I've alwys suspected the sort of thing the Snowden documents on PRISM, etc prove. That's why I removed Unity when this issue came up. It was replaced in my backup DE list with a Cairo-dock/Compiz session. For my main DE I use Cinnamon, but Unity with all scopes removed MIGHT be safe. Trouble is, for the sort of folks I distribute computers to I cannot take a chance and cannot distribute an OS known to put local activity of ANY type on a network.
I consider all online scopes to be a threat, as combining local with online searches could enable the NSA over time to figure out the content of your filesystem. Also, if ever the NSA finds and exploits a vulnerability in a scope, that would be an obvious target for exploitation, as the dock already talks to the network, and already lists files. Therefore, it is in the same category as installing a webserver in a machine that will never be used as a webserver: unused exploitable software that talks to the network. This does not require any malicious intent by Canonical, only malicious intent by the NSA or any other attacker.
Therefore, I now do not distribute Ubuntu's main distro. 12.04 and earlier are safe but getting old fast-and if someone updates 12.04 to a new version and does so with Ubuntu-Desktop installed I don't know if they get the scopes. As of now, if not distributing my own private fork, I give out either Mint or UbuntuStudio, the former with Cinnamon or MATE, the latter with XFCE.
I've alwys suspected the sort of thing the Snowden documents on PRISM, etc prove. That's why I removed Unity when this issue came up. It was replaced in my backup DE list with a Cairo-dock/Compiz session. For my main DE I use Cinnamon, but Unity with all scopes removed MIGHT be safe. Trouble is, for the sort of folks I distribute computers to I cannot take a chance and cannot distribute an OS known to put local activity of ANY type on a network.
I consider all online scopes to be a threat, as combining local with online searches could enable the NSA over time to figure out the content of your filesystem. Also, if ever the NSA finds and exploits a vulnerability in a scope, that would be an obvious target for exploitation, as the dock already talks to the network, and already lists files. Therefore, it is in the same category as installing a webserver in a machine that will never be used as a webserver: unused exploitable software that talks to the network. This does not require any malicious intent by Canonical, only malicious intent by the NSA or any other attacker.
Therefore, I now do not distribute Ubuntu's main distro. 12.04 and earlier are safe but getting old fast-and if someone updates 12.04 to a new version and does so with Ubuntu-Desktop installed I don't know if they get the scopes. As of now, if not distributing my own private fork, I give out either Mint or UbuntuStudio, the former with Cinnamon or MATE, the latter with XFCE.