Feeds

Privacy group damns Ubuntu's Amazon search marriage

Unhelpful when you're searching your pr0n library

Top three mobile application threats

Privacy activists have taken Canonical to task for exposing users' web searches and searches of their local hard drives to sites such as Amazon, Facebook and the BBC.

The Electronic Frontier Foundation has called Canonical's integration of the Ubuntu 12.10 Dash search feature with results from Amazon "a major privacy problem".

The integration comes courtesy of the Unity Dash search feature, introduced with Ubuntu 12.10 earlier in October. It caused a storm among users but was defended by Ubuntu daddy Mark Shuttleworth, although Canonical subsequently released a kill switch.

EEF highlighted a number of situations where you could be searching your Ubuntu PC's hard drive and wouldn't want results beamed out to the Canonical server that then sucks back in Amazon matches.

These include searching for the latest version of your résumé at work, looking for a domestic abuse hotline PDF, divorce documents, looking for documents with file names that will gave away trade secrets or activism plans ... or even tracking down that one piece of porn you just can't seem get your hands on.

"There are many reasons why you wouldn't want any of these search queries to leave your computer," the group said.

The EEF has posted tips on uninstalling the Dash-Amazon feature and advised people on moving to Gnome 3, KDE or Cinnamon.

The group also upbraided Canonical for not clearly disclosing to Ubuntu users who it is sharing their data with.

Dash 12.10 features a new, and not immediately obvious, legal notice that says that by using Dash, you automatically agree to send your search terms and IP address to third parties "including" Facebook, Twitter, BBC and Amazon.

"Canonical is not clear about which third parties it sends data to and when, but it appears that many of these third parties only get searched in certain circumstances," EEF wrote.

EEF listed four points of action for Canonical: disable the inclusion of online searches by default; explain in detail what happens to search queries and IP addresses; let users toggle on and off between specific online search results; and "respect users' privacy and security".

EEF said it loved that Ubuntu is "bold enough to break new ground and compete directly with the large proprietary operating systems" but that Canonical should not follow moves by software companies to share users' data without the users' express consent to "maximise profits for their shareholders". ®

Top three mobile application threats

More from The Register

next story
OpenBSD founder wants to bin buggy OpenSSL library, launches fork
One Heartbleed vuln was too many for Theo de Raadt
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Ubuntu 14.04 LTS: Great changes, but sssh don't mention the...
Why HELLO Amazon! You weren't here last time
Got Windows 8.1 Update yet? Get ready for YET ANOTHER ONE – rumor
Leaker claims big release due this fall as Microsoft herds us into the CLOUD
Patch iOS, OS X now: PDFs, JPEGs, URLs, web pages can pwn your kit
Plus: iThings and desktops at risk of NEW SSL attack flaw
Next Windows obsolescence panic is 450 days from … NOW!
The clock is ticking louder for Windows Server 2003 R2 users
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
Apple inaugurates free OS X beta program for world+dog
Prerelease software now open to anyone, not just developers – as long as you keep quiet
prev story

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.