| |||||||||||||
my problem is with using the term "spyware"my problem is with using the term "spyware"Posted Dec 17, 2012 18:58 UTC (Mon) by dlang (✭ supporter ✭, #313)In reply to: my problem is with using the term "spyware" by mjg59 Parent article: Ubuntu, non-advertisements, and spyware
'violating reasonable user expectations' is arguable in this case (the user is doing a search, the only point for confusion is how wide is the search)
This is a very different situation from what I consider "spyware", which is sending data elsewhere that's unrelated to the function being performed.
I see this as crying wolf because even if it is a privacy violation, it's nowhere close to the class of spyware that we really need to get people upset about.
(Log in to post comments)
my problem is with using the term "spyware" Posted Dec 17, 2012 19:03 UTC (Mon) by mjg59 (subscriber, #23239) [Link]
Your argument seems to be that this isn't as bad as this other thing that's unambiguously spyware, and therefore it's not spyware. It's not an inherently convincing argument. Sending my queries to Amazon is unrelated to the traditional function of the dash, and in the absence of sufficient user education associated with that change why would you expect a user to know that it's going to happen?
my problem is with using the term "spyware" Posted Dec 17, 2012 19:57 UTC (Mon) by hummassa (subscriber, #307) [Link]
Let me intervene here: the fact is that this IS bad, but it is ANOTHER TYPE OF BAD, not "spyware" bad. One analogy could be if you correspond "spyware" (sending information unrelated to the function of the software) with theft and DashImbroglio with assault. Both are bad, VERY BAD. One is bad for one reason, and the other is bad for another reason.
Spyware is a class of malware that causes lot of trouble. It is usually used to get your home banking passwords and other stuff that generally cause lots of monetary damages.
The Dash Imbroglio is an instance of another class of malware -- that deceives the user, that AT THIS POINT IN TIME, unless you advise and ask for permission first, will reasonably expect it to be just a local search and instead will do an Amazon search in addition to it.
The solution is simple: before sending any data to amazon, the first time the dash is used for each user, it should show a simple dialog stating "hi! Amazon contributes for you to have this wonderfull and Free software! How about contributing back and letting it see your searches, in case it wants to show you some offers embedded in the results? [Ok] [No, thanks]". The default could even be "ok", but no one would be DECEIVED -- the operative word that makes RMS be at least partially right.
my problem is with using the term "spyware" Posted Dec 17, 2012 20:10 UTC (Mon) by dlang (✭ supporter ✭, #313) [Link]
Thanks for clarifying what I've been trying to say. I'm not saying that what Dash is doing is perfectly OK, I'm just saying that it's not "spyware".
That being said, while I am unlikely to ever use Dash (in spite of the fact that I do run Ubuntu, I use KDE not Unity), I don't see this as the end of the world that many people are making it out to be.
People are starting to expect that "search" doesn't just mean "search locally", it also means "search on the Internet". Many of the search tools that they interact with (Chrome and IE address bars for example) default to this already.
If I was doing the UI for Dash, I would have a toggle off to the side to switch between "local only" and "local + Internet" search modes (and I would be Ok with it defaulting to "Internet"). But I know from painful experience that I'm a lousy UI developer :-)
my problem is with using the term "spyware" Posted Dec 17, 2012 23:31 UTC (Mon) by rahulsundaram (subscriber, #21946) [Link]
" People are starting to expect that "search" doesn't just mean "search locally", it also means "search on the Internet". Many of the search tools that they interact with (Chrome and IE address bars for example) default to this already."
The evidence you provide to support your assertion that is somehow people's expectation that search results will connect to internet automatically is very weak. Internet browsers may search the internet and that by itself is not very surprising but desktop interfaces in general do not connect to the internet to search things automatically by default. GNOME Shell for instance, used to provide link to wikipedia and google from the shell search interface but it did NOT search google and wikipedia by default. That would have been a surprising privacy violation.
The primary reason Canonical seems to be doing it is because of a commercial contract with Amazon. If you can point to any other OS search interface that connects to the internet by default to get search results, you might have a point. As it stands, I think this is very much a unprecedented move and not at all in line with what users expect.
my problem is with using the term "spyware" Posted Dec 18, 2012 0:06 UTC (Tue) by dlang (✭ supporter ✭, #313) [Link]
Like I said, If this is a good thing or not is something that people can honestly disagree over.
I'm somewhere in the middle. It's not something I will choose to use, but I don't see it as being evil.
The only thing I really disagree with is applying the term "spyware" to it. It may be wrong for other privacy reasons, but "spyware" isn't "anything that can leak information"
my problem is with using the term "spyware" Posted Dec 18, 2012 0:08 UTC (Tue) by hummassa (subscriber, #307) [Link]
> The primary reason Canonical seems to be doing it is because of a commercial contract with Amazon. If you can point to any other OS search interface that connects to the internet by default to get search results, you might have a point. As it stands, I think this is very much a unprecedented move and not at all in line with what users expect.
Well, actually... The new Android has a local+remote search enabled by default, and iOS also does some surprising searches. That was the main reason why I said "at the present time"...
my problem is with using the term "spyware" Posted Dec 18, 2012 18:32 UTC (Tue) by pboddie (subscriber, #50784) [Link]
Aren't we looking at the classic slippery slope with this? At first, people claim that it isn't a problem because only one desktop function does it (and not even one which is explicitly Internet-oriented), and as more applications "dial home" as a matter of routine, people will still claim that it isn't a problem because only a minority of applications do it, and then because not all applications do it.
Ultimately, you have a free-for-all like in the smartphone "app" world where suddenly applications are uploading all sorts of things to the mothership. Even then, people will defend this sort of thing because "it's so convenient".
Integrating Internet services into applications isn't necessarily a bad thing, but if the business model of the month is all about keystrokes being remotely logged or whatever, people should be made very much aware that this is happening in advance so that they can avoid the product completely if they want. Mumbling that such behaviour can be turned off is not sufficient because most users will never be made aware of the situation in the first place.
my problem is with using the term "spyware" Posted Dec 18, 2012 18:41 UTC (Tue) by pboddie (subscriber, #50784) [Link] 'violating reasonable user expectations' is arguable in this case Just looking at the screenshot accompanying the article is enough to indicate that reasonable user expectations have been violated here. Would you like some "More suggestions" with your "Files & Folders"? Aside from perhaps wondering why the latter is title-capitalised and the former is not - maybe there's a retail brand about to be launched - someone who has had Ubuntu installed for them is likely to be slightly surprised and wonder what else was installed for them until they do a real Internet search and arrive at the wailing echo-chamber that is the Ubuntu Forums, only to eventually learn after pages of confused opinion what has really been going on.
|
|||||||||||||