Ubuntu Spyware: What to Do?

For discussions about security.
Message
Author
User avatar
d4p
Posts: 439
Joined: Tue 13 Mar 2007, 02:30

Ubuntu Spyware: What to Do?

#1 Post by d4p »

One of the major advantages of free software is that the community protects users from malicious software. Now Ubuntu GNU/Linux has become a counterexample.
http://www.fsf.org/blogs/rms/ubuntu-spyware-what-to-do

How about puppy & other linux distros?
How can we know as a user which one contain spyware or not?
tlchost
Posts: 2057
Joined: Sun 05 Aug 2007, 23:26
Location: Baltimore, Maryland USA
Contact:

Re: Ubuntu Spyware: What to Do?

#2 Post by tlchost »

d4p wrote: How can we know as a user which one contain spyware or not?
One suggestion would be not to distro-hop.

When the black Helicopters are overhead, you'll know that the distro you use is the culprit.

The safest course may be not to connect to the Internet.
nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

Re: Ubuntu Spyware: What to Do?

#3 Post by nooby »

d4p wrote:One of the major advantages of free software is that the community protects users from malicious software. Now Ubuntu GNU/Linux has become a counterexample.
http://www.fsf.org/blogs/rms/ubuntu-spyware-what-to-do

How about puppy & other linux distros?
How can we know as a user which one contain spyware or not?
Maybe tlchost tease you or he is dead serious.
I guess we can ask him to let us move into his home
that has to be a safe place indeed.

Back to your topic. Thanks for that link.
http://www.fsf.org/blogs/rms/ubuntu-spyware-what-to-do

We could do google search to see of people that are good at programming
has any suggestion maybe? I will try to do some googling tomorrow
and if I forget about it do remind me.
I use Google Search on Puppy Forum
not an ideal solution though
nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#4 Post by nooby »

Ubuntu, a widely used and influential GNU/Linux distribution, has installed surveillance code. When the user searches her own local files for a string using the Ubuntu desktop, Ubuntu sends that string to one of Canonical's servers. (Canonical is the company that develops Ubuntu.)

This is just like the first surveillance practice I learned about in Windows. My late friend Fravia told me that when he searched for a string in the files of his Windows system, it sent a packet to some server, which was detected by his firewall. Given that first example I paid attention and learned about the propensity of "reputable" proprietary software to be malware. Perhaps it is no coincidence that Ubuntu sends the same information.

Ubuntu uses the information about searches to show the user ads to buy various things from Amazon. Amazon commits many wrongs (see http://stallman.org/amazon.html); by promoting Amazon, Canonical contributes to them. However, the ads are not the core of the problem. The main issue is the spying. Canonical says it does not tell Amazon who searched for what. However, it is just as bad for Canonical to collect your personal information as it would have been for Amazon to collect it.
I have a very poor memory but I do recognize this
and it maybe is many months ago but did we not discuss it here?
on Puppy forum?

Or was that on some other forum. I am active on too many sorry.

So what to do?
Does Lupu Puppy by accident have this in it without the devs knowing about it?
I use Google Search on Puppy Forum
not an ideal solution though
tlchost
Posts: 2057
Joined: Sun 05 Aug 2007, 23:26
Location: Baltimore, Maryland USA
Contact:

Re: Ubuntu Spyware: What to Do?

#5 Post by tlchost »

nooby wrote: Maybe tlchost tease you or he is dead serious.
I guess we can ask him to let us move into his home
that has to be a safe place indeed.
No one is invited to move in....THe building is infested with proprietary software and applications designed to operate on the Dark Side.
We could do google search to see of people that are good at programming
has any suggestion maybe? I will try to do some googling tomorrow
and if I forget about it do remind me.
It would seem to me that if the spyware is found to be objectionable, one could always simply not use the OS that has it. It may be hard to believe, but the market force of a large number of folks refusing to use an OS because of the built-in spyware might cause the developers to abandon the plan.

