Thu Apr 30, 2020 1:54 pm
How would you feel if I went to your house and installed cameras and microphones that would constantly monitor you and record everything you do. And I wouldn't even tell you? If you found out and would you try to remove it from your house (bedroom, bathroom, shower, living room, telephone)? Guess what? I would make sure you couldn't remove it. If you would find out, I would tell you that it wasn't me- it was someone else.
-"Oh don't worry I do not spy on you"
-"But its constantly recording"
-"No it isn't- you see it has your name on it: "userhousefeedback"
-"But its recording me"
-"You can turn it off- the cameras and microphones have a shiny slider"
-"I put the slider of the microphones and cameras to the left"
-"You see, I am not spying on you"
-"Are those cameras and microphones turned off?"
-"Yes they are"
-"But my uncle, who is engineer, says they are still recording- those cameras and microphone"
-"No they don't don't, its opt-in you know"
-"Oh so its opt-in. So if its opt-in how come its still running, I didn't op-in!. When did I opt-in? I put the slider to off!?"
-"I don't see the problem"
-"But I do"
-"I don't like your tone"
-"**** off. Remove the spyware"
-"If you don't like it, nobody is forcing you to use The House"
-"But it's my house, I don't want spyware"
-"Look it doesn't send anything anywhere"
-"But they're constantly recording me"
-"You are rude. I am warning you, you are troll!"
-"Remove the spyware ASAP!"
-"If you don't like The House, then don't use the house, nobody is forcing you"
-"How do I uninstall it then?"
-"Rebuild the house, its up to you"
-"What the ****? You want me to destroy My House? For **** sake! Just remove your **** microphones and cameras!"
-"You are a troll. You're banned!"
Thu Apr 30, 2020 2:21 pm
KDE Plasma "kuserfeedback" collecting telemetry data even when disabled
Plasma 5.18 forced upon us a new software component called "kuserfeedback". This is what KDE have chosen to call their shiny new telemetry module. There's a gold rush for data happening, and KDE apparently can't resist the temptation to get on the gravy train.
Besides, what's considered private information is not for KDE to decide. How I use my systems is private information to me. It's not secret, but it's private. If you don't know the difference there, you have no business handling data at all.
The amount of information collected is bound to grow, it always does. No one can resist once they have their fingers in the cookie jar. A list of what's currently in the works can be seen here. We'll just be the frogs being brought up to a slow boil. We know this tune, have seen this show many times before. There's always a plan. The time for naivety on this has passed, years ago.
If the information is collected no matter what you choose in the settings, all that information will just sit there. Problem is, it's just one little "oopsie" away from behind transmitted wholesale to KDE. One innocent bug that just happens to sell you out. Or a different application reading and transmitting it, along with who knows what else. User data protection on Linux blows. This information simply shouldn't exist.
Here are some obvious steps to take to make this better:
Make kuserfeedback an entirely optional component of Plasma. There is no excuse for not doing this, don't even try to tell us there's a good reason why Plasma can't function without this component, unless you intentionally design it that way.
Make sure NOTHING is collected when installed and disabled, not a single thing. This is very simple to ensure, if you wanted to.
So I ask: Will any of this be done?
I have tried replacing kuserfeedback with a dummy package on Arch Linux. Plasma simply freezes during startup. No data for you, no Plasma for me.
It is hard to fathom why the KDE developers would want to gamble all the good will they've accumulated over the last few years, just to see how many times I've started up Plasma. Why was this implemented this way? What's the reasoning? Why make it mandatory? Why make it collect information even when disabled?
As you can tell, I don't even mention the option of just scrapping the whole telemetry project altogether, which would be the right course for a project supporting software freedom. I'm old enough to know that when these things are brought in by the powers that be, they're here to stay. Having to manually patch and build Plasma myself will be too much for me. I'll just leave it behind, and I'm sure I won't be alone. I had a mind to donate to KDE. Now I'm just staring at that huge Google logo on the KDE homepage with a bitter taste in my mouth.
Thu Apr 30, 2020 2:57 pm
If you post this in the Development section, you are probably able to recompile Plasma (and applications using it, e.g. Kate) without the kuserfeedback dependency. That's what I did.