Hacker News new | past | comments | ask | show | jobs | submit login
Ubuntu Removes the Amazon Web App (omgubuntu.co.uk)
241 points by ashitlerferad 21 days ago | hide | past | web | favorite | 99 comments



The whole reason people use Ubuntu and other free OS's is because they don't come with a bunch of commercial crap & telemetry and whatever other vendors foist on their captive audience. Going down that route is completely against what FOSS should stand for.


> & telemetry

Telemetry and crash reports can be done right so you should not hate the concept but the bad implementation.

First step is that it should all be optional and it should be disabled by default or have it as an option you are forced to decider if yes or no. You should also be informed when data is sent and what is sent and have the option to deny. Like if app X crashes I send the crash report but if app Y crashes I won't send it.

Also about telemetry if all power users turn it off then you can have situations where developers will drop a feature because they don't use it and there is no data to show that more then 12 people are using it.


> Also about telemetry if all power users turn it off then you can have situations where developers will drop a feature because they don't use it and there is no data to show that more then 12 people are using it.

Yet another reason not to put telemetry in your software.


Why? So some developers and jerks can claim that you are a snowflake if you used the feature they removed? If there was data at least you can resign that you are really special and you were in a select club but without the data the vocal developer with big ego will claim whatever he wants.


When something important gets removed (which is happening at an alarmingly increasing pace across the board), it doesn't matter at all to me why the feature was removed. What matters to me is that the software has become less suitable for my use.


>Yet another reason not to put telemetry in your software.

Can you explain a bit more your way of though? How should you decide what to support if not having the information from your user?

The only other alternative is to ask, and then only the one that answer will get supported, which sure is great for the one that answer, but that may means a much bigger audience that you won't support even though they need to be supported.


> How should you decide what to support if not having the information from your user?

There are many well-known and largely perfected methods of getting that information without the use of telemetry. The thing that general telemetry really brings is cost savings and convenience. But it also brings a peculiar kind of blindness as well, since companies largely stopped doing product research that isn't telemetry.


>There are many well-known and largely perfected methods of getting that information without the use of telemetry.

Can you link to a few of this many known methods? I am interested in ones that would fit open source projects that have no budgets for research. Thanks


Just look at how product development worked before telemetry was a thing that was possible, and how its done in other industries. This isn't hidden information.


OK, so you have no idea but you speak like you have plenty solutions. What I know of are things like Debian - https://popcon.debian.org , Ubuntu's https://wiki.ubuntu.com/Apport , Fedora's https://docs.fedoraproject.org/en-US/Fedora/13/html/Deployme...


Telemetry is 100% not a viable fit for an open source project. A very significant proportion of your potential users will either keep it disabled or if that is not possible (which would be illegal in the EU anyway) not use your software.

Just ask your users.


> A very significant proportion of your potential users will either keep it disabled

Then they made the conscious choice that their usage won't get known and thus be aware that another way of communication will have to be used.

> Just ask your users.

"A very significant proportion of your potential users" won't tell what they want, or won't even know what they want. The one that will be the most vocal won't necessarily be the voice of reasons either.


> The only other alternative is to ask

I see nothing wrong with that.


... nothing wrong with what followed? Why did you just quote the beginning when I cite a pretty good argument afterward and you don't even argue with it? We are on Hacker News please, be more thorough and defends your point.


> .. nothing wrong with what followed?

Nope.

> Why did you just quote the beginning

Because the rest can be extrapolated from it.

> We are on Hacker News please

So? Just because we happen to be on Y Combinator's corporate propaganda machine doesn't mean I'm any more compelled to respond to things about which I care not.


At least they can inform the 12 people that they'll have to support that feature themselves in the future


You're saying that as if the point of the software is to support the software, or report good numbers. It's not. The user should be the focus.

Opt-out and hard-coded systems immediately put you no the back foot. You make people question why? and is it worth it? If all you've got it reporting numbers of users, you can go do one. The risk of genuine private data leaking out is not worth your marketing numbers to me.

The Amazon link was much more egregious though. You were sending all Dash searches through to Amazon. This was unacceptable and poorly explained. I'm sure some people liked it, and they honestly could have made the integration a better trade for the user (play videos off Prime Video, etc), but only as an opt-in feature where you can see the ramifications.


> The Amazon link was much more egregious though. You were sending all Dash searches through to Amazon. This was unacceptable and poorly explained. I'm sure some people liked it, and they honestly could have made the integration a better trade for the user (play videos off Prime Video, etc), but only as an opt-in feature where you can see the ramifications.

