dug into his
By some accounts, the Palm Pre is a nice device; it is, of course, based on
Linux. Joey Hess recently stirred up a bit of a fuss when he
and determined that it was reporting a surprising amount of
personal information back to Palm.
It seems that Palm knows where Pre owners are, as determined by the GPS
receiver; the device also reports information on application use, program
crashes, and more. All of this activity is covered under Palm's posted
Palm is not alone in this kind of activity. More recent Android phones put
up a disconcerting confirmation dialog when asked to calculate location
information from the cellular network:
Location consent: Allow Google's location service to collect
anonymous and aggregate location data. Collection will occur
regardless of whether any applications are active.
If the user withholds consent, the location service will not function at
all. Android devices also upload a great deal of other personal
information - the phone book, for example - to Google's servers.
Amazon's Linux-based Kindle uses its built-in cellular modem to send
back log files, information about what books are on the device, bookmark
locations, notes, and more. There is no way to turn this reporting off
short of disabling the wireless connection.
One of the key advantages of free software was supposed to be freedom from
this kind of surveillance. With control over the software on our systems,
we can remove feature which were put there for somebody else's benefit. We
don't have to create systems which will report our location, application
choices, reading preferences, and more to some remote mothership. When we
control our systems, we can ensure that those systems don't sell us out to
But the three examples listed above are all Linux-based systems. We may be
running free software, but we are not getting all of the benefits that
freedom is supposed to bring to us. Just because a system is running free
software does not mean that it is your friend.
Ensuring our freedom to control devices like these is part of the
motivation behind the anti-DRM provisions added to version 3 of the GNU
General Public License. Devices running GPLv3-licensed software must make
it possible for users to rebuild and replace that software; said users can,
in the process, omit any misfeatures that they feel they can do without.
But it must be said:
GPLv3 appears to have failed in this regard, so far; vendors of closed
devices have generally just chosen to avoid software with that license.
Your editor is unaware of a single device which was left open because GPLv3
In any case, many platforms are sufficiently open to enable other
solutions to the worst problems. Joey posted a workaround (delete
/usr/bin/contextupload) for Palm devices. Fully-open Android
devices are available, and those which are not open by design can generally
be liberated after the fact. It also appears to be possible to make
significant changes to how Kindle devices work - a subject your editor
intends to look into in the near future. There are still benefits to
having these systems run Linux, even if they are locked down; we understand
well how they work and are well equipped to make changes.
That said, the number of users actually making such changes has got to be
quite small. It would seem that, as a general rule, we are little
concerned about the loss of our privacy. Perhaps views will change after,
as seems inevitable, some company is caught badly abusing data collected in
this manner. Or, perhaps, life will replicate John Varley's Steel
Beach, where Lunar residents restore full power to their Central
Computer even after it tried to kill them all because having access to its
services is so convenient. It is often the case that having our
information available to others is most convenient.
Regardless of how things go, we can only hope to make informed choices if
we know what our devices are actually doing. And we'll only know that if
we can see what those devices are up to. Knowing that they run
something based on Linux is far from enough. That's why attempts to use
laws like the US DMCA to shut down investigation and liberation of devices
are so scary. It's bad enough to be unable to run the software we want on
our devices; being unable to see what those devices are doing behind our
backs is even worse.
to post comments)