I typically don’t listen to podcasts or watch talk shows, but the 29nd episode of the 2nd season of the Linux Action Show was referred to me and it does have a very interesting part where they discuss the usability and privacy issues around the latest iteration of Canonical’s “Unity” interface. The ten minutes where these guys discussed the matter were surprisingly thought-provoking even for someone like me who was already aware of privacy issues.
The part where they discuss the usability problems and relevance of “smart scopes” search results is between 51 minutes 40 seconds and 55 minutes.
The part where they discuss the privacy implications is between 55 minute 30 seconds and the 1 hour 1min mark, and that’s the one I’m particularly interested in here. It feels important enough for me to transcribe bits of it for you here:
“[…] they track what you search for, and the IP it came from. [Canonical] also state in their terms of service that if they’re served a warrant, they will hand that information over. […] I was more comfortable with it before Edward Snowden existed (sic). And now what I know, where you have companies like Lavabit, where federal authorities will come in with outrageous warrants… and so… there was just a recent crackdown on Tor and so, right?
[…] Here’s the thing: in a post-Snowden world, if I decide to run Tor Browser, everytime I type “Tor browser” into this, there is a ping that goes off to Canonical’s servers and says “the person at this IP address just launched Tor”. Now, if I’m the federal authorities, I can go subpoena these records and I can say “now look, we saw this Tor traffic, and we saw your computer launch Tor at this time, let’s go get a warrant and search through Chris’ files because we saw, when we subpoena’d Canonical’s information, that he launched the Tor browser on his computer, thereby giving us justifiable means to search his whole machine.
Why did they even put themselves into that position?!
[…] The main problem is… it gives a record of the commands I launched on my computer. It’s a keylogger.”
This depiction is so simple, yet so elegant and powerful in explaining the issue at hand! It makes me glad to be running a desktop environment that aims to spearhead privacy by default and by principle, governed by the community and a registered non-profit organization rather than controlled by a single entity keen on turning me into the product to be monetized out of desperation.
Sure, you could say privacy does not exist, but the local computing experience of an open-source desktop operating system is an entirely different matter than the world-wide web. Locally run open-source software is the last bastion, the one area where we can put our trust and must hold our ground.