You do realize that no version of Ubuntu was ever released with that feature? Sure, the Amazon scope was available for a while but you had to opt in in all shipped versions. Even if you had, Canonical turned their servers off in 2017 so it wouldn't have done much except time out.

It's easy to get upset about stuff people have made up in echo chamber "news" sites.

The feature article is about the link to open Amazon in the browser, not the Amazon scope in the Dash.


> You do realize that no version of Ubuntu was ever released with that feature?

Not sure that is true - I seem to remember that it was enabled by default in a couple of releases (I think somewhere around 12.04?).

> you had to opt in > It's easy to get upset about stuff people have made up

I raised this issue early in the Lens development phase. The response from the mailing list was (paraphrasing) "well, people can always uninstall the package if they don't want the feature" (at which point I then opted out entirely).

Opt-in came much, _much_ later.


People need to understand that large scale software not having telemetry borders on malpractice if it interacts with the internet. If your software is crashing on a large scale - or worse, causing problems for other people's servers or taking out users' computers - you need to know, and you need to fix it fast. You can't just wait days or weeks to get enough complaints about it from people savvy enough to file bug reports.

Look no further than how a recent Chrome update almost completely broke the software for Citrix users. Their telemetry (somehow) was not tracking this so it took days to get a fix because IT/ops people had to figure out that a Chrome update caused the bug and then escalate through chromium bug reports. Now imagine that happening any time a crash or major bug makes it into connected software...

For stuff that just runs offline, like Excel or whatever, it's super justified to not want telemetry in it if that's the tradeoff users want.

Incidentally this is basically the reason why all the major browsers are on rapid forced (unless you're in the enterprise) updates - the risk of having users stay on older versions with security holes is just too high because it ends up leading to massive botnets. I hate it, but hundreds of millions of people use those apps.


What's wrong with the little popup that asks you if you want to report a problem every time a crash happens? Is there really any problem with letting the user choose on a case-by-case basis?

If it's happening so frequently that the popup becomes annoying, you've got bigger problems.


Providing the choice is always OK and often appropriate. The problem is when people argue that software shouldn't have telemetry or automated updates at all, because then what you get is software that respects the user's desire at a surface level - no telemetry, no automated updates - while failing to respect deeper aspects of their intent, like "I don't want to get added to a botnet", "I don't want this software to crash", and "I don't want features I like removed in future updates".

You can always decide to go elsewhere of course, and software developers have the right to decide personally not to put that stuff into their apps - none of my personal projects have telemetry and most of them don't have updaters.


> You can always decide to go elsewhere of course

The problem with web browsers is that you really can't. There are really only 2 options now, and the web has become so ridiculously complicated that creating a reasonable alternative browser is nearly impossible.


Because people rarely click Yes, even if it's rare.

Plus it means little to the end user, and outside of HN, Slashdot, or other tech forums, most folks don't even know what telemetry means in an OS context. They click No, and move on.


Are you saying all of those users whose browsers are crashing on a large scale are going to say no?

Also, are you implying software should send telemetry to the mothership regardless of users' will?

There used to be a time software was tested and released finished.


> Because people rarely click Yes, even if it's rare.

In my observation the precise opposite is true; your average user will immediately click "Yes" without reading in the hopes of making the error go away.


So you're arguing that because people will decline to share the data, they should be forced to share the data?


So the solution is to deprive them of their privacy for your own benefit? I don't blame them for clicking "no" if they don't know what it will be used for.


That's fine, if it is opt-in and clearly spelled out. Some of us do confidential work and leaking URLs visited and field contents to parties not subject to NDA is absolutely not acceptable in any context.


Yeah, a coherent privacy model, disclosure etc are all super important. It's just irritating to see people act like software of this type can rationally be shipped without any telemetry to a big group of users who aren't compiling it from source.

Naturally a ton of work has to go into properly designing telemetry for something like Firefox or Chrome - not only is disclosing URLs a no-go, but you need to make sure your telemetry isn't unintentionally exposing details that are identifying in some other fashion, like on-stack data from a crash report or that sort of thing.


Finally, a sensible argument _for_ telemetry.


> People need to understand that large scale software not having telemetry borders on malpractice if it interacts with the internet.

If that's true (and I don't really agree that it is), that's an excellent argument for avoiding large-scale software.


