All new scopes are ignoring the privacy setting for Phone only
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
unity-scope-click (Ubuntu) |
Fix Released
|
Critical
|
Paweł Stołowski | ||
unity-scopes-api (Ubuntu) |
Fix Released
|
Critical
|
Paweł Stołowski |
Bug Description
STEPS:
1. Open settings
2. Goto privacy and security
3. Select online search
4. Set to Phone only
5. Goto any scope
6. Hit search
7. Find stuff online
EXAMPLES:
Scopes scope found stuff on my home town
Click Scope found stuff in the available section
Music found stuff on grooveshark
Videos found online content
ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: libunity-scopes0 0.4.1+14.
Uname: Linux 3.4.0-5-mako armv7l
ApportVersion: 2.14-0ubuntu1
Architecture: armhf
Date: Fri Apr 4 20:39:27 2014
InstallationDate: Installed on 2014-04-04 (0 days ago)
InstallationMedia: Ubuntu Trusty Tahr (development branch) - armhf (20140404.1)
SourcePackage: unity-scopes-api
UpgradeStatus: No upgrade log present (probably fresh install)
Related branches
- PS Jenkins bot: Approve (continuous-integration)
- dobey (community): Approve
-
Diff: 78 lines (+20/-7)3 files modifiedscope/click/query.cpp (+17/-4)
scope/click/query.h (+1/-1)
scope/click/scope.cpp (+2/-2)
- PS Jenkins bot (community): Approve (continuous-integration)
- Marcus Tomlinson (community): Approve
-
Diff: 42 lines (+21/-1)1 file modifiedinclude/unity/scopes/internal/smartscopes/SmartScope.h (+21/-1)
tags: | added: r276 |
Changed in unity-scopes-api (Ubuntu): | |
importance: | Undecided → Critical |
Changed in unity-scopes-api (Ubuntu): | |
status: | New → Confirmed |
Changed in unity-scope-click (Ubuntu): | |
status: | New → Triaged |
importance: | Undecided → Critical |
assignee: | nobody → Alejandro J. Cura (alecu) |
tags: | added: r281 |
Changed in unity-scope-click (Ubuntu): | |
status: | Triaged → In Progress |
assignee: | Alejandro J. Cura (alecu) → Pawel Stolowski (stolowski) |
Changed in unity-scope-click (Ubuntu): | |
status: | In Progress → Fix Released |
Changed in unity-scopes-api (Ubuntu): | |
status: | Confirmed → Fix Released |
assignee: | Thomas Strehl (strehl-t) → Pawel Stolowski (stolowski) |
tags: | added: qa-touch-blocker |
with the old scopes, the user had basically now control where his data was sent when doing a search on the home scope. The query went to the smart scope server and eventually to any recommended scope. Example: user typing "ter" in home scope just to start "terminal" app resulted in sending this query to e.g. Amazon. That's why the scopes privacy flag was introduced.
However, the situation with the new scopes is slightly different. No scopes are automatically queried without the user having any control over it. The scope scope just returns a list of recommended scopes, but does not query those (with some exceptions like wiki or weather). After getting a scope recommendation list, a user consciously selects a scope to query. Additionally, the user will be able to un-/favor scopes, e.g. unfavor the aggregating music scope (e.g. querying grooveshark) and just favor the local music if he doesn't want any remote source to be queried. So, to summarize, less magic, more control to the user to which scopes to actually query.
From that point of view, the question is if we really need the scope privacy flag in future. I mean we don't have the equivalent on the app side neither, if a user is deeply concerned about data leaving his phone then he should be turning off the data connection altogether.
Possible options to go forward:
1) Remove the scopes privacy flag because there is more control to the user.
2) Keep the privacy flag, with that trust the "trusted" scopes to not query the internet (we cannot enforce this), and utilize the
confinement to prevent running any untrusted scopes querying the internet.