Conversely, some enterprising person might prove/certifiy that their OS was spyware free, and thus gain converts from the evil OS that spys on them.

Thom
nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#6 Post by nooby »

Oh I envy you. The Dark Side those guys can code indeed.
I've seen their Death Star impressing thing that one :)

Yes they explain it in that text it is a kind of connect to their server
showing searches. so typical.

Should I trust that every Ubuntu variant have it like
Netrunner and Linux Mint and what have you?
I use Google Search on Puppy Forum
not an ideal solution though
tlchost
Posts: 2057
Joined: Sun 05 Aug 2007, 23:26
Location: Baltimore, Maryland USA
Contact:

#7 Post by tlchost »

nooby wrote: Should I trust that every Ubuntu variant have it like
Netrunner and Linux Mint and what have you?
I have no idea...I think what we're seeing here is commercialism creeping into the sacred halls of "Free" software. It hyad to happen, sooner or later.

I think the most effective way to combat this type of thing is simply not using an OS that offends you. You could also add fuel to the fire by making public statements on why you don't use it. Public statements in a forum such as this one may not do much good, as it may be akin to "preaching to the choir".

Years ago one very large retailer redesigned their site in such a way that only Internet Explorer would work. My immediate reaction was to call the corporate office, cancel my account and tell them why. Next I got some other folks who were offended by the redesign to complain.

I even took the pains to document what per centage of the computer community did not use IE....and suggested to the company that it made no business sense to alienate a significant number of present and future customers.

The company redesigned their site to be less browser specific.

My point is complaining does little....one needs to jab needles into what folks value...their income, reputation, egos to affect real change.

How far can/should it be taken? Boycott Ubuntu...sure....boycott things that use Ubuntu as a base...sure.

I'll leave it up to others to ponder boycotting puppies that are based on Ubuntu :lol:
nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#8 Post by nooby »

Wow that was a good thing you did there.
Yes I remember that IE where peculiar that way
that it had html things that where different.

One had to have two browsers for to check up how
the site looked in both.

Being as noob as I am I have no clue on what to do.
So I should STFU about it :)
I use Google Search on Puppy Forum
not an ideal solution though
User avatar
Terryphi
Posts: 761
Joined: Wed 02 Jul 2008, 09:32
Location: West Wales, Britain.

#9 Post by Terryphi »

nooby wrote:
Should I trust that every Ubuntu variant have it like
Netrunner and Linux Mint and what have you?
Linux Mint by default includes a package mint-search-addon. This adds the extension Mint Search Enhancer to Firefox. It can be disabled (but not removed) using Tools>Add-ons.

The extension is not added to Opera so that is yet another reason to use Opera.
[b]Classic Opera 12.16 browser SFS package[/b] for Precise, Slacko, Racy, Wary, Lucid, etc available[url=http://terryphillips.org.uk/operasfs.htm]here[/url] :)
User avatar
Q5sys
Posts: 1105
Joined: Thu 11 Dec 2008, 19:49
Contact:

Re: Ubuntu Spyware: What to Do?

#10 Post by Q5sys »

d4p wrote:One of the major advantages of free software is that the community protects users from malicious software. Now Ubuntu GNU/Linux has become a counterexample.
http://www.fsf.org/blogs/rms/ubuntu-spyware-what-to-do

How about puppy & other linux distros?
How can we know as a user which one contain spyware or not?
You can figure this out on your own if you've got some skill. Install a packet sniffer like wireshark on your system... turn it on, and then just mess around on your system and see if anything calls out to the internet. if when you do desktop searches you see outgoing data.. then you can track down where its going.
User avatar
d4p
Posts: 439
Joined: Tue 13 Mar 2007, 02:30

#11 Post by d4p »

Thanks for all comment.
I am not familiar with wireshark and will try it.
I think firewall with in-outgoing support should help.
Is out there a firewall with in- outgoing support that by default block all ports?
Just open the port(s) what we need only.
Johnny Cache
Posts: 29
Joined: Tue 06 Nov 2012, 10:24

#12 Post by Johnny Cache »

I know this sounds over-simplistic, but the easy answer is to ditch Ubuntu. Debian is way better than it used to be. It even comes with support for mp3s and common codecs out of the box now, and it comes with GNOME Shell and lots of plugins. Ubuntu isn't that much easier to install anymore.

