Prevent Ubuntu from leaking information to the internet upon loginWhy does the ubuntu-server package depend on update-notifier-common?Where does the System Information information come from on login?Why does my Ubuntu 12.04 install not pull this security update?Does java security flaw affects ubuntu also?Is the meta-release upgrade (do-release-upgrade) secure?Upgrade from 12.04lts to 14.04lts login loophow to generate welcome screenPrivacy with Ubuntu PhoneContinious ubuntu malfunctionRun Executable After loginUbuntu 16.04 LTS black screen after login since updating packages with Software Updater

What does this horizontal bar at the first measure mean?

Difference between -| and |- in TikZ

How much character growth crosses the line into breaking the character

Freedom of speech and where it applies

What major Native American tribes were around Santa Fe during the late 1850s?

Bob has never been a M before

Can someone explain how this makes sense electrically?

Flux received by a negative charge

Translation of Scottish 16th century church stained glass

Gibbs free energy in standard state vs. equilibrium

Customize circled numbers

How do I implement a file system driver driver in Linux?

Have I saved too much for retirement so far?

When quoting, must I also copy hyphens used to divide words that continue on the next line?

A Permanent Norse Presence in America

Are lightweight LN wallets vulnerable to transaction withholding?

Do the concepts of IP address and network interface not belong to the same layer?

Why do IPv6 unique local addresses have to have a /48 prefix?

Why has "pence" been used in this sentence, not "pences"?

What is this type of notehead called?

A social experiment. What is the worst that can happen?

Has Darkwing Duck ever met Scrooge McDuck?

Why did the HMS Bounty go back to a time when whales are already rare?

Wrapping Cryptocurrencies for interoperability sake



Prevent Ubuntu from leaking information to the internet upon login


Why does the ubuntu-server package depend on update-notifier-common?Where does the System Information information come from on login?Why does my Ubuntu 12.04 install not pull this security update?Does java security flaw affects ubuntu also?Is the meta-release upgrade (do-release-upgrade) secure?Upgrade from 12.04lts to 14.04lts login loophow to generate welcome screenPrivacy with Ubuntu PhoneContinious ubuntu malfunctionRun Executable After loginUbuntu 16.04 LTS black screen after login since updating packages with Software Updater













-2















I am surprised to find so little information about what I would consider a serious breach of privacy and security.



It appears ubuntu-report is sending very unique information about your system - like a fingerprint, if not stopped with shell commands. See here: https://www.howtogeek.com/349844/how-to-stop-ubuntu-from-collecting-data-about-your-pc/



update: answer below argues that permission is asked before actually sending this information.



But now, I also frown upon a fresh minimal Ubuntu image connecting to the internet upon login. When logging in to the console, a Message of the Day (MOTD) is displayed. Something like this:



ubuntu login: ubuntu
Password:
Last login: <date>
Welcome to Ubuntu 18.04.1 LTS (...)

* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage

System information as of <date>

System load: 0.08 (..)
Usage of /: 4.9% (..)

Get cloud support with Ubuntu Advantage Cloud Guest:
http://www.ubuntu.com/business/services/cloud

0 packages can be updated.
0 updates are security updates.

Failed to connect to https://changelogs.ubuntu.com/meta-release-lts.
Check your Internet connection or proxy settings


Perhaps I am being paranoid, but I think it is unacceptable that a mere login would send anything to the internet. If you do a connection to 'changelogs.ubuntu.com' every time you login on the shell, that can lead to potential security and privacy concerns. Am I the only one who is surprised about this and finds this unacceptable?



My question is: how can I safely use Ubuntu without compromising security or privacy?



In particular, my concern is with sending anything to the internet without permission. I don't want things to automatically connect or check or update to the internet in any way, unless I give the command to do that, with sudo apt update for example.



