UT is calling "Home"



  • NTP: Behind https://en.wikipedia.org/wiki/NTP_pool there doesn't seem to be a company behind? If a company is behind you never know, what they do with the data. Maybe today they do nothing with it, only waste energy and disk space collecting it? And what is technically possible tomorrow? So there is no need to generate this data at all.

    Captive Portal Check: On my Android devices I deactivated it and I didn't find out what is missing? So I still do not know why it is needed. I have read something that it is necessary for some recognition of wlan-hotspots (page in german: https://www.kuketz-blog.de/empfehlungsecke/#captive-portal). If I could deactivate it on UT, I would do it. Maybe it could be integrated in the system settings to activate or deactivate it? In that case standard should be "off".

    OT: So I understand, that if I use LibreOffice, I have to be a friend of SUN or Oracle because StarOffice was originally written by them? Yes I appreciate that Canonical developed UT but I appreciate also the use of free software.



  • @herr-b said in UT is calling "Home":

    Yes I appreciate that Canonical developed UT but I appreciate also the use of free software.

    Then I suppose you can appreciate that you can also open issue reports on GitHub/GitLab against the relevant components, and even make merge requests to change things. UBports is a small foundation with only a few core developers, attempting to maintain a very large product. We can't fix every tiny thing that every person wants to be overly pedantic about, all the time. It requires people in the community to also contribute changes if they want things changed, sometimes.



  • I opened this thread to see, if I should open an issue report on GitHub/GitLab, because I don't want to open issues, that are not handled. Looking through the answers above, I notice that this point attracts mainly negative feedback.



  • @herr-b It is not the issue you are adressing that has attracted the negative reactions, but the tone of your original post (which seems to have dissapeared? edit: this seems to be an issue with the webapp I am using) It came across as extremely condescending.

    If however you would be willing to open an issue, or better yet, submit a PR, keeping @Flohack's comments in mind. I think the issue would be given the consideration it deserves.



  • I know, objective discussion in written words is difficult, specially English is not my mother tongue. What I also notice is, that I have a different sense concerning privacy issues. In my opinion UT has to consider privacy issues, because there a many people searching for an alternative to the big companies. As soon as they can use UT on their main phone, number of UT users will increase. Unfortunately I am not a software developer, so I cant contribute with code. I really dont want to waste the time of software developers from improving UT/apps.



  • @herr-b We very much do consider privacy issues, however privacy is not simply a binary thing. It is a sliding scale, and simply because one person may consider one thing a privacy issue, does not mean it is for everyone. And such things as you are complaining about here are not so clear cut to be privacy issues either.

    There is no personal info being sent to the NTP server, nor to the connectivity check that the push notifications client performs.



  • @herr-b Well ultimately everything that runs on electric power and silicon will require money. I see the problem in the internet today that everybody wants everything for free and it must be also perfect, always available etc. It´s no wonder that companies try to sell metadata while fulfilling the wish of the users.

    Ask yourself, how much money would you spend if every and all services you use everyday would be charged? The NTP server? 1 cent/query. Weather forecast? 5cents. Google search? 15cents-20cents per query. And if you have typed in the wrong word, you will have to pay again. But this will mean the end of the internet as we know it, unfortunately. People wont use it if they see those prices.

    You can see how the newspapers struggle: They now offer ePaper magazines, but nobody wants to buy them. They put ads on their frontpages, people complain and use ad blockers. But cmon, someones has to actually work hard to get this out to the people.

    Soon we wont have any normal newspapers anymore. Just crap sites on the internet. Information freedom does not mean free as in beer. So what are we going to do about this?

    Nothing is for free in life, thats clear, but some people seem to think that this is possible, that all others will happily work for them, at no charge, at any time.

    So to say, you dont trust companies, what they will do with your data, can only apply to the fact that you are greedy and don´t want to pay them enough money for their service. For a company there is no reason to sell your data anymore if they get enough income from you. Since it requires a lot of provisions and tools to harvest data, store it, and then sell it. It´s easier to charge you directly 🙂



  • There is no personal info being sent to the NTP server, nor to the connectivity check that the push notifications client performs.