For realz.

.
Well my daddy left home when I was three, didn't leave much for mom and me
Just 512 MB of RAM, and an empty bottle of booze
postfs1

Re: Ubuntu Spyware: What to Do?

#13 Post by postfs1 »

d4p wrote:One of the major advantages of free software is that the community protects users from malicious software. Now Ubuntu GNU/Linux has become a counterexample.
http://www.fsf.org/blogs/rms/ubuntu-spyware-what-to-do

How about puppy & other linux distros?
How can we know as a user which one contain spyware or not?
Maybe as shown here: http://en.wikipedia.org/wiki/File:Linux ... meline.svg
Information about the Internet page: This work contains material which may be subject to trademark laws in one or more jurisdictions. Before using this content, please ensure that you have the right to use it under the laws which apply in the circumstances of your intended use. You are solely responsible for ensuring that you do not infringe the rights to this trademark. See our general disclaimer. The use of this trademark does not indicate endorsement of the holder by Wikimedia Commons or the Wikimedia Foundation, nor vice versa.
User avatar
sszindian
Posts: 807
Joined: Sun 25 Apr 2010, 02:14
Location: Pennsylvania U.S.

Re-Think

#14 Post by sszindian »

And for all who think you are even 'slightly secure' because of the software, browser or hardware you use.

Here are but a few sites that will make you re-think!

------------------------------------------------------
Carnivore: US Government Surveillance of Internet Transmissions-


http://www.vjolt.net/vol6/issue2/v6i2-a10-Jennings.html

------------------------------------------------------
Hackers Equipment For Surveillance:

http://www.privatewifi.com/a-hacker%E2%80%99s-toolkit/

------------------------------------------------------

And on the Ubuntu Spyware issue... I have been to several sites and forums on this and 'NO ONE' can give a straight 'YES or NO' that their program made from Ubuntu binaries is infected. I did find that Ubuntu has been a major contributor to development of the Linux Kernel for quiet awhile now... they have some excellent programmers... who knows?

You can believe whatever you want but as I've always said 'There is No Computer Security... Period.'

>>>---Indian------>
Cloud Computing For Every Puppy (a .pet)
[url]http://murga-linux.com/puppy/viewtopic.php?t=69192[/url]
musher0
Posts: 14629
Joined: Mon 05 Jan 2009, 00:54
Location: Gatineau (Qc), Canada

#15 Post by musher0 »

Hello, people.

I don't know if it has anything to do with spyware, but my lupu 5.25 retro has been acting up lately: freezing outright or rebooting for no apparent reason, or some program (ROX, for ex.) refusing to work while all others are running ok.

I was forced to go back to dpup 4.85 temporarily, and I have had NO problem whatsoever with dpup.

Maybe I should install wireshark in lupu, as suggested above.

Or can it simply be that my lupu_save is corrupted at the byte level? (But I use fsck.)

Thanks in advance for any ideas.