I tried playing with /etc/update-motd.d scripts but I could not find the script that was the culprit. I am kind of annoyed that I wasted a good hour on this stuff and still don't trust my Ubuntu system with ethernet/internet until this issue is resolved properly.










share|improve this question



















  • 2





    A mere login does not send anything to anybody. The message of the day and the number of available updates are updated daily by automated services with no relationship with users logging or not logging in. You can easily disable those services.

    – AlexP
    Dec 17 '18 at 9:59






  • 1





    Your question seems to be related to Why does the ubuntu-server package depend on update-notifier-common?

    – steeldriver
    Dec 17 '18 at 12:46















-2















I am surprised to find so little information about what I would consider a serious breach of privacy and security.



It appears ubuntu-report is sending very unique information about your system - like a fingerprint, if not stopped with shell commands. See here: https://www.howtogeek.com/349844/how-to-stop-ubuntu-from-collecting-data-about-your-pc/



update: answer below argues that permission is asked before actually sending this information.



But now, I also frown upon a fresh minimal Ubuntu image connecting to the internet upon login. When logging in to the console, a Message of the Day (MOTD) is displayed. Something like this:



ubuntu login: ubuntu
Password:
Last login: <date>
Welcome to Ubuntu 18.04.1 LTS (...)

* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage

System information as of <date>

System load: 0.08 (..)
Usage of /: 4.9% (..)

Get cloud support with Ubuntu Advantage Cloud Guest:
http://www.ubuntu.com/business/services/cloud

0 packages can be updated.
0 updates are security updates.

Failed to connect to https://changelogs.ubuntu.com/meta-release-lts.
Check your Internet connection or proxy settings


Perhaps I am being paranoid, but I think it is unacceptable that a mere login would send anything to the internet. If you do a connection to 'changelogs.ubuntu.com' every time you login on the shell, that can lead to potential security and privacy concerns. Am I the only one who is surprised about this and finds this unacceptable?



My question is: how can I safely use Ubuntu without compromising security or privacy?



In particular, my concern is with sending anything to the internet without permission. I don't want things to automatically connect or check or update to the internet in any way, unless I give the command to do that, with sudo apt update for example.



I tried playing with /etc/update-motd.d scripts but I could not find the script that was the culprit. I am kind of annoyed that I wasted a good hour on this stuff and still don't trust my Ubuntu system with ethernet/internet until this issue is resolved properly.










share|improve this question



















  • 2





    A mere login does not send anything to anybody. The message of the day and the number of available updates are updated daily by automated services with no relationship with users logging or not logging in. You can easily disable those services.

    – AlexP
    Dec 17 '18 at 9:59






  • 1





    Your question seems to be related to Why does the ubuntu-server package depend on update-notifier-common?

    – steeldriver
    Dec 17 '18 at 12:46













-2












-2








-2


1






I am surprised to find so little information about what I would consider a serious breach of privacy and security.



It appears ubuntu-report is sending very unique information about your system - like a fingerprint, if not stopped with shell commands. See here: https://www.howtogeek.com/349844/how-to-stop-ubuntu-from-collecting-data-about-your-pc/



update: answer below argues that permission is asked before actually sending this information.



But now, I also frown upon a fresh minimal Ubuntu image connecting to the internet upon login. When logging in to the console, a Message of the Day (MOTD) is displayed. Something like this:



ubuntu login: ubuntu
Password:
Last login: <date>
Welcome to Ubuntu 18.04.1 LTS (...)

* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage

System information as of <date>

System load: 0.08 (..)
Usage of /: 4.9% (..)

Get cloud support with Ubuntu Advantage Cloud Guest:
http://www.ubuntu.com/business/services/cloud

0 packages can be updated.
0 updates are security updates.

Failed to connect to https://changelogs.ubuntu.com/meta-release-lts.
Check your Internet connection or proxy settings


Perhaps I am being paranoid, but I think it is unacceptable that a mere login would send anything to the internet. If you do a connection to 'changelogs.ubuntu.com' every time you login on the shell, that can lead to potential security and privacy concerns. Am I the only one who is surprised about this and finds this unacceptable?



