Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for May 23, 2013
An "enum" for Python 3
An unexpected perf feature
LWN.net Weekly Edition for May 16, 2013
A look at the PyPy 2.0 release
my problem is with using the term "spyware"
Posted Dec 17, 2012 18:58 UTC (Mon) by dlang (✭ supporter ✭, #313)
This is a very different situation from what I consider "spyware", which is sending data elsewhere that's unrelated to the function being performed.
I see this as crying wolf because even if it is a privacy violation, it's nowhere close to the class of spyware that we really need to get people upset about.
Posted Dec 17, 2012 19:03 UTC (Mon) by mjg59 (subscriber, #23239)
Posted Dec 17, 2012 19:57 UTC (Mon) by hummassa (subscriber, #307)
Spyware is a class of malware that causes lot of trouble. It is usually used to get your home banking passwords and other stuff that generally cause lots of monetary damages.
The Dash Imbroglio is an instance of another class of malware -- that deceives the user, that AT THIS POINT IN TIME, unless you advise and ask for permission first, will reasonably expect it to be just a local search and instead will do an Amazon search in addition to it.
The solution is simple: before sending any data to amazon, the first time the dash is used for each user, it should show a simple dialog stating "hi! Amazon contributes for you to have this wonderfull and Free software! How about contributing back and letting it see your searches, in case it wants to show you some offers embedded in the results? [Ok] [No, thanks]". The default could even be "ok", but no one would be DECEIVED -- the operative word that makes RMS be at least partially right.
Posted Dec 17, 2012 20:10 UTC (Mon) by dlang (✭ supporter ✭, #313)
That being said, while I am unlikely to ever use Dash (in spite of the fact that I do run Ubuntu, I use KDE not Unity), I don't see this as the end of the world that many people are making it out to be.
People are starting to expect that "search" doesn't just mean "search locally", it also means "search on the Internet". Many of the search tools that they interact with (Chrome and IE address bars for example) default to this already.
If I was doing the UI for Dash, I would have a toggle off to the side to switch between "local only" and "local + Internet" search modes (and I would be Ok with it defaulting to "Internet"). But I know from painful experience that I'm a lousy UI developer :-)
Posted Dec 17, 2012 23:31 UTC (Mon) by rahulsundaram (subscriber, #21946)
The evidence you provide to support your assertion that is somehow people's expectation that search results will connect to internet automatically is very weak. Internet browsers may search the internet and that by itself is not very surprising but desktop interfaces in general do not connect to the internet to search things automatically by default. GNOME Shell for instance, used to provide link to wikipedia and google from the shell search interface but it did NOT search google and wikipedia by default. That would have been a surprising privacy violation.
The primary reason Canonical seems to be doing it is because of a commercial contract with Amazon. If you can point to any other OS search interface that connects to the internet by default to get search results, you might have a point. As it stands, I think this is very much a unprecedented move and not at all in line with what users expect.
Posted Dec 18, 2012 0:06 UTC (Tue) by dlang (✭ supporter ✭, #313)
I'm somewhere in the middle. It's not something I will choose to use, but I don't see it as being evil.
The only thing I really disagree with is applying the term "spyware" to it. It may be wrong for other privacy reasons, but "spyware" isn't "anything that can leak information"
Posted Dec 18, 2012 0:08 UTC (Tue) by hummassa (subscriber, #307)
Well, actually... The new Android has a local+remote search enabled by default, and iOS also does some surprising searches. That was the main reason why I said "at the present time"...
Posted Dec 18, 2012 18:32 UTC (Tue) by pboddie (subscriber, #50784)
Ultimately, you have a free-for-all like in the smartphone "app" world where suddenly applications are uploading all sorts of things to the mothership. Even then, people will defend this sort of thing because "it's so convenient".
Integrating Internet services into applications isn't necessarily a bad thing, but if the business model of the month is all about keystrokes being remotely logged or whatever, people should be made very much aware that this is happening in advance so that they can avoid the product completely if they want. Mumbling that such behaviour can be turned off is not sufficient because most users will never be made aware of the situation in the first place.
Posted Dec 18, 2012 18:41 UTC (Tue) by pboddie (subscriber, #50784)
'violating reasonable user expectations' is arguable in this case
Just looking at the screenshot accompanying the article is enough to indicate that reasonable user expectations have been violated here. Would you like some "More suggestions" with your "Files & Folders"? Aside from perhaps wondering why the latter is title-capitalised and the former is not - maybe there's a retail brand about to be launched - someone who has had Ubuntu installed for them is likely to be slightly surprised and wonder what else was installed for them until they do a real Internet search and arrive at the wailing echo-chamber that is the Ubuntu Forums, only to eventually learn after pages of confused opinion what has really been going on.
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds