Excerpts from Jono Bacon's message of 2012-12-15 18:01:55 -0800: > On Thu, Dec 13, 2012 at 10:23 PM, Grant Bowman <grant...@ubuntu.com> wrote: > > > > What is the objection about Canonical making money in Ubuntu given the > > > millions of dollars invested into Ubuntu? > > > > I think trust is the primary issue. > > > > First, that was a partial quote of a sentence and I think not the most > > important aspect of this whole debate. Second, I didn't express that > > particular sentiment accurately. Perhaps it would be more clear with > > an appended "in this way." I am not alone in feeling this particular > > implementation crosses a line of trust. Perhaps as you say Canonical > > "didn’t get it 100% right". That's why I am trying to reserve > > judgement despite it being released in a non LTS version inserted at > > the last minute from what I heard. If Canonical had submitted a > > similar feature to Debian do you suspect it would have gotten accepted > > or is Canonical somehow abusing it's specially entrusted power? People > > trust this environment because it is level and open. This feature as > > implemented so far is neither. > > > > A few things here: > > * I believe that Canonical has demonstrated pretty good trust over the > years. Sure, there are some examples in which people feel Canonical them > them down, but I think if we are talking about "trust", Canonical has > generally acted in a trustworthy manner over the years - we are still very > much a community project, openly governed, we sponsor many community > members to every UDS to participate, and Mark Shuttleworth continues to be > a member of the Community Council. I appreciate that you have reservations > about this feature but lets keep things in perspective over the seven years > that Canonical has been investing in Ubuntu.
+1 that Canonical has been a trustworthy steward of Ubuntu users' software needs through the years, and will continue to be. However, Data privacy is not even remotely the same thing. In one instance, the user is given something from a trusted source (Canonical). In the other, the user is giving something *to* a trusted party (Canonical). > > Other entities including but not limited to the EFF have expressed > > their concerns pretty well. > > > > https://www.eff.org/deeplinks/2012/10/privacy-ubuntu-1210-amazon-ads-and-data-leaks > > > > > The EFF article was excellent; I agree. > > > Where is the money coming from? Facebook, Twitter, BBC, Amazon and > > other third parties of Canonical's choosing, right? This is done by > > keylogging "send your keystrokes" from all the searches on a default > > install with no notice to end users, right? Making money from work one > > does is what Canonical has carefully done in the past. I believe > > Canonical is trying to find the balance and is doing a better job than > > anyone else I think in this regard. > > > > > You have this a little wrong on two points: > > * Firstly, this is not keylogging. Keylogging is the covert collection of > keystrokes against the knowledge of the user. This feature is not secret, > it is pretty well documented, and we don't let malicious software such as > keyloggers and spyware into the archive. So its not covert key logging, but it is certainly sending keystrokes to the system as I type them in, which ends up being a lot like a keylogger. And it doesn't really matter that Canonical is sitting between users and Amazon. http://en.wikipedia.org/wiki/AOL_search_data_leak Just having a stream of searches is enough to identify a person, a pattern, and reveal things they may not want to reveal. > * Secondly, you are confusing the web apps feature the Amazon feature. In > 12.10 we included support for web apps integration into Ubuntu such as the > Facebookm BBC, and Twitter examples you mentioned. We don't make money on > those - that is just feature integration so our users get a better > experience. Also, in terms of the Amazon search results, we don't make > money from the searches (again, this is not keylogging to make money), we > only make affiliate revenue from purchases made through the dash. This is > no different to if you put an affiliate link to a product on Amazon on your > blog. Its a little different, in that the searches users are performing in their dash are not obviously *for* remote consumption, but on your blog, being on your blog means intentionally being under the control of your blog. So what this feature does, is put the default user's machine under control of Canonical's search backend thing. If the feature were turned into an opt-in, rather than opt-out, then I think much of the bad feelings that have been brought up by it would be erased. -- Ubuntu-us-ca mailing list Ubuntu-us-ca@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-us-ca
