I’ve always had mixed feelings about Canonical, the company behind Ubuntu GNU/Linux. While they’ve made great contributions to free software, they’ve also been very inconsistent in their commitment to software freedom. Mark Shuttleworth’s response to the privacy concerns in Ubuntu 12.10 has fundamentally shattered my trust.
An Uneasy History
From restricted drivers to Launchpad to non-free documentation licences, there have always been concerns about Canonical’s commitment to free software. By 2010, the issues were becoming more serious. Ubuntu used to clearly warn users about restricted drivers, but in the Ubuntu Software Center, no longer is proprietary software merely tolerated, but now it’s celebrated and actively promoted. The average user doesn’t interact with Launchpad, but with Ubuntu One, Canonical’s proprietary service, users must delete, disable or ignore all of the places where it’s built-in to the Ubuntu experience. The concerns were starting to affect my everyday use.
But, I didn’t leave. I uninstalled the Ubuntu One packages, and ignored the Software Centre. Though, I did start exploring my options, with a Debian dual-boot and Trisquel in a virtual machine. However, there are many things that I do like about Ubuntu. My Ubuntu install is still 99% free software. Despite the controversy over the design process and community engagement, there are many things I like about the Unity — the current obsession of Canonical’s founder, Mark Shuttleworth. I appreciate the outcome of his previous obsession as well — Ubuntu’s release cycle works really well. And, maybe there’s some sentiment — I’ve been running the same Ubuntu GNU/Linux install, across three different computers, since I first left Windows in 2007.
In 2010, my relationship with Ubuntu became uneasy, but it didn’t end. I’m not sure I can say the same for 2013.
The Amazon Dash Debacle
The EFF, RMS and this tongue-in-cheek bug report provide a decent summary the issue: Ubuntu 12.10 raises serious privacy concerns by reporting searches in the Unity Dash — which have traditionally been local searches — to Amazon, relayed through Canonical.
That Ubuntu screwed up is obvious — at the very least, by enabling this by default. But it’s more than the mistake; it’s the response. In defending the decision, Mark Shuttleworth writes:
We are not telling Amazon what you are searching for. Your anonymity is preserved because we handle the query on your behalf. Don’t trust us? Erm, we have root. You do trust us with your data already. You trust us not to screw up on your machine with every update. You trust Debian, and you trust a large swathe of the open source community. And most importantly, you trust us to address it when, being human, we err.
This doesn’t build my trust; this shatters it. I did not switch to a free software operating system to have the overlords flaunt their control over my computer. Canonical has done many annoying and prioprietary things in the past, but “Erm, we have root” is antithetical to the very notion of software freedom. Ubuntu does not have root access on my machine, nor does Canonical have access to my data. Yes, I must trust the Ubuntu project every time I run updates on my system, but this is a relationship and responsibility to be handled delicately, transparently, respectfully — not a position of power to be flaunted. I trust Ubuntu to maintain the software on my computer. That I trust Ubuntu to provide my system with security updates and bug fixes does not in any way give them licence to do other things, like relay my Dash searches to a third-party through a proprietary network service.
To make matters worse, Mark Shuttleworth recently referred to “who rant about proprietary software” as “insecure McCarthyists.” In response to a question about “decisions that have been less than popular with the Free-software only crowd,” Shuttleworth writes:
Well, I feel the same way about this as I do about McCarthyism. The people who rant about proprietary software are basically insecure about their own beliefs, and it’s that fear that makes them so nastily critical. […]
If you think you’ll convince people to see things your way by ranting and being a dick, well, then you have much more to learn than I can possibly be bothered to spend time teaching.
Aside from the pot-kettle-black nature of his tone, this does not build my trust in Canonical.
These responses strike at very heart of my decision to use GNU/Linux — software freedom. Canonical has never consistently cared about software freedom, but their offences and missteps have come closer and closer to my everyday computing. Now, a serious violation of privacy is brushed aside dismissively because I should just trust Ubuntu and Canonical because “erm, we have root,” and to raise concerns about proprietary software is akin to “McCarthyism.”
No, Mr. Shuttleworth, you don’t have root. The fact that you think you do makes me want to move far away from Ubuntu.
After Ubuntu: An Exit Strategy
I would rather not leave Ubuntu. I don’t take the decision lightly. But developments over the past few years have made me very uneasy, and Shuttleworth’s attitude has shattered any trust I ever had in Canonical. Even if Ubuntu fixes this particular problem, I’m not sure what can be done to rebuild trust.
At the very least, I’m preparing an exit strategy:
- I’m going to install GNOME 3 in Ubuntu (and maybe LXDE). I like many things about Unity, but adjusting to a different desktop environment will make leaving Ubuntu easier.
- Then, I’ll re-evaluate other GNU/Linux distributions. I really like Debian GNU/Linux — it’s just the release cycle that gets me for a primary machine, but I’ve heard good things about Debian testing for everyday use. I’ll also take another look at Trisquel.
- I may give Ubuntu 13.04 a chance. I don’t look forward to migrating to another distribution, and the Ubuntu GNOME Remix might be a compromise. Also, it’s not just me — my wife, father, and some machines at the office all run Ubuntu, as well as my living room and recording studio machine. I’m just not sure if I can trust Ubuntu anymore. So, seeing as it may take me a few months to try out other desktop environments and distributions, I may wait to see what changes in Ubuntu 13.04, and re-evaluate middle-ground options like the Ubuntu GNOME Remix, though I’m wary of just “fixing” the problem for myself.
I’ve been patient through many Canonical missteps, and I’ve defended the Ubuntu project over the years. But the “erm, we have root” response shatters my trust in any Shuttleworth-run endeavour. It’s antithetical to the reason I switched to GNU/Linux — software freedom — and I’ll switch again if that’s what it takes.