spyware, the new normal [was Re: tracking what files are being accessed by a process?]
Matt Price
moptop99-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Tue Jan 8 05:55:57 UTC 2013
On Mon, Jan 7, 2013 at 2:08 PM, D. Hugh Redelmeier <hugh-pmF8o41NoarQT0dZR+AlfA at public.gmane.org> wrote:
> | From: Matt Price <moptop99-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org>
>
> | > huh, that does seem intresting. In particular, skype seems to be
> | > going through all the files in my .mozilla/firefox profile, espeially
> | > the zotero storage directory, which is rather large. hmm. I don't
> | > really like that at all! not sure though what I can do to stop it,
> | > or why it would ever happen in the first place!
> |
> | just for the archive: I solved this using the apparmor profile pasted here:
> | http://pastebin.com/raw.php?i=b1dicunW
> |
> | now skype startup is much faster and my system far more responsive
> | when skype is up. and skype/microsoft are no longer tracking my
> | internet usage, or whatever it was they were doing before.
>
> I'm shocked and appalled.
>
> There is a convention on Linux, and to a lesser extent, all desktop
> OSes, that programs only do what you want them to. They don't spy on
> you and feed back information. If they do, they ask specific
> permission.
>
> The web doesn't work like that. It's almost a given that a website
> will try to squeeze as much out of you as possible. But generally we
> try to keep that circumscribed.
>
> General rule: what's on your device stays there; what's on the web
> goes anywhere.
>
> Smart phones have blown big holes in this. They are devices but act
> like web sites but have an enormously greater amount of what I would
> want to be private. Starting with tracking where I am physically and
> where I've been.
>
> Almost by default, "apps" spy on you.
>
> Bad news: apps are arriving on everyones desktop. Win8 is all about
> apps. Ubuntu's Unity Desktop search, by default, sends your queries
> to Canonical and thence to Amazon.
>
> Skype on Linux has just shown that it too is as evil as a web site but
> has more powers.
>
> Matt blocked a bunch of files
> deny @{HOME}/.mozilla/ r,
> deny @{HOME}/.mozilla/*/ r,
> deny @{HOME}/.mozilla/*/*/ r,
> deny @{HOME}/.mozilla/*/*/bookmarkbackups/ r,
> deny @{HOME}/.mozilla/*/*/chrome/ r,
> deny @{HOME}/.mozilla/*/*/extensions/ r,
> deny @{HOME}/.mozilla/*/*/prefs.js r,
> deny /etc/passwd r,
> (I think that I understand the first and last; why are the others not
> redundant?)
>
I'm not sure myself; I think this maybe modifies an earlier file
,which allows access to a few spcifi files/directories within .mozilla
(prefs.js in particular, which skype sometimes uses in order to access
proxy information, IIUC).
Interestingly, this is a known issue, and there are discussions about
it e.g. on Arch Linux's wiki & ubuntu's skype LP page. But ubuntu,
which uses apparmor by default, only distributes a fix (slightly
different from the one I installed) in an optional package that is
rarely installed (apparmor-profiles). And I only found out about it
because I happen to have a huge .firefox directory (zotero stores pdfs
there, which is actually kiind of a bad practice) which leads to a
performane issue... It's all rather disturbing.
m
> Could you not turn it around and list what you are OK with having it
> access? Like: its own dotfiles and the dynamicaly linked libraries.
>
> Maybe we need a branding, like GPL or CC*, one that designates "only works
> on your behalf, not someone elses".
> --
> The Toronto Linux Users Group. Meetings: http://gtalug.org/
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list