This is one of the strongest arguments against an Internet monoculture. Shame about all those alternative browsers dying to the point that now if you're working on one, CloudFlare/Google/etc are likely to just block your browser entirely.

Everyone's using the same massive-scale app and now that it's a central point of failure it's wildly irresponsible to not load it down with telemetry. It sucks. If it were instead a healthy market of like 4-8 different browsers people were using, a major issue in one of them wouldn't necessarily be a crisis because people could just boot up a different browser and the bug would only impact say 5-25% of a website's visitors at most instead of The Majority Of Them.


>The user should be the focus.

I agree and this is why I said good implementation can exists. I never implemented telemtry but I implemented once crash reporting. Before I added this feature the users had to contact support and tall us what is wrong, then we would send email back and forward asking about OS , application version. asking for screenshots, asking to enable debug mode and try again and then screenshot the error and send it to us. Because i was the one doing the customer support too I noticed this is very repetitive and very demanding for users (even explaing a user to find a log file in %appdata% in windows is a complex process) so I simplified it as much as possible, a crash or the user could open the report a bug popup, you would see exactly the data that is sent to me, it was plain text info like OS and app versions and a stack trace and other logging data and you had the option not to send it to me but if you sent it then I have the stack trace I have the info and I could put an update to fix teh bug in a day rather then we spend time emailing each other questions.


> or have it as an option you are forced to decider if yes or no.

Bonus points for an implementation that comes with a few unbiased examples about why one might want to disable and why not.

You are working under draconian legal secrecy requirements or on an exceptionally narrow/expensive uplink? Disable. You worry about secrecy but not enough to go 2FA, you occasionally wish for a bigger pipe to the internet? Disable if you insist, but it would be nice of you to contribute data.


If you are working with such parameters, one would hope you wouldn't have to be explained that telemetry should be disabled. Not all apps will be so kind as to give you examples...


The purpose of the examples would not be to keep those out of tracking whom you'd expect to deactivate (because you are right, it becomes entirely their responsibility once they are actively presented the option), it would be to encourage trust with those who don't really need to be that level of paranoid (but who often are). Much better than the usual "trust us, everything is so incredibly safe that we don't even know why we have the option to deactivate". Most users will take the "incredibly" at face value and not believe it, and they would be right because nothing is ever that safe. But a risk model like "theoretically there could be a bug in that totally innocent feature use counter that accidentally included a random heap sample in the upload that could include sensitive data" would be acceptable to many. Could a liar smooth-talk you with those examples into pressing accept? Sure. But that bad actor could also ignore the setting or not show an option at all.


>Also about telemetry if all power users turn it off then you can have situations where developers will drop a feature because they don't use it and there is no data to show that more then 12 people are using it.

Firefox and the RSS situation. Mozilla did not even think 1 second that this might occur.


Live Bookmarks were no substitute for a proper RSS reader. I've been using both RSS and Firefox continually since at least 2005, but I quickly stopped using Live Bookmarks in favor of Google Reader (RIP).


True. A proper RSS reader would have been nice in Firefox. Instead Mozilla BS'd their way out.


Sample size one, but that’s not why I use Linux and similar operating systems. I feel like this is probably a decently popular reason, but I’d be hesitant to suggest it’s the “whole reason”.


I personally don't use Ubuntu if there's another choice (e.g. Debian) because of this very reason. Amazon app and whatnot in desktop editions and Landscape advertisements and other small web-connected push in server editions just drive me away from Ubuntu.

If I feel too lazy to install Debian, I install Ubuntu in a VM to try something for short term then either migrate to Debian or delete the VM, that's it.


> web-connected push in server editions

What's this?


Everytime I log in on SSH, there's a message encouraging me to try Ubuntu Livepatch, which is an optional premium feature to install kernel updates without rebooting. Free for personal use, just gotta sign up for a Canonical account...


Yes, I was talking about the same thing. Also MOTD gets its updates from Ubuntu servers regularly. I just want a MOTD, not a complete status update from a server which probably marks this fetch as another statistic.


It does?? That's crazy. Lots of people still use the MOTD for their own purposes, after all.


Ubuntu defaults to an Ubuntu-supplied MOTD, but people can totally remove all the default junk and replace it with their desired stuff.


Since Ubuntu is Linux, I assumed that it could be changed. But that it comes configured that way by default seems like a poor choice to me.


My reasons are actually:

- linux is faster and smoother (for me)

- better support (for the tools I use: git, jdk, dotnet core etc)

- better ux (again, for me. I love KDE but I'm not here to convince anyone to leave their favorite desktop behind.)

