LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Shuttleworth: Unity shell will be default desktop in Ubuntu 11.04 (ars technica)

Shuttleworth: Unity shell will be default desktop in Ubuntu 11.04 (ars technica)

Posted Oct 28, 2010 14:36 UTC (Thu) by callegar (guest, #16148)
In reply to: Shuttleworth: Unity shell will be default desktop in Ubuntu 11.04 (ars technica) by fandingo
Parent article: Shuttleworth: Unity shell will be default desktop in Ubuntu 11.04 (ars technica)

You have been more lucky than me.

I manage a machine where users have _only_ documents (text, PDF, openoffice, etc.) and I use kubuntu. After an OS upgrade that brought in nepomuk + strigi, all users all at a sudden started complaining about the machine being unusable. All of them had gone out of quota because of 2 - 4 GB of space taken by the indexer, which is close to the same space taken by their original documents.

With regards to privacy, I think I have not explained myself well enough. Among many people I know the following is common practice: I need to write a short document or to check the email and I do not have a laptop, so I ask a friend to borrow his laptop for 10 minutes. They give the laptop to me and they do not set up a new user account for this. So I happen to work in their account. Typically they just copy out one dir of sensitive data to a USB pen, to make sure that I do not have access to passwords, bank data, etc. I keep telling them that this is a dangerous thing to to, but it does not matter. In this condition I get a machine where they think there is no sensitive data, but in fact there is in the indexer. IMHO a machine with an indexer should assure that when something is permanently deleted, it is also immediately deleted from the indexer database too.

(Log in to post comments)

Shuttleworth: Unity shell will be default desktop in Ubuntu 11.04 (ars technica)

Posted Oct 28, 2010 15:02 UTC (Thu) by foom (subscriber, #14868) [Link]

> Among many people I know the following is common practice: I need to write a short document or to check the email and I do not have a laptop, so I ask a friend to borrow his laptop for 10 minutes. They give the laptop to me and they do not set up a new user account for this.

Okay, I'm with you up to here...

> Typically they just copy out one dir of sensitive data to a USB pen, to make sure that I do not have access to passwords, bank data, etc.

Say what? Your friends move data off their machines to a USB pen every time before lending it to you for 10 minutes? I have never heard of anyone doing that -- it sounds like a rather serious pain in the ass. If you're going to be paranoid like that, wouldn't it be easier to just make a new user account instead?

> In this condition I get a machine where they think there is no sensitive data, but in fact there is in the indexer.

Yeah...well...I just let people borrow my machine with the sensitive data still on it and trust that nobody is going to actually go searching through my stuff to find private data, when they were just borrowing my laptop to check their email...and I don't think I'm alone there.

Shuttleworth: Unity shell will be default desktop in Ubuntu 11.04 (ars technica)

Posted Nov 2, 2010 8:21 UTC (Tue) by buchanmilne (guest, #42315) [Link]

Among many people I know the following is common practice: I need to write a short document or to check the email and I do not have a laptop, so I ask a friend to borrow his laptop for 10 minutes. They give the laptop to me and they do not set up a new user account for this.

They shouldn't need to set up a new user account, they should let you use a guest user account, such as those present on a number of Linux distributions (implemented with the xguest package). This guest account has limited access, e.g. no access to subdirectories of /home except the temporary home directory, even if the subdirectories have lax permissions, and no persistent storage.

If indexing is a huge privacy concern, what about stored passwords in browsers, browser sessions/cookies, temporary files, ability to trojan the account etc. etc. ?

Shuttleworth: Unity shell will be default desktop in Ubuntu 11.04 (ars technica)

Posted Nov 4, 2010 9:17 UTC (Thu) by callegar (guest, #16148) [Link]

This is exactly the reason why:

- there is an option to erase the files in the trashcan
- tmp directories are typically erased at every reboot
- browsers have a nice friendly menu entry to erase sensitive data.

My point is precisely this one: _before_ systems with indexing enabled by default ship, indexing systems should include options to
_selectively erase the index database_ (and reclaim the used space). Which _none_ of the current indexing system has (certainly not nepomuk, where the only option is to erase a database file by hand, loosing all of the database, including file tags.).

I am not against indexing saying that it is a privacy concern tout court. I am against the fact that indexing is enabled by default and now made a central part of the system _before_ the indexing implementations are completed by adding ways of controlling what is actually indexed. This is IMHO a very gratuitious way to look for trouble.

Would you accept to have a desktop system with a trashcan, where the trashcan cannot be emptied? Or a browser where stored passwords cannot be deleted? So why do people tend to accept so easily the idea of an indexing system where the index database cannot be controlled?

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds