Popular desktop Linux distro Ubuntu has potentially serious privacy flaw

Snap packaging could inadvertently reveal private data in Ubuntu 16.04.

Popular desktop Linux distro Ubuntu has a potentially serious privacy flaw
Credit: Максим Пе\Wikipedia\CC BY-SA 4.0

A feature in the just-released 16.04 version of Ubuntu could pose a serious threat to the privacy of desktop Linux users, according to a well-known open-source software expert.

Version 16.04, the latest long-term-support release of Ubuntu, features a new package format used for installing software on an Ubuntu system, called snap. Snaps are designed to be easier for developers to construct, simpler to deploy, and able to work comfortably alongside the existing deb package format.

ALSO ON NETWORK WORLD: Windows 10's upgrade model temporarily wipes $1.6B from Microsoft's books | One of GNU/Linux’s most important networking components just got an update  

However, according to open-source authority Matthew Garrett, there’s a problem. Snap packages installed on an Ubuntu system that uses the X11 windowing system – meaning, he said, most desktop Ubuntu installations – can copy private data almost anywhere they want without much fuss.

The issue is that applications running in X can simply ask to receive keystrokes from other applications, Garrett wrote.

“An application that has no access to any of your private data can wait until your session is idle, open an unconfined terminal and then use curl to send your data to a remote site,” he said.

Garrett stipulates that snaps don’t appear to pose any security risks running on Canonical’s Mir windowing system, and that the approach actually has many significant security upsides over the long term. For the moment, however, there are serious issues present in snaps that could threaten desktop Ubuntu users.

Canonical, in a blog post responding to the issue, acknowledged that X11 "is not, in fact a secure protocol," and that changing the way snaps work in this regard would hamstring them.

Gustavo Niemayer, writing for Canonical, said that users still need to be careful about which packages they install, regardless of whether they're snaps or not.

"When you install software from the Ubuntu archive, that’s a statement of trust in the Ubuntu and Debian developer," he said. " Snappy is not eliminating the need for that trust, as once you give a piece of software access to your personal files, web camera, microphone, etc, you need to believe that it won’t be using those allowances maliciously."

Ubuntu has had a rough time on the privacy front in recent years, due in large part to a lengthy controversy that began in 2014 over its use of user data to provide customized shopping results from Amazon in a search pane in the Unity desktop environment. Users were angered by this provision of search queries to Amazon without a clear opt-in policy, and Ubuntu eventually pulled the feature in the next version of Unity.

To comment on this article and other Network World content, visit our Facebook page or our Twitter stream.
Must read: Hidden Cause of Slow Internet and how to fix it
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.