My question is: how can I safely use Ubuntu without compromising security or privacy?



In particular, my concern is with sending anything to the internet without permission. I don't want things to automatically connect or check or update to the internet in any way, unless I give the command to do that, with sudo apt update for example.



I tried playing with /etc/update-motd.d scripts but I could not find the script that was the culprit. I am kind of annoyed that I wasted a good hour on this stuff and still don't trust my Ubuntu system with ethernet/internet until this issue is resolved properly.










share|improve this question
















I am surprised to find so little information about what I would consider a serious breach of privacy and security.



It appears ubuntu-report is sending very unique information about your system - like a fingerprint, if not stopped with shell commands. See here: https://www.howtogeek.com/349844/how-to-stop-ubuntu-from-collecting-data-about-your-pc/



update: answer below argues that permission is asked before actually sending this information.



But now, I also frown upon a fresh minimal Ubuntu image connecting to the internet upon login. When logging in to the console, a Message of the Day (MOTD) is displayed. Something like this:



ubuntu login: ubuntu
Password:
Last login: <date>
Welcome to Ubuntu 18.04.1 LTS (...)

* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage

System information as of <date>

System load: 0.08 (..)
Usage of /: 4.9% (..)

Get cloud support with Ubuntu Advantage Cloud Guest:
http://www.ubuntu.com/business/services/cloud

0 packages can be updated.
0 updates are security updates.

Failed to connect to https://changelogs.ubuntu.com/meta-release-lts.
Check your Internet connection or proxy settings


Perhaps I am being paranoid, but I think it is unacceptable that a mere login would send anything to the internet. If you do a connection to 'changelogs.ubuntu.com' every time you login on the shell, that can lead to potential security and privacy concerns. Am I the only one who is surprised about this and finds this unacceptable?



My question is: how can I safely use Ubuntu without compromising security or privacy?



In particular, my concern is with sending anything to the internet without permission. I don't want things to automatically connect or check or update to the internet in any way, unless I give the command to do that, with sudo apt update for example.



I tried playing with /etc/update-motd.d scripts but I could not find the script that was the culprit. I am kind of annoyed that I wasted a good hour on this stuff and still don't trust my Ubuntu system with ethernet/internet until this issue is resolved properly.







login security privacy






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Dec 17 '18 at 13:05







Sigrid

















asked Dec 17 '18 at 7:23









SigridSigrid

62




62







  • 2





    A mere login does not send anything to anybody. The message of the day and the number of available updates are updated daily by automated services with no relationship with users logging or not logging in. You can easily disable those services.

    – AlexP
    Dec 17 '18 at 9:59






  • 1





    Your question seems to be related to Why does the ubuntu-server package depend on update-notifier-common?

    – steeldriver
    Dec 17 '18 at 12:46












  • 2





    A mere login does not send anything to anybody. The message of the day and the number of available updates are updated daily by automated services with no relationship with users logging or not logging in. You can easily disable those services.

    – AlexP
    Dec 17 '18 at 9:59






  • 1





    Your question seems to be related to Why does the ubuntu-server package depend on update-notifier-common?

    – steeldriver
    Dec 17 '18 at 12:46







2




2





A mere login does not send anything to anybody. The message of the day and the number of available updates are updated daily by automated services with no relationship with users logging or not logging in. You can easily disable those services.

– AlexP
Dec 17 '18 at 9:59





A mere login does not send anything to anybody. The message of the day and the number of available updates are updated daily by automated services with no relationship with users logging or not logging in. You can easily disable those services.

– AlexP
Dec 17 '18 at 9:59




1




1





Your question seems to be related to Why does the ubuntu-server package depend on update-notifier-common?

– steeldriver
Dec 17 '18 at 12:46





Your question seems to be related to Why does the ubuntu-server package depend on update-notifier-common?

