No. That "feature" is in ubuntu's unity desktop...not installed or used in kubuntu.

No. Like kubicle said, that is only a feature of Ubuntu's Unity desktop.

David Edmundson's thoughts: http://planetkde.org/ -> http://www.sharpley.org.uk/blog/ubuntu-search


Daily Ubuntu / Linux news and application reviews : http://www.webupd8.org/ -> http://www.webupd8.org/2013/10/8-thi...ng-ubuntu.html

I wouldn't put too much weight on that, Mr. Edmundson doesn't seem to have a clear grasp on the technical implementation of the lenses, and misses the point of the EFF's stance (and the privacy concerns) on the subject completely.

i was a bit confused when i read his blog post on planetkde ,i also think he's just missing why its an issue.

I feel that one of my epic deconstructions is certainly in order here.

Really? Have you conducted user group meetings or otherwise gathered a sufficiently large dataset of individuals who have asked that search sources be "abstracted"? I certainly would never want that. When I search for something, I am nearly always aware of the scope of the search, and wish to confine the search there. The existence of a song on my hard drive absolutely means I have no need to go searching elsewhere for that. It's disingenuous, indeed, to presume that I want to search the entire world every time I forget where something is. Or perhaps Ubuntu users are incredibly disorganized people, I really don't know.

Duh. So don't assume that online is the source for every answer to every search.

But wait...an eavesdropper who captures the traffic can grep through the result and reconstruct the search terms pretty easily, because these terms will be common in all the results. Surely this is not some new revelation to you?

Please explain to me the differences between (a) being tracked by Google and (b) being tracked by Canonical. If your answer includes points such as "we do not share this information with third parties," then please explain what possible benefit Amazon, for example, might derive from participating in the Lens program. Certainly you must realize that searching Amazon via the Lens reduces my exposure to much of what makes Amazon Amazon, including features such as recommendations, reviews, one-click shopping, etc. Arguably, a Lens searcher is much less valuable to Amazon than a direct user of their web site. So please, why would Amazon be interested in the Lens?

Thank you for answering my question! So unless I know how to change a default setting, my searches for pr0n on my local machine go to my former employer as well! How reassuring that you have my best interests in mind. But a lot of searches are just noise from Amazon's perspective. For example, I might forget which folder I stored "RiOS-protocol-roadmap.odt" in. A search like that means nothing to Amazon, yet it wastes my bandwidth, wastes their bandwidth, wastes their processing time, and slows down my Lens. It also sounds "interesting" to any of my current employer's competitors.

Mozilla sets their default to Google because Google provides 85% of Mozilla's funding. Even though you acknowledge this, it still weakens your argument. Is Amazon now providing 85% of operating funds to Canonical?

The key word here is "manually." A user must prefix a search with "ddg:" to expand the scope to an online service. The KDE implementation of online search is opt-in by design. Your attempt to rationalize Canonical's privacy-invading approach by linking it to KDE's privacy-respecting approach is disrespectful and potentially misleading.

Ah, OK, so my (b) from above is not happening. But yet an earlier statement of yours confirms that while Canonical won't have a list of my files, Amazon will slowly be able to compile a list of my files, or at least the ones I search for, over time. I can hear the datamining experts salivating at their TCP sockets already!

Are you trying to argue that storing metadata isn't a concern? Seriously?

It isn't? The EFF writes: "Technically, when you search for something in Dash, your computer makes a secure HTTPS connection to productsearch.ubuntu.com, sending along your search query and your IP address." We can discard the "HTTPS" shibboleth here because that's not what matters. What does matter is that my search terms, once they arrive at productsearch.ubuntu.com, have to be stored in clear text at least for the period of time required for Canonical to forward my search terms to the various Lens third parties. You are acting as a man in the middle, an eavesdropper, a spy.

Do you ever, like, read news? Have you heard about this TLA called NSA, and what they like to do with data while performing a CYA? While it's probably unlikely that an attacker would target a specific individual's search results, what if someone parked on the backside of productsearch.ubuntu.com and eavesdropped on all the searches you send to the various third party services? At a minimum, each search request must include some kind of session identifier, so that you can properly marshal the responses when collecting the results for an certain person. Search queries plus session identifiers plus search results = data plus metadata. Your evaluation of EFF's concerns is wrong. Their argument is strong; yours isn't.

The follow the KDE example, which you seem to like even though your description could be better. Oh, but wait, opt-in, while important for the community, isn't valuable to Canonical. At least Canonical is predictable.