I can choose Windows or Mac every time my laptop is up for replacement so cost is not a reason for me.

Also, the IT department at work and with most of our customers has probably put some thought into it and still approved Windows, so I guess it is OK for work.


> Also, the IT department at work and with most of our customers has probably put some thought into it and still approved Windows, so I guess it is OK for work.

That's more likely a case of not having a choice.


At least they go out of their way to make sure we are free to use Linux or Mac (in addition to Windows) if we want as long as we don't bother them with end user support (VPN questions are fkne though).


Genuinely not the reason for me. I've used a Linux distro of one sort or another since 2003 and the reason was the power of the environment. Obviously since I (and hundreds of thousands of others) install popcon I've got no problem with telemetry etc. I didn't actually have any problem with them having the Amazon app in there except that it diminished my ability to do useful stuff, i.e. it wasn't a good product.

I'm not sure combined web/app/site-search is useful to me on a desktop. Desktop search is useful on its own. Web search is useful on its own and site search helps with that but combining doesn't help.

And a standalone thing to access Amazon doesn't really have utility to me.

Because I could easily edit the system to not be painful I stuck to Ubuntu.


Actually my reasons for installing Ubuntu were:

- Better support for the programming tools and languages I use.

- Free (as in, no cost)

Sample size one though, so YMMV. I'm sure there are more than enough distros you can use instead.


> telemetry

Ubuntu does include optional telemetry (screen during installation, preference can be later tweaked in privacy settings) since 18.04 and it seems to be less aggressive than in other OSes [1][2]. Not sure about other flavors.

[1] - https://www.bleepingcomputer.com/news/linux/ubuntu-gets-in-t...

[2] - https://lists.ubuntu.com/archives/ubuntu-devel/2018-February...


First, maybe there are different reasons. Then, having clearly defined commercial icons, clearly defined and easily uninstallable (as in right click, remove) is clearly acceptable with me. Ubuntu needs to make money, be it with this or Google default search, as long as I can modify preferences, a default is ok. It s a quation of balance. Slippery slope is not a really good excuse either it's acceptable or it's not.


Nowadays I use Linux, because that is part of the job, that is all.

Back in the day I used Linux, because I needed UNIX clone at home to do university work, which originally used DG/UX on their servers.


> The whole reason people use Ubuntu and other free OS's is because they don't come with a bunch of commercial crap & telemetry

It can be. That isn't often the case. A lot of people just want control over their OS but aren't concerned about whether they're using proprietary software or if their software is phoning home.


I had assumed Amazon was paying for the Amazon "app" in Ubuntu (based on gut feel) but it looks like it might have been part of a Canonical's web-y vision for the Linux desktop future [1]. Does anyone know why the Amazon app existed in the first place?

https://www.omgubuntu.co.uk/2016/05/what-happened-ubuntu-uni...


Well hey, I just happened to work on that stuff back when Canonical still had its own desktop product.

The idea was to make a user's experience as great as possible. The desktop design department all lived through their iPhones, and felt that most non-techie computer users wanted the same experience. The whole desktop-phone convergence thing was the prime directive, and having search be the prime experience on desktop for a fully-integrated web experience was the way there. There were many "scopes" plugged in that searched all kinds of things, and among them was one that searched Amazon.

It didn't hurt that Canonical made a bit of income from affiliate referrals. At least until Amazon found out. Then, it just became another web search scope.


> The idea was to make a user's experience as great as possible.

Whaa? How does including an Amazon (or any retailer)app make the user's experience "great"? I admit that I'm not the usual user, and therefore may simply not understand, but the inclusion of stuff like that doesn't enhance the experience, it degrades it.


So Amazon disabled Canonical's affiliate link when they realized what was going on? How long did it work for?


I always figured Cannonical made a lot of money for including that.

Can’t believe the most annoying feature was part of the ‘vision.’


Was this around the same time Canonical had phone ambitions?

> non-techie computer users

MS made the same bet, but is this really your userbase?


Ubuntu has always tried to be (with mixed success) "Linux for everyone else". At some points that just meant it was relatively easy to install and had a pleasing UI. At other points they've really tried to push their way outside of the primary userbase of Linux. Successful or not, I'm glad someone out there is at least giving it a try. Imagine a world where desktop Linux isn't just for nerds. Where more than one consumer-facing laptop comes with Linux pre-installed, vetted, and actively supported.