– steeldriver
Dec 17 '18 at 12:46










2 Answers
2






active

oldest

votes


















6














Ok this question contains contains some inaccurate information.



  • The package Ubuntu Report does not get installed if users uncheck the option during installation.

  • Even after giving permission during installation, it again asks for permission before sending any data and let users see the data to be sent and provide with permanent deny option.

  • The data it collects is general hardware and OS configuration related data which helps the development of Ubuntu. It does not collect any sensitive data (like IP address or real location). See it's GitHub page for an example.

  • The data is completely anonymized (can't be used to identify a single machine) and one time only. It does not send data on every login.


If you do a connection to 'changelogs.ubuntu.com' every time you login on the shell, that can lead to potential security and privacy concerns. Am I the only one who is surprised about this and finds this unacceptable?




I don't know about Ubuntu Server, but I'm pretty sure you can stop checking for updates at shell login. Don't know about the second question, it's just an update check!




I don't want things to automatically connect or check or update to the internet in any way




Not an option on 21st century PC ecosystem. If you want something like that, better use a default-deny firewall or something like that.






share|improve this answer

























  • Thanks for your answer! I updated the question to reflect your nuance regarding ubuntu-report. Still, I think an opt-in would be better than opt-out. I have had apport send an application crash report simply because I was typing in an application when apport popped op, and my continued typing gave permission to send; not really privacy friendly. Nothing should be sent or even collected, unless there was express permission. That would please privacy-conscious users better.

    – Sigrid
    Dec 17 '18 at 13:21











  • Can you please point me to any resources blocking the automatic checking for updates upon login?

    – Sigrid
    Dec 17 '18 at 13:21











  • Regarding to your 21st century ecosystem comment; I would think that after Snowden, people would think about data security and privacy as something very important to safeguard against governments and companies from having too much power and knowledge about citizens. Therefore, I would have expected open-source operating systems like Ubuntu to be more friendly to privacy out-of-the-box, such that no 'phoning home' would occur with Ubuntu, unless the user expressly enabled something in the preferences (opt-in) or gave a command to do so.

    – Sigrid
    Dec 17 '18 at 13:26






  • 2





    @Sigrid - Sorry that Ubuntu does not meet your expectations. Merely uninstall the update-manager and unattended-upgrade packages, and you will have a never-phone-home system. WARNING: Those packages provide Ubuntu's automatic security upgrades - you will need to start doing those manually and regularly lest your system become vulnerable to published exploits.

    – user535733
    Dec 17 '18 at 13:55



















0














Every ubuntu desktop installation I have done I noticed it sending data to IPs owned by Canonical by default. This traffic seems to be rather constant. I could swear during the installation I specifically tell it not to send any data back to canonical.



I am about to wipe the Ubuntu install (16.04->18.04) to track an issue not related to this one. for the sake of this thread I will document all the options I selected and then will look at the network traffic.






share|improve this answer






















    Your Answer








    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "89"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader:
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    ,
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













    draft saved

    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1102491%2fprevent-ubuntu-from-leaking-information-to-the-internet-upon-login%23new-answer', 'question_page');

    );

    Post as a guest















    Required, but never shown

























    2 Answers
    2






    active

    oldest

    votes








    2 Answers
    2






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    6














    Ok this question contains contains some inaccurate information.



    • The package Ubuntu Report does not get installed if users uncheck the option during installation.

    • Even after giving permission during installation, it again asks for permission before sending any data and let users see the data to be sent and provide with permanent deny option.

    • The data it collects is general hardware and OS configuration related data which helps the development of Ubuntu. It does not collect any sensitive data (like IP address or real location). See it's GitHub page for an example.

    • The data is completely anonymized (can't be used to identify a single machine) and one time only. It does not send data on every login.


    If you do a connection to 'changelogs.ubuntu.com' every time you login on the shell, that can lead to potential security and privacy concerns. Am I the only one who is surprised about this and finds this unacceptable?




    I don't know about Ubuntu Server, but I'm pretty sure you can stop checking for updates at shell login. Don't know about the second question, it's just an update check!




    I don't want things to automatically connect or check or update to the internet in any way




    Not an option on 21st century PC ecosystem. If you want something like that, better use a default-deny firewall or something like that.






    share|improve this answer

























    • Thanks for your answer! I updated the question to reflect your nuance regarding ubuntu-report. Still, I think an opt-in would be better than opt-out. I have had apport send an application crash report simply because I was typing in an application when apport popped op, and my continued typing gave permission to send; not really privacy friendly. Nothing should be sent or even collected, unless there was express permission. That would please privacy-conscious users better.

      – Sigrid
      Dec 17 '18 at 13:21











    • Can you please point me to any resources blocking the automatic checking for updates upon login?

      – Sigrid
      Dec 17 '18 at 13:21











    • Regarding to your 21st century ecosystem comment; I would think that after Snowden, people would think about data security and privacy as something very important to safeguard against governments and companies from having too much power and knowledge about citizens. Therefore, I would have expected open-source operating systems like Ubuntu to be more friendly to privacy out-of-the-box, such that no 'phoning home' would occur with Ubuntu, unless the user expressly enabled something in the preferences (opt-in) or gave a command to do so.

      – Sigrid
      Dec 17 '18 at 13:26






    • 2





      @Sigrid - Sorry that Ubuntu does not meet your expectations. Merely uninstall the update-manager and unattended-upgrade packages, and you will have a never-phone-home system. WARNING: Those packages provide Ubuntu's automatic security upgrades - you will need to start doing those manually and regularly lest your system become vulnerable to published exploits.

      – user535733
      Dec 17 '18 at 13:55
















    6














    Ok this question contains contains some inaccurate information.



    • The package Ubuntu Report does not get installed if users uncheck the option during installation.

    • Even after giving permission during installation, it again asks for permission before sending any data and let users see the data to be sent and provide with permanent deny option.

    • The data it collects is general hardware and OS configuration related data which helps the development of Ubuntu. It does not collect any sensitive data (like IP address or real location). See it's GitHub page for an example.

    • The data is completely anonymized (can't be used to identify a single machine) and one time only. It does not send data on every login.


    If you do a connection to 'changelogs.ubuntu.com' every time you login on the shell, that can lead to potential security and privacy concerns. Am I the only one who is surprised about this and finds this unacceptable?




    I don't know about Ubuntu Server, but I'm pretty sure you can stop checking for updates at shell login. Don't know about the second question, it's just an update check!




    I don't want things to automatically connect or check or update to the internet in any way




    Not an option on 21st century PC ecosystem. If you want something like that, better use a default-deny firewall or something like that.






    share|improve this answer

























    • Thanks for your answer! I updated the question to reflect your nuance regarding ubuntu-report. Still, I think an opt-in would be better than opt-out. I have had apport send an application crash report simply because I was typing in an application when apport popped op, and my continued typing gave permission to send; not really privacy friendly. Nothing should be sent or even collected, unless there was express permission. That would please privacy-conscious users better.

      – Sigrid
      Dec 17 '18 at 13:21











    • Can you please point me to any resources blocking the automatic checking for updates upon login?

      – Sigrid
      Dec 17 '18 at 13:21











    • Regarding to your 21st century ecosystem comment; I would think that after Snowden, people would think about data security and privacy as something very important to safeguard against governments and companies from having too much power and knowledge about citizens. Therefore, I would have expected open-source operating systems like Ubuntu to be more friendly to privacy out-of-the-box, such that no 'phoning home' would occur with Ubuntu, unless the user expressly enabled something in the preferences (opt-in) or gave a command to do so.