Ah, an admission that EFF's argument is strong. Although you guys have a tendency to react to weak arguments, too, so perhaps you have other motives than limiting eavesdropping. Michael explains: "Not sure when this was published, but as of Ubuntu 13.10 the result images are also going through Canonical's servers and back to the user over SSL, so the concern about 3rd parties or MiTM attacks has been addressed to a large extent." Is it still not obvious that Canonical is the MITM here? You may wonder why the backlash continues -- take a cold hard look at how Canonical's decisions routinely aggravate the community. Trust is easy to lose and difficult to regain.

"Ignorance"? Come on -- the dash has fundamentally changed its prior behavior, and how does J. Random User know this? S/he must divert his/her eyes from the upper left corner where typing takes place to the bottom right corner, notice the new circle-bang, and task-switch away from the search and click the icon. For all the time Canonical claims to spend on UI design, please consider how much of an utterly abject failure this is.

I'm glad you agree! Shut if off by default, then.

Wait, what? How else would someone know to criticize unless they've actually seen -- and used -- the bar? Where did you learn to construct an argument?

Conversely, Canonical appears to believe that intentionally blurring a very important distinction -- what many of us consider to be a security boundary -- will entice more people to switch to desktop Linux? That is, if you commit the same sins as your principal rivals, you believe your user base will grow as a result? Are you all really so daft as that?

This is ridiculous comparison, because Firefox does not perform local searches. Wow, you really need to go back to debating class.

Now that's an impressive reach. Spies obviously interface with charges, middlemen, and targets. Middlemen themselves can often be spies. Dash, and productsearch.ubuntu.com, are middlemen, collecting data beyond my (the target) desired scope and sending it to various third parties (the charges).

To continue to defend a mechanism that has been repeatedly and correctly criticized reflects a readjustment of priorities, discounting the values of the community that made Ubuntu successful. Loyalty from us is the primary reason why Ubuntu holds the position it now has. You are rapidly losing that. The replacements, supplicants you dearly hope to appeal to, do not embody the same kind of loyalty that made you successful. Think about that, please.

Ooh, a forum thread about me.

There's lots of "you"'s in that and I think there's been some misunderstanding.

I'm a KDE developer (hence my post being on PlanetKDE). I'm not a Ubuntu user, and I'm definitely not a Ubuntu developer (save for a few patches in LightDM).

I had to run Ubuntu whilst investigating a KDE bug which I thought might be system-wide, given all the news I was curious to check out the dash to see what it was like for myself. I honestly don't think that someone could get confused by a bar titled "search online and local sources" and there's an entire tab next to it for choosing which source you want to search. Having installed some lenses it all made sense. TBH It's not too far from some of the goals of KDE's (failed) Project Silk.

I wrote that post because there is a lot of misinformation being spread; people claiming it uploaded all your personal details whenever it did a search. Even you say "Amazon will slowly be able to compile a list of my files". No they can't! It goes through productsearch.ubuntu.com to anonymise it.

For people saying I don't know what I'm talking about, I would urge you to read the EFF website properly. The EFF are awesome and they definitely know what they are talking about. What they say here (and note that the one security issue they mention here is addressed) https://www.eff.org/deeplinks/2012/1...and-data-leaks. What I aimed to convey, is this is a world apart from the whipped up social media frenzy which makes out that Ubuntu's search bar is scarier than Darth Vader taped to the back of a shark.

If " It goes through productsearch.ubuntu.com to anonymise it.", then "Ubuntu's search bar is scarier than Darth Vader taped to the back of a shark." Perhaps not your intent, but the effect is there as is the meaning.

The simple fact that someone's data is being intercepted and collected, and compiled and stored without explicit permission of that someone - is just wrong. To do so and justify it by saying "well you didn't tell me to stop" - is just wrong. The fact that the default behavior of so many organizations, including governmental, is to do that - is just wrong.

And if the answer is - with ego set to extreme prejudice - "well just sue me", then it is just wrong AND idiotic.

If you want my data, then ask - every time. Don't assume that my silence is acquiesance. Big companies and government organizations take the position of "ask for forgiveness rather than permission" to a bullying extreme and it's becoming more disgusting with each passing incident. It's no longer cute.

The queries go through productsearch.ubuntu.com, but the image requests don't. It's trivial to match the queries with ips.

Queries don't go through productsearch for anonymisation, they go through so Canonical can get the referral income.

Even if the data actually was anonymous for 3rd parties, it's just as bad (in the privacy sense) for Canonical itself to collect that database without explicit user consent.

Also, if you read your own link, the privacy concerns are not addressed (see "What EFF Wants From Ubuntu")

It's not, but it certainly is the most privacy invasive feature I've ever seen in the open source software world (mainly because it's enabled by default).

Lol I tup the thread about me comment! lol

I seem to 'member being told by an admin in another forum that I should stop using the term "Microsith"; that it wasn't "sophisticated" and a "relic of a bygone era" and was "counterproductive". lol

i left. lol

woodsmoke