'Windows 9' LEAK: Microsoft's playing catchup with Linux
Multiple desktops and live tiles in restored Start button star in new vids
Not appy with your Chromebook? Well now it can run Android apps
Google offers beta of tricky OS-inside-OS tech
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
SUSE Linux owner Attachmate gobbled by Micro Focus for $2.3bn
Merger will lead to mainframe and COBOL powerhouse
iOS 8 release: WebGL now runs everywhere. Hurrah for 3D graphics!
HTML 5's pretty neat ... when your browser supports it
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
NHS grows a NoSQL backbone and rips out its Oracle Spine
Open source? In the government? Ha ha! What, wait ...?
Google extends app refund window to two hours
You now have 120 minutes to finish that game instead of 15
Intel: Hey, enterprises, drop everything and DO HADOOP
Big Data analytics projected to run on more servers than any other app
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.