BFN.

musher0
musher0
~~~~~~~~~~
"You want it darker? We kill the flame." (L. Cohen)
musher0
Posts: 14629
Joined: Mon 05 Jan 2009, 00:54
Location: Gatineau (Qc), Canada

#16 Post by musher0 »

Hello again.

I'm in dpup 4.85 right now, so not searching for the Ubuntu spyware bug per se.

Just done a little procedure in console :

Code: Select all

lsof -i -nP
this will list the open ports. Basically, the only ports open on your machine should be the one for cups and the ones for your browser.

(I won't list mine for obvious reasons.)

You can check the number of each port manually at
(Sorry for not highlighting the url properly, this function of the forum is not responding tonight.)

http://www.speedguide.net/scan.php[/url]

Again, no pic for obvious reasons, but you'll see pretty clearly an entry rectangle to test your ports towards the bottom of the page.

The ports you want to check are those in the lsof list. They are indicated after the the URL number, after the colon.

lsof does not come in Puppy by default, so... here's mine. It's compatible with dpup-4.85, so probably with all Puppy's > v. 4.31.

If you do this on a lupu, the ubuntu spyware bug should show up in the lsof list if your Puppy has it.

You can start learning about lsof here : https://en.wikipedia.org/wiki/Lsof[/url]. The French wikipedia about it has an even better illustration of what it does. https://fr.wikipedia.org/wiki/Lsof_(Unix)[/url]

You can download the lsof source code from the author's site and build your own if you like. http://people.freebsd.org/~abe/[/url]

Hoping to be of help.

musher0
Attachments
lsof.tar.bz2
(43.65 KiB) Downloaded 476 times
musher0
~~~~~~~~~~
"You want it darker? We kill the flame." (L. Cohen)
musher0
Posts: 14629
Joined: Mon 05 Jan 2009, 00:54
Location: Gatineau (Qc), Canada

#17 Post by musher0 »

Sorry to bother you again!

Please see attached picture of lsof-i result in my lupu 5.25-retro from a few minutes ago.

As expected, the only open connections on this lucid Puppy are cups and opera's weather widget. This Puppy does NOT have the ubuntu spyware bug.

Puppy's are very probably the most secure linuxes around, you know... :)

BFN.

musher0
Attachments
lsof-i.jpg
(22.58 KiB) Downloaded 531 times
musher0
~~~~~~~~~~
"You want it darker? We kill the flame." (L. Cohen)
musher0
Posts: 14629
Joined: Mon 05 Jan 2009, 00:54
Location: Gatineau (Qc), Canada

#18 Post by musher0 »

And if you do find some spyware on your Puppy, here's a lead as to how to block its port.

http://www.info.com/searchw?qkw=blockin ... &qhqn=&KW=
musher0
~~~~~~~~~~
"You want it darker? We kill the flame." (L. Cohen)
musher0
Posts: 14629
Joined: Mon 05 Jan 2009, 00:54
Location: Gatineau (Qc), Canada

#19 Post by musher0 »

Sorry for being all over this thread...

Aren't we overreacting? Playing a psychological game of "Ain't it awful?"

(The ethics of Ubuntu's gesture should certainly be debated, but I'm trying here to stay focused on "keeping the paranoia practical", as one IT title goes. Let's save the nagging and finger-pointing for when everybody is safe and feeling safe.)

I just read that the the offending spyware is only activated when the user uses a particular search feature of Ubuntu's Unity desktop. A comment by "SMed79", on http://www.tux-planet.fr/comment-desact ... ns-ubuntu/.

If the Ubuntu user replaces Unity with another Desktop Environment, such as gnome, the problem disappears. Puppy has Ubuntu-inspired versions, but I believe that even jejy69's Precise puplets DO NOT use the Unity Desktop Environment. We have lots of wm's, but NOT Unity.

Problem solved, I'd say. Except for glaring and explicit evidence to the contrary, we can say, out of logic reasoning, that the Ubuntu Spyware bug is NOT in Ubuntu-inspired Puppy's.

Besides, if it's ever imported in Puppy country, whoever is reading this thread is now forewarned and has a couple of tools to ferret it out.

BFN.

musher0
musher0
~~~~~~~~~~
"You want it darker? We kill the flame." (L. Cohen)
amigo
Posts: 2629
Joined: Mon 02 Apr 2007, 06:52

#20 Post by amigo »

The Ubuntu 'spayware' is part of their 'dash' environment -otherwise it does not work.
Post Reply