      – Sigrid
      Dec 17 '18 at 13:26






    • 2





      @Sigrid - Sorry that Ubuntu does not meet your expectations. Merely uninstall the update-manager and unattended-upgrade packages, and you will have a never-phone-home system. WARNING: Those packages provide Ubuntu's automatic security upgrades - you will need to start doing those manually and regularly lest your system become vulnerable to published exploits.

      – user535733
      Dec 17 '18 at 13:55














    6












    6








    6







    Ok this question contains contains some inaccurate information.



    • The package Ubuntu Report does not get installed if users uncheck the option during installation.

    • Even after giving permission during installation, it again asks for permission before sending any data and let users see the data to be sent and provide with permanent deny option.

    • The data it collects is general hardware and OS configuration related data which helps the development of Ubuntu. It does not collect any sensitive data (like IP address or real location). See it's GitHub page for an example.

    • The data is completely anonymized (can't be used to identify a single machine) and one time only. It does not send data on every login.


    If you do a connection to 'changelogs.ubuntu.com' every time you login on the shell, that can lead to potential security and privacy concerns. Am I the only one who is surprised about this and finds this unacceptable?




    I don't know about Ubuntu Server, but I'm pretty sure you can stop checking for updates at shell login. Don't know about the second question, it's just an update check!




    I don't want things to automatically connect or check or update to the internet in any way




    Not an option on 21st century PC ecosystem. If you want something like that, better use a default-deny firewall or something like that.






    share|improve this answer















    Ok this question contains contains some inaccurate information.



    • The package Ubuntu Report does not get installed if users uncheck the option during installation.

    • Even after giving permission during installation, it again asks for permission before sending any data and let users see the data to be sent and provide with permanent deny option.

    • The data it collects is general hardware and OS configuration related data which helps the development of Ubuntu. It does not collect any sensitive data (like IP address or real location). See it's GitHub page for an example.

    • The data is completely anonymized (can't be used to identify a single machine) and one time only. It does not send data on every login.


    If you do a connection to 'changelogs.ubuntu.com' every time you login on the shell, that can lead to potential security and privacy concerns. Am I the only one who is surprised about this and finds this unacceptable?




    I don't know about Ubuntu Server, but I'm pretty sure you can stop checking for updates at shell login. Don't know about the second question, it's just an update check!




    I don't want things to automatically connect or check or update to the internet in any way




    Not an option on 21st century PC ecosystem. If you want something like that, better use a default-deny firewall or something like that.







    share|improve this answer














    share|improve this answer



    share|improve this answer








    edited Dec 17 '18 at 17:54

























    answered Dec 17 '18 at 8:41









    HattinGokbori87HattinGokbori87

    760215




    760215












    • Thanks for your answer! I updated the question to reflect your nuance regarding ubuntu-report. Still, I think an opt-in would be better than opt-out. I have had apport send an application crash report simply because I was typing in an application when apport popped op, and my continued typing gave permission to send; not really privacy friendly. Nothing should be sent or even collected, unless there was express permission. That would please privacy-conscious users better.

      – Sigrid
      Dec 17 '18 at 13:21











    • Can you please point me to any resources blocking the automatic checking for updates upon login?

      – Sigrid
      Dec 17 '18 at 13:21











    • Regarding to your 21st century ecosystem comment; I would think that after Snowden, people would think about data security and privacy as something very important to safeguard against governments and companies from having too much power and knowledge about citizens. Therefore, I would have expected open-source operating systems like Ubuntu to be more friendly to privacy out-of-the-box, such that no 'phoning home' would occur with Ubuntu, unless the user expressly enabled something in the preferences (opt-in) or gave a command to do so.

      – Sigrid
      Dec 17 '18 at 13:26






    • 2





      @Sigrid - Sorry that Ubuntu does not meet your expectations. Merely uninstall the update-manager and unattended-upgrade packages, and you will have a never-phone-home system. WARNING: Those packages provide Ubuntu's automatic security upgrades - you will need to start doing those manually and regularly lest your system become vulnerable to published exploits.

