Multisearch addon violates user trust

Bug #410343 reported by Directrix1 on 2009-08-07
34
This bug affects 5 people
Affects Status Importance Assigned to Milestone
firefox-3.0 (Ubuntu)
Undecided
Unassigned
Nominated for Jaunty by Directrix1
Nominated for Karmic by Jonathan Rascher
firefox-3.5 (Ubuntu)
Undecided
Unassigned
Nominated for Jaunty by Directrix1
Nominated for Karmic by Jonathan Rascher

Bug Description

Having Multisearch be installed by default is akin to bundling Spyware. There are many users angry about this simply because this was included without prior consent. Separate Multisearch from the main Firefox packages, and allow people to opt in by installing it. Ubuntu is risking alienating *LOTS* of users right now. Do the right thing.

addingnumbers (addingnumbers) wrote :

How is "Multisearch addon violates user trust" a duplicate of "multisearch add on blocks the functionality of firefox location bar"?

When the functionality is fixed, it will still violate user trust. These are entirely separate problems.

FrankyT (theroarenator) wrote :

Agreed. this is spyware plain and simple, and likely violates the california anti-spyware act, as it does not include optin, standard removal and prior notification.

Directrix1 (directrix1) wrote :

I removed the "duplicate of". This is obviously a completely separate bug. The discussion in that other bug is on-topic, but obviously not the bug report itself.

Wayne Cat (exchange) wrote :

It is quite simple to remove the spyware ... delete it .. stop firefox and:

sudo rm -r /<email address hidden>

Jeff Parsons (justjeff) wrote :

Would somebody please explain exactly what this extension is supposedly doing that would qualify it as spyware, any more than a standard installation of Firefox?

goto (gotolaunchpad) wrote :

Sure it installed its self with out my permission or knowledge.

Jeremy Bicha (jbicha) wrote :

I marked this earlier as a duplicate of #402767 because this is basically the same issue. Ubuntu has clearly said that this addon is temporary and will not be in this form in the final release. Opening new bug reports saying basically "We don't like this" is not helpful. What is probably more helpful is to identify where this addon reduces functionality and even better find a solution that doesn't.

Meanwhile, I'll wait for someone else to point out that this is a duplicate bug as I don't want to get in a piddly edit war with people who choose not to believe the Ubuntu developers.

Bartek (tschew) wrote :

User trust has been broken. The only way to track usage data in free software, anonymous or not,
is by explicitly asking users to opt in, in big letters. Plain and simple.

The extension should be removed immediately and https://code.edge.launchpad.net/~asac/firefox/ubuntu.me001
reviewed for privacy breaches.

Finally, if the extension is resubmitted for inclusion, it should be different from google.xml (the default google search in firefox) So that users can naturally switch away from it if they prefer to support mozilla with searches.

http://bazaar.launchpad.net/~asac/firefox/ubuntu.me001/annotate/head%3A/debian/patches/google_code.patch

I would also like to point out that one of the patches
http://bazaar.launchpad.net/~asac/firefox/ubuntu.me001/annotate/head%3A/debian/patches/ubuntu_codes_amazon.patch
indicates that an amazon search is similarly affected. (ie: ubuntu rather than mozilla makes money off amazon searches through the search bar, whether data is forwarded, only ubuntu and amazon know)

Finally, Alexander should make it clear how exactly the usage data is collected. It seems to me that none of the public patches implement a direct data transfer. It appears like the version of the search extension and new-tab site
are different from those in the publicly visible repository (note the lack of chrome/content/tab.html in the patchset). Maybe that file is autogenerated somehow but I doubt it.

Bartek (tschew) wrote :

I would also like to add that the last revision of the above-mentioned repository dates from 2009-07-14.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers