How wide spread is Linux spyware?

Ralf unknown.crewman at rocketship.com
Fri Jul 10 09:16:38 UTC 2015 

Hi,

wow, not only Ubuntu, but seemingly at least one *buntu flavour too does
use spyware.

Are there other distros, or some environments doing the same?
I know that e.g. atom-editor phones home by default and browsers tend to
do it too.

The original thread is archived here:

https://lists.ubuntu.com/archives/xubuntu-users/2015-July/008547.html


Begin forwarded message:

Date: Fri, 10 Jul 2015 11:05:13 +0200
From: Ralf
To: xubuntu-users at lists.ubuntu.com
Subject: Re: [xubuntu-users] "System program problem detected"


On Fri, 10 Jul 2015 17:21:55 +1000, Rob Ward wrote:
>> Eric Christopherson wrote:
>>
>>> Lately I've been getting this strange dialog saying
>>>
>>>      System program problem detected
>>>
>>>      Do you want to report the problem now?
>>>
>>>      [Cancel] [Report problem...]
>>
>Just slightly off topic, but how we know when we respond to these
>alerts and we blithely type in our password to authorise the details
>to be sent off that we know that the alert is genuine and not just
>a faked up window to capture our password??
>I am never logged in as root, but routinely use my password in
>these situations.
>I am not doubting Eric's problem exists, but I am often unsure
>about various alerts I get, and how secure my response is?

It's dubious if a window pops up, asking for your password, to send data
through the Internet. I already would be careful with software that
asks to send a bug report, when the root password isn't needed.
Note, even the information of the full window size could be used to
track you, that's why TOR browser warns you to not full size the TOR
browser window. You might have stored some unencrypted passwords in
files that only need user permissions, that's why on serious mailing
lists, developers always mention to check log files, debug files etc.
against passwords and to remove them before posting them in a bug
report.

Those bug report tools are simply spyware and should be abandoned. Even
if the original bug report software should guarantee complete
anonymity (but it doesn't!), you never know if it's the original
software or phishing software.

Turn of all "phone home" options, of all the software you are using,
resp. be aware that you can't do this for e.g. some much used Web
Browsers.

However, be careful with bug reports, especially with bots that
sends data to Canonical. Canonical is known for including spyware to
Ubuntu.

http://www.gnu.org/philosophy/ubuntu-spyware.en.html

Regards,
Ralf

More information about the D-community-offtopic mailing list