[nycbug-talk] Scary Ubuntu privacy junk

George Rosamond george at ceetonetechnology.com
Thu Nov 1 01:10:23 EDT 2012


On 11/01/12 00:42, David Lawson wrote:
> 
> On Nov 1, 2012, at 12:16 AM, George Rosamond
> <george at ceetonetechnology.com> wrote:
> 
>> This isn't a linux discussion list, but think this is relevant:
>> 
>> is.gd/sgZsW7
>> 
>> It goes to an ArsTechnica link.
>> 
>> But basically, the new Ubuntu has a default feature with Dash
>> searches that sends them to Amazon, and (unencrypted) ads come
>> back.
> 
> The Quantal release version of the Amazon lens encrypts the queries,
> though the beta version did not.  It also anonymizes the queries
> prior to Amazon seeing them, which has always been the case to the
> best of my knowledge.  Mark has addressed both of those points on his
> blog.

Oh, he certainly does address it.

markshuttleworth.com/archives/1182

I especially like replies to "Why are you telling Amazon what I am
searching for?"

..."Ern, we have root."

Great way to inspire people to use OSS, aint it?  "I have root on your
box so screw you."

"Preserving anonymity" by trusting that project is laughable, at best.
Anonymity is not preserved by trust or policy, it's preserved *by
design*.  Look at Tor, GPG, etc.

And it takes little statistical hacking to deanonymize data like that.
Give an Amazon your IP and queries, and it's not anonymous.  Remember
the "anonymized" AOL data a few years back?

Who cares if it's encrypted at that point.

g




More information about the talk mailing list