Ubuntu was also making money via an affiliate tag for all purchases. See https://askubuntu.com/questions/565746/why-does-the-latest-b...


While I get my torch lit, what's going on exactly?


Clarification to all: "drops" in this context means "gets rid of" rather than "releases".

Ubuntu is getting rid of affiliate links which it originally introduced to generate revenue, but have proved controversial and by the sounds of it unfruitful.

Ubuntu has also previously included Amazon search results in its start menu search (known as 'lenses' or the 'HUD') which were also controversial, but these were removed when Ubuntu switched to shipping the Gnome desktop by default.


Which then raises the question, how does - if at all - Ubuntu make money for Canonical?


It doesn't. The Ubuntu desktop was a hobby project for a tech-oriented individual with deep pockets. In 2017 the Ubuntu desktop project was virtually eliminated as a loss-maker in the run up to going public. Now, Ubuntu is just enabling technology for (profitable) cloud services and (hopefully in the future profitable) IoT and ships with a slightly customized version Red Hat's Gnome Shell desktop.


Business support and private cloud offerings (as in: pay Canonical to come set up a private cloud for you on machines you own).

Mindshare is important here, because otherwise, something like RedHat would likely be the default choice for businesses.


> Mindshare is important here, because otherwise, something like RedHat would likely be the default choice for businesses.

I mean, with regards to Linux Enterprise stuff... it is. SuSE is the boss when it comes to SAP, but otherwise everything lives on some flavor of Red Hat or derivative; CentOS is everywhere.

In the Enterprise we only roll with stuff that is officially supported. Hiring freezes, layoffs, and general work ebb-and-flow means we will need to rope in help at some point, and while I may be a wiz at some CLI functions I'm not up on what each patch is doing to the environment. Having a support contract to lean on is a huge advantage.

Canonical was (is?) effectively trying to do this on the .deb side of the house (as opposed to the .rpm side), though I don't know how successful they were/are. I looked at interviewing w/ Canonical, but the Glassdoor reviews painted a picture of an org that was having deep growing pains and internal struggles.


Right, just like HP would be the default choice for desktops, Lenovo the default choice for laptops, and Cisco the default choice for networking hardware.


> First introduced in Ubuntu 12.10, the Amazon web launcher gives Ubuntu users an easy, out-of-the-box shortcut to the Amazon website.

[...]

> Ubuntu 20.04 ‘Focal Fossa’ will not include the Amazon web launcher, and neither will the next Ubuntu 18.04 LTS point release.

https://www.omgubuntu.co.uk/2020/01/ubuntu-removes-the-amazo...


They might have changed it in the last 8 years, but one of the worst things about this change is that the referrer requests were made in HTTP. Anyone sniffing your connection could find out what you were writing on the Ubuntu spotlight.


I don't understand the rage. It's a shortcut that opens amazon.com in a browser. It queries location, for opening the local amazon site, but that could be avoided by disabling geoclue.


The default was to submit all Unity launcher searches to Amazon to populate the desktop search with items sold in Amazon.


This was the shortcut to Amazon website, not the search lens that already died in the transition from Unity to Gnome.

https://www.omgubuntu.co.uk/2020/01/ubuntu-removes-the-amazo...


Thanks for the correction. Probably others have also confused these two features.


Yeah, it was originally very Windows 10


Because it hints presence of a bigger iceberg beneath that harmless looking tip.


Great. Getting rid of that app was one of the first things I would do on a fresh Ubuntu installation.


The ambiguous "drop" in this context really annoys me.


Yeah, i automatically assumed they meant released.


I totally forgot that "drop" could mean "release". The usage of the word here seemed entirely unambiguous to me.


It was unambiguous to me too, until I started reading HN where it seemed to consistently used to mean 'released' or 'shipped'.


I think it's more like, when you drop your phone, it lands on its face, and stops being a phone.


The first thing I did after install was to remove all the launcher shortcuts except for Firefox. This'll make it easier on new installs for me (and perhaps most of us).


I wonder whether they are making room for an Amazon competitor.


Eventually they drop the crapware foisted on us that we complained about when they put it in.

Why won't they listen to us?


It'$ a my$tery, no one know$


It'$ a my$tery we might never $olve


How does this action differ from “listening to us”? It looks like they’re removing the app.


Years later


Because money


Have they ever released how much money they earned off those affiliate searchers/clicks?


and nothing of value was lost.

next up: remove the malware from MOTD.


Good riddance


Hear, hear!


wont be missed




Applications are open for YC Summer 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: