Why are you telling Amazon what I am searching for?
We are not telling Amazon what you are searching for. Your anonymity is preserved because we handle the query on your behalf. Don’t trust us? Erm, we have root. You do trust us with your data already.
Shuttleworth founded Thawte in 1995, which specialised in digital certificates and Internet security and then sold it to VeriSign in December 1999, earning R 3.5 billion (about US$ 575 million at the time).
Verisign was founded in 1995 as a spin-off of the RSA Security certification services business. The new company received licenses to key cryptographic patents held by RSA and a time limited non-compete agreement. The new company served as a certificate authority (CA) and its initial mission was "providing trust for the Internet and Electronic Commerce through our Digital Authentication services and products." Prior to selling its certificate business to Symantec in 2010, Verisign had more than 3,000,000 certificates in operation for everything from military to financial services and retail applications, making it the largest CA behind the encryption and authentication on the Internet, which most people recognize as the small padlock icon in their Web browser when shopping online or logging into a secure website.
Of course it's not in the spirit of freedom, which is at the heart of the open-source movement.
That being said, you have options:
1. You can deactivate the thing with 1 click in the privacy settings, or:
2. You can yank the concerned package itself (you wouldn't have that freedom on closed-source operating systems such as Windows or MacOS/iOS).
Open-source operating systems are still infinitely better than closed-source ones, if you want to be free. Once you'll have regained your various kinds of freedom that come with it, you will never go back to closed source. That is why open-source definitely will win, in the long-run at least.
And:
There's a host of alternatives to Ubuntu, and that means: Mark knows very well that he can never go down the "evil rabbit hole" as much as platforms that lock you in can (Apple, MS) - because open-source is by definition about freedom, it's in its DNA.
Conclusion: should he f#ck up too much one day, users are 100% free to hop to the next distro and Mark would be done - you'll never get a better insurance than that.
The real worry is not Canonical misusing your data, but third-parties mis-using it. Even if Canoncial makes a mistake and goes down, in the mean time, your private information has been sent to third-parties, by default!
"Third-parties" includes Amazon, disgruntled employees, MITM, intruders, govt agencies, and so on.
> The real worry is not Canonical misusing your data, but third-parties mis-using it.
Nobody said otherwise. But, as I said: a) you have full control over the situation (easy options to fix the problem), b) Mark knows very well that he can't go further in privacy-related concessions - his credit is maxed out now.
Btw., as a reminder, have you already quit using all products and services provided by the NSA partner companies, such as: Google, Facebook, Apple, Microsoft, Skype, Yahoo, Paltalk, etc.? And do you encrypt 100% of your communication (email, chat, VOIP, VPN)? Because that's the real elephant in the room, as far as your privacy is concerned (and I'm not defending Canonical's Amazon search term deal).
"Your private information has been sent to third-parties" every time you do a search on Google. Many pieces of software do Google searches without anyone making a huge ideological stink over it.
"Don’t trust us? Erm, we have root. You do trust us with your data already."
He has a point, you know. You implicitly trust every operating system vendor you are using with everything you do on your computer. Open source makes being evil only more difficult, not impossible.
But there is still a marked difference between trusting an executable that only resides on your system vs. one that phones home search results.
It's true, I can't conceivably pour over an entire source library even if it's open, but the fact that it is open means that possibility is open for many more eyes. This puts the executables built from those sources a notch above in trustworthiness. However the search behavior is the big sticking point here.
Canonical founder has done some business back in the day with company that is two hops away from NSA and now everything he does calls back to the NSA and is part of a giant conspiracy - that is what I think I was suppose to think after reading the post.
It's an annoyance. Canonical made a mistake entering into that deal. It takes more away from the image of Ubuntu as a no-crapware alternative than it gives them in monetization.
Amazon is a mixed bag. For example, you don't sign your own app for the Amazon app store. This messes up data sharing if your customer bought apps from different stores, and it enables Amazon to add potentially intrusive code into the APK. Also, "associate" incentives are a big part of Amazon's marketing. I don't think they would view the Canonical deal as being bad for their image.
We are not telling Amazon what you are searching for. Your anonymity is preserved because we handle the query on your behalf. Don’t trust us? Erm, we have root. You do trust us with your data already.
http://www.markshuttleworth.com/archives/1182
Shuttleworth founded Thawte in 1995, which specialised in digital certificates and Internet security and then sold it to VeriSign in December 1999, earning R 3.5 billion (about US$ 575 million at the time).
Verisign was founded in 1995 as a spin-off of the RSA Security certification services business. The new company received licenses to key cryptographic patents held by RSA and a time limited non-compete agreement. The new company served as a certificate authority (CA) and its initial mission was "providing trust for the Internet and Electronic Commerce through our Digital Authentication services and products." Prior to selling its certificate business to Symantec in 2010, Verisign had more than 3,000,000 certificates in operation for everything from military to financial services and retail applications, making it the largest CA behind the encryption and authentication on the Internet, which most people recognize as the small padlock icon in their Web browser when shopping online or logging into a secure website.
https://en.wikipedia.org/wiki/Public_key_infrastructure#Secu...