    @dobey according to the European Court of Justice the IP address is personal data.

    @Flohack I think financing UT or newspapers is a different topic, so in this case OT ... this thread is dealing about https://en.wikipedia.org/wiki/Privacy_by_design and https://en.wikipedia.org/wiki/Informational_self-determination and I think the expectations on UT regarding these topics are present.



  • Well said Flohack. It is unfortunate we have evolved into a society which expects everything to be free of cost and instantly available. Nothing in life is free.



  • Now I understand, maybe you are confusing free of charge with free like freedom? If you want to discuss about money, possibly this thread would fit better? https://forums.ubports.com/topic/4650/online-donation-platforms.

    So please stick to NTP connections and Connectivity Check.

    I add a new question: Is it possible to deactivate the Connectivity Check manually?



  • @herr-b No its not possible so far. Its used by mainly the push client to see from time to time if it needs to re-register on the push server. Doing this just so will increase the load there, as it will send many unnecessary request for keep-alive when still all is fine. Also, having a minimal call like this will make it possible for Apps to know if they must show the user "Not connected to the Internet" messages in the future (this part is not yet implemented, Morph Browser will be a candidate for this).

    Why is this important? Many public and hotel WiFi Networks inject a "Terms of Service" page where you must agree to their conditions. Paid WiFi wants you to subscribe etc. In other words, just being connected to a WiFi does not mean we are connected to the internet. They do this by redirecting any http request to the WiFi router. Sometimes they even hijack https with a forged certificate. Well thats questionable ofc.

    To prevent a bad user experience its common sense these days to do a connectivity check and tell the user early: "Hey you are in a network and DNS might even return IP addresses but because they are not reachable I can´t do x for you". Otherwise you can never know is the server down, not reachable, or the local WiFi just not working etc.

    Also a problem with "connectivity checks" is that every App can implement them if they wish. So, even if we block the one from the push client you have no guarantee that you do not leak those requests. God knows what people will put in their apps. You can only try to trace this with a packet sniffer like Wireshark. UBports can and will not review all the Aps in the Openstore for such leaks.



  • @herr-b Di you know that also the system-image updater checks for new updates once in a while? And we even send out at which version and which phone model you use, so we can send you a push notification when a new update becomes available. Just saying...



  • Thanks for the clarifications!

    OK, the update check seems to connect to system-image.ubports.com, for me this is the real home.

    The "problem" with the public Wifi you describe seems to be the same I mentioned above as wlan-hotspots with the corresponding link. During the last years I never tried these connections with my android phone with disabled captive portal check. So possibly this does not work or it requires to navigate to a specific website for login.

    The problem with the apps is clear, for that reason I mention only UT is calling "home". To prevent apps from calling trackers I think there is uAdBlock.



  • @herr-b said in UT is calling "Home":

    @dobey according to the European Court of Justice the IP address is personal data.

    And Ubuntu's Privacy Policy is here: https://ubuntu.com/legal/data-privacy

    If you think they are violating your privacy with the NTP server, or the connectivity test page, you are welcome to take it up with their legal department.



  • That's the point, I don't want to read Ubuntu's Privacy Policy, I want to reduce Third Party Services as much as possible or use independent services.



  • I'm no expert on the topic but I don't feel you can consider Cannoical a 'third-party' as this OS is pretty fundamentally connected with them.



  • I am also not a lawyer or expert on this, the FSF page also didn't help me ...
    Reading the posts I suppose that many UT users also use Ubuntu and are not questioning dependencies to Canonical.



  • @herr-b Independent (of whom and what) services and "Free" software this is wormhole territory if you want to dig or investigate that far I fear.



  • In this thread it is easy, NTP and Connectivity Check independent from "Home" ...



  • I repeat my example from above LibreOffice should be independent from SUN/Oracle.


Log in to reply