Switch to Debian - Ubuntu Spying



  • This is a biggie but I don’t say it lightly. Cloudron needs to move from Ubuntu to Debian or Fedora/CentOS, or at least have the option.
    Ubuntu phones home on install via the message of the day on new installs. Therefore it is unsuitable for privacy minded people.
    https://news.ycombinator.com/item?id=21893481



  • Suggest this should be under Discuss, not Support.



  • @will said in Switch to Debian - Ubuntu Spying:

    privacy minded people

    What if they just removed the motd?



  • @will You aren't wrong but just because a MOTD day "phones home" doesn't mean they are spying. Also this feature is easily disabled. I suspect you are blowing this way out of proportion. HOWEVER - If you are uncomfortable using a piece of software, do NOT use it.



  • @yusf This goes to Canonical's long history of collecting user data without consent, then backtracking.
    Cloudron requires a clean ubuntu install, I don't want an OS that thinks it's okay to send my user data back home in an "opt out" style of operation.
    What that tells me is they are privacy hostile, and don't use secure defaults. Compare to Debian, or OpenBSD.



  • @murgero The feature being easily disabled isn't the point. The point is they are willing to implement this feature as an "opt-out" feature. Sending any of my info over the public internet that I didn't specifically allow is not a secure default. I work in the highest security networks in the world, this is an obvious and 100% no go for user privacy.
    This begs the question, what does Ubuntu provide for Cloudron that Debian does not?
    This isn't a one off mistake. Canonical has a long history of pulling moves like this.
    We all self host for various reasons, I'd wager that many of us choose to self host for ownership of our data, and privacy from data collection that we didn't sign up for.
    Only the Cloudron devs know for sure, I can only speak for myself.

    Are the Cloudron devs ok with arbitrary data collection and insecure defaults for the OS they base their system on?



  • @Hillside502 This is a support issue. Ubuntu is the foundation for Cloudron, and Ubuntu has a long history of non-user chosen data collection. Is this okay with this okay with the devs?



  • @will This is definitely a discussion and not a support issue. Is something broken in Cloudron? No? Then it’s not a support issue.

    I would love to see this project be usable on something like CentOS, but that’s really more because I’m just more experience with CentOS than I am with Ubuntu, not so much for the privacy concerns you raise.

    Cloudron simply requires the OS be Ubuntu, it doesn’t require that Ubuntu telemetry be enabled. You’re welcome to disable it all before installing Cloudron and Cloudron will continue to work as its intended to work. You are the admin, you need to maintain your Ubuntu configuration to match your needs. If you require telemetry be disabled, then simply disable it.

    If your concern is more the fact that Ubuntu collects telemetry “by default”, well... everyone using Cloudron is likely familiar and technical enough to be comfortable tweaking systems and ensuring that the defaults are actually what they desire and changing anything that isn’t matching their expectations. The same as how one goes through Settings on iOS periodically to make sure everything is as they want it.

    If you are THAT concerned about the telemetry data being collected on Ubuntu by default, then simply don’t use the software that requires Ubuntu until it reaches a point where it can support other operating systems too. The team at Cloudron is small, moving to support an entirely different operating system is no small/trivial task, so even if they decided today to move to CentOS it’s probably going to be at least half a year of effort if not much longer than that to be fully matured on CentOS.

    Ultimately it’s worthwhile to always consider “risk vs reward” and what data is actually being collected that constitutes a “risk to user privacy”. Personally I don’t care if the company behind Ubuntu knows the resource usage and uptime of my server. That isn’t a “privacy risk” in my opinion because that aren’t actually collecting any user generated data, they’re collecting statistics in that case. However it would be a completely different story if they were also copying over user filesystem data which would contain my emails and website data, client data, passwords, etc.

    In summary:

    • the suggestion to move to something like CentOS I fully support, I’d love to see that be done.
    • in the meantime, you need to make a decision: use Cloudron on an OS you apparently don’t trust, or delay using Cloudron until it supports an OS that you trust.
    • if you choose to go with using it still for now on Ubuntu, simply disable the telemetry data collection in Ubuntu to better meet your expectations/use-case.
    • this is a discussion not a support case since Cloudron is not broken nor having any issues. Cloudron does not require Ubuntu telemetry be enabled in order to work. Also, it is always up for discussion on how much of an impact the concern you raised impacts people and everyone is going to have a differing opinion on it as to how it will impact them. Just because you may greatly care about one thing doesn’t mean others will care as much as you do nor even care at all.
    • gathering telemetry (whether at the OS level or application level) does not automatically equate to “spying”, it all depends on how that data is being used and what benefits may come from it, IMO. And this is my point, others will agree with this and others will disagree. That’s why it’s a discussion. 😉


  • @will I understand what you are saying - having it enabled by default is likely not for spying. ubuntu is open source - so it's difficult to put that kind of function in without at least ONE person seeing it there. I'd also like to point out that all though other linux distro may not have it enabled by default, they also have the option to use a phone home system like ubuntu. Also, MOTD doesn't send have of your info over the public internet, it just looks for updates and news.

    Not to mention the fact that cloudron itself also phones home so even if you put it on CentOS, BSD, or other - the resulting "Privacy" issues you have will STILL be there. Even though the collected information is not identifying and it doesnt hold sensitive information, you still choose to have an issue with it (and as such is your right - if you are worried about a piece of software doing something you don't like, change it by forking it, or move to something else.)

    As for @d19dotca - Debian is the base ubuntu was based off of, it might not actually require much work (mainly some package names change tbh, that may or may not be a repetitive task to change), having a small team would make it difficult in the long run to support so I agree with that.



  • @murgero You're right, it'd likely be less of a burden if moving just to Debian. My comment however was made explicitly stating CentOS as the target OS rather than Debian (that would be my preference only as I'm more experienced with it, but Debian works too).



  • For what it's worth, my Cloudron is installed on an Ubuntu Xenial box (16.04) from Scaleway and it does not have this "feature" enabled. Someone on the HN thread mentioned that they believe it was added around 2017, so that makes sense.

    I don't imagine the diffs between Debian and Ubuntu being too vast, though given that Debian has a longer release cycle, there may be issues with older versions.

    @will, have you tried to install on Debian yet?



  • Way back when this first came up in 2017, there was a discussion on the issue boards for Ubuntu. This is the response from the PM at Canonical who added the feature including an explanation of how it has been used in the past and how they intend to use it.

    https://bugs.launchpad.net/ubuntu/+source/base-files/+bug/1701068/comments/11

    It can be disabled entirely by running sudo sed -i 's/^ENABLED=.*/ENABLED=0/' /etc/default/motd-news (source).

    Debian support would be great, but I thought I'd present a bit more information for folks stumbling on this to read up on and make a decision on how they want to manage their server.



  • @d19dotca you make great points. Thanks for the input.



  • Just quickly checked, on DigitalOcean ubuntu images, motd news is disabled by default.

    I have pushed a change to disable it by default for the next release of Cloudron as well - https://git.cloudron.io/cloudron/box/commit/c5cd71f9e35d1393f999b0e2d937558778becd80 (thanks @iamthefij)



  • @girish This is why I love you guys.



  • @will thanks 🙂


Log in to reply