      – user535733
      Dec 17 '18 at 13:55


















    • Thanks for your answer! I updated the question to reflect your nuance regarding ubuntu-report. Still, I think an opt-in would be better than opt-out. I have had apport send an application crash report simply because I was typing in an application when apport popped op, and my continued typing gave permission to send; not really privacy friendly. Nothing should be sent or even collected, unless there was express permission. That would please privacy-conscious users better.

      – Sigrid
      Dec 17 '18 at 13:21











    • Can you please point me to any resources blocking the automatic checking for updates upon login?

      – Sigrid
      Dec 17 '18 at 13:21











    • Regarding to your 21st century ecosystem comment; I would think that after Snowden, people would think about data security and privacy as something very important to safeguard against governments and companies from having too much power and knowledge about citizens. Therefore, I would have expected open-source operating systems like Ubuntu to be more friendly to privacy out-of-the-box, such that no 'phoning home' would occur with Ubuntu, unless the user expressly enabled something in the preferences (opt-in) or gave a command to do so.

      – Sigrid
      Dec 17 '18 at 13:26






    • 2





      @Sigrid - Sorry that Ubuntu does not meet your expectations. Merely uninstall the update-manager and unattended-upgrade packages, and you will have a never-phone-home system. WARNING: Those packages provide Ubuntu's automatic security upgrades - you will need to start doing those manually and regularly lest your system become vulnerable to published exploits.

      – user535733
      Dec 17 '18 at 13:55

















    Thanks for your answer! I updated the question to reflect your nuance regarding ubuntu-report. Still, I think an opt-in would be better than opt-out. I have had apport send an application crash report simply because I was typing in an application when apport popped op, and my continued typing gave permission to send; not really privacy friendly. Nothing should be sent or even collected, unless there was express permission. That would please privacy-conscious users better.

    – Sigrid
    Dec 17 '18 at 13:21





    Thanks for your answer! I updated the question to reflect your nuance regarding ubuntu-report. Still, I think an opt-in would be better than opt-out. I have had apport send an application crash report simply because I was typing in an application when apport popped op, and my continued typing gave permission to send; not really privacy friendly. Nothing should be sent or even collected, unless there was express permission. That would please privacy-conscious users better.

    – Sigrid
    Dec 17 '18 at 13:21













    Can you please point me to any resources blocking the automatic checking for updates upon login?

    – Sigrid
    Dec 17 '18 at 13:21





    Can you please point me to any resources blocking the automatic checking for updates upon login?

    – Sigrid
    Dec 17 '18 at 13:21













    Regarding to your 21st century ecosystem comment; I would think that after Snowden, people would think about data security and privacy as something very important to safeguard against governments and companies from having too much power and knowledge about citizens. Therefore, I would have expected open-source operating systems like Ubuntu to be more friendly to privacy out-of-the-box, such that no 'phoning home' would occur with Ubuntu, unless the user expressly enabled something in the preferences (opt-in) or gave a command to do so.

    – Sigrid
    Dec 17 '18 at 13:26





    Regarding to your 21st century ecosystem comment; I would think that after Snowden, people would think about data security and privacy as something very important to safeguard against governments and companies from having too much power and knowledge about citizens. Therefore, I would have expected open-source operating systems like Ubuntu to be more friendly to privacy out-of-the-box, such that no 'phoning home' would occur with Ubuntu, unless the user expressly enabled something in the preferences (opt-in) or gave a command to do so.

    – Sigrid
    Dec 17 '18 at 13:26




    2




    2





    @Sigrid - Sorry that Ubuntu does not meet your expectations. Merely uninstall the update-manager and unattended-upgrade packages, and you will have a never-phone-home system. WARNING: Those packages provide Ubuntu's automatic security upgrades - you will need to start doing those manually and regularly lest your system become vulnerable to published exploits.

    – user535733
    Dec 17 '18 at 13:55






    @Sigrid - Sorry that Ubuntu does not meet your expectations. Merely uninstall the update-manager and unattended-upgrade packages, and you will have a never-phone-home system. WARNING: Those packages provide Ubuntu's automatic security upgrades - you will need to start doing those manually and regularly lest your system become vulnerable to published exploits.

    – user535733
    Dec 17 '18 at 13:55














    0














    Every ubuntu desktop installation I have done I noticed it sending data to IPs owned by Canonical by default. This traffic seems to be rather constant. I could swear during the installation I specifically tell it not to send any data back to canonical.



    I am about to wipe the Ubuntu install (16.04->18.04) to track an issue not related to this one. for the sake of this thread I will document all the options I selected and then will look at the network traffic.






    share|improve this answer



























      0














      Every ubuntu desktop installation I have done I noticed it sending data to IPs owned by Canonical by default. This traffic seems to be rather constant. I could swear during the installation I specifically tell it not to send any data back to canonical.



      I am about to wipe the Ubuntu install (16.04->18.04) to track an issue not related to this one. for the sake of this thread I will document all the options I selected and then will look at the network traffic.






      share|improve this answer

























        0












        0








        0







        Every ubuntu desktop installation I have done I noticed it sending data to IPs owned by Canonical by default. This traffic seems to be rather constant. I could swear during the installation I specifically tell it not to send any data back to canonical.



        I am about to wipe the Ubuntu install (16.04->18.04) to track an issue not related to this one. for the sake of this thread I will document all the options I selected and then will look at the network traffic.






        share|improve this answer













        Every ubuntu desktop installation I have done I noticed it sending data to IPs owned by Canonical by default. This traffic seems to be rather constant. I could swear during the installation I specifically tell it not to send any data back to canonical.



        I am about to wipe the Ubuntu install (16.04->18.04) to track an issue not related to this one. for the sake of this thread I will document all the options I selected and then will look at the network traffic.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered 12 mins ago









        RaubvogelRaubvogel

        14113




        14113



























            draft saved

            draft discarded
















































            Thanks for contributing an answer to Ask Ubuntu!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1102491%2fprevent-ubuntu-from-leaking-information-to-the-internet-upon-login%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            Möglingen Índice Localización Historia Demografía Referencias Enlaces externos Menú de navegación48°53′18″N 9°07′45″E / 48.888333333333, 9.129166666666748°53′18″N 9°07′45″E / 48.888333333333, 9.1291666666667Sitio web oficial Mapa de Möglingen«Gemeinden in Deutschland nach Fläche, Bevölkerung und Postleitzahl am 30.09.2016»Möglingen

            Virtualbox - Configuration error: Querying “UUID” failed (VERR_CFGM_VALUE_NOT_FOUND)“VERR_SUPLIB_WORLD_WRITABLE” error when trying to installing OS in virtualboxVirtual Box Kernel errorFailed to open a seesion for the virtual machineFailed to open a session for the virtual machineUbuntu 14.04 LTS Virtualbox errorcan't use VM VirtualBoxusing virtualboxI can't run Linux-64 Bit on VirtualBoxUnable to insert the virtual optical disk (VBoxguestaddition) in virtual machine for ubuntu server in win 10VirtuaBox in Ubuntu 18.04 Issues with Win10.ISO Installation

            Torre de la Isleta Índice Véase también Referencias Bibliografía Enlaces externos Menú de navegación38°25′58″N 0°23′02″O / 38.43277778, -0.3838888938°25′58″N 0°23′02″O / 38.43277778, -0.38388889Torre de la Illeta de l’Horta o Torre Saleta. Base de datos de bienes inmuebles. Patrimonio Cultural. Secretaría de Estado de CulturaFicha BIC Torre de la Illeta de l’Horta. Dirección General de Patrimonio Cultural. Generalitat ValencianaLugares de interés. Ayuntamiento del CampelloTorre de la Isleta en CastillosNet.org