Skip to main content
Topic: KDE Spyware (Read 8222 times) previous topic - next topic
0 Members and 1 Guest are viewing this topic.

KDE Spyware

I am wirting to you beacuse I am very privacy conscious. This is not something I can just let go.

https://www.reddit.com/r/kde/comments/f7ojg9/kde_plasma_kuserfeedback_collecting_telemetry/

This is unacceptable. It collects data regardless if the user puts slider to the left or not. Its sill using my HDD, my home folder (and not only) and still using my CPU. Despite KDE claims that this is opt-in. No matter what user does its still running and "collecting data". I do not wish any data to be collected whatsoever. And yet KDE is lying! Its not opt-out. Its always running and you just can't uninstall it. Doing $ pacman -Rdd whateverspywarekdethrowsonus does not help at all. You can only get into trouble by making KDE unbootable. I do not want it. Please tell me if you are going to follow Arch or will you compile KDE without this spyware. I need answer.

Trust us, don't worry, it does not send anything is not an answer for me.  It uses my ip/geolocation and my clicks and timings etc in and obfuscated form like some carrier IQ. I don't need zeitgeist, I don't need geoip-city, geoip2, dbus generating uniqueID (machine-id). This is simply too much. I go into hoops to protect myself. Otherwise what's the point? All works on MS Windows - I can go there and will have better VAAPi profiles, Firefox with GPU video acceleration, etc. Why do I go to Artix not to have systemd if I will be having this KDE spyware.

Please explain, what are you going to do about this KDE Spyaware. Hardcoded, unremovable that is KTelemetry, falsly named kuserfeedback. I know there are a lot of trolls protecting this spyware. They gained experience from Canonical Amazaon fiasco.

So there are a lot of trolls protecting this spyware like nothing happened. It did happen. A lot of happened. Spyware on my computer! I do not want it.

Re: KDE Spyware

Reply #1
Just uninstall plasma, you have freedom so this in Linux, just choice the best WM for you = use another WM, like Xfxe or similar.
We are not able solve this.

more at this thema: https://community.kde.org/Policies/Telemetry_Policy

Re: KDE Spyware

Reply #2
you can see here, which package use this kuserfeedback https://www.archlinux.org/packages/extra/x86_64/kuserfeedback/

for example i use only plasma-workspace from this list of apps, and plasma-workspace have this package ONLY OPTIONAL, so you can uninstall kuserfeedback package and REBUILD plasma-workspace.

Quote
-- The following RUNTIME packages have not been found:

 * AppMenuGtkModule, Application Menu GTK+ Module, <https://github.com/rilian-la-te/vala-panel-appmenu/tree/master/subprojects/appmenu-gtk-module>

-- The following OPTIONAL packages have not been found:

 * KUserFeedback

-- Configuring done
-- Generating done

tested, works. Plasma works and this test cost me 5 minutes..... so easy is still protect your privacy if you wanrt still use KDE ;-)

Re: KDE Spyware

Reply #3
seems kate also depends on kuserfeedback

Re: KDE Spyware

Reply #4
You can rebuild Kate without kusefeedback, should be optional too

Re: KDE Spyware

Reply #5
I would like to know the opinion of the core maintainers

Re: KDE Spyware

Reply #6
We provide actually no kde packages except extra-cmake-modules and phonon, all others packages of kde are provide by archlinux. That is the answer.



Re: KDE Spyware

Reply #7
We don't provide KDE packages as alium said so this is not really under our control. You can always force remove with -Rdd. I really doubt that package not existing would seriously break anything. All telemetry claims aside, it being a hard dependency of something like kate or plasma-workspace does seem a bit suspicious to me, but I don't know the internals of the code.

Re: KDE Spyware

Reply #8
well despite the alarmist reddit posting, no one has filed a bug/request on arch to have kuserfeedback removed as a dependency from the affected packages, at least none that i could find.  building both kate/plasma-workspace after removing the dependency works fine for me but sadly we'll probably have to do so from now on if you want to avoid having it.  I doubt arch mainainers will care, even if a bug/request is opened

Re: KDE Spyware

Reply #9
It would not be unthinkable for us to start maintaining some KDE packages. We do this for GNOME already for example. I don't know if any of our current maintainers want to take on this extra workload though.

Re: KDE Spyware

Reply #10
Could you use a firewall or similar to block a particular app or prevent contact to a specific IP address? Presumably KDE must still work offline, so how would it know if you blocked it all the time? Possibly that is another approach if you were concerned.

Re: KDE Spyware

Reply #11
i asked @artoo, if we can/want provide some KDE packages without kuserfeedback, i wait for answer.

But guys, is really so big problem rebuild 2-4 packages without this kuserfeedback??

I did it yesterday and replace archlinux's package...needed 5 minutes for that...so less time as read and answer in this topic  :D

P.S. KDE is opensource,so you can review the sources! you can see what is request from developers. ;-)

Re: KDE Spyware

Reply #12
I have a copy of deleted by KDE (censorship) reddit post if anyone would like. There will be more and more hardcoded ktelemetry dependancy. Besides "slider" from 'kuserfeedback' GUI is fake. It does nothing. Data is still collected.

P.S. Surprisingly Fedora 32 KDE Spin does not have this. They removed it! Maybe Artix could do it too. I will refuse to use Xfce and Mate and Mutter (or Fedora). They are not for me, neither the set of GTK apps. The case is there will be more like this. First KDE, then Xfce, thne Fluxbox or whatever. It doesn't work this way "go away, use something else". Lets say MS via Linux Foundation (they are member of it, platinum one) sponsors KDE and demands it. Its their biggest competitor. So when you say "don't use it, go away", what does it do to the MS competition? Exactly. MS wins. 20 years of KDE and it was fine. And now this. Then if everyone will go to Xfce and a "sponsor" demands "spyware" situation will be the same: "go away". Where? GNOME 3, jwm? No it doesn't work this way.

There are only like 2 "mother" distros "Debian" and "Arch". MS has only to convince two of them, the rest will follow. And all of them will have spyware. So lets say NSA wants inclusion of systemd. They only need like 4 people: 2 in Debian and 2 in Arch. 1st person from each is the BOSS of the distro, 2nd person of both of this distros is "the head of polls" (does anyone ever made a real polls asking people about init?). Exactly. 4 people and 100s of distro follow.

Re: KDE Spyware

Reply #13
i asked @artoo, if we can/want provide some KDE packages without kuserfeedback, i wait for answer.

But guys, is really so big problem rebuild 2-4 packages without this kuserfeedback??

I did it yesterday and replace archlinux's package...needed 5 minutes for that...so less time as read and answer in this topic  :D

P.S. KDE is opensource,so you can review the sources! you can see what is request from developers. ;-)

Yes it is the biggest problem. Users will never do it. You will have to edic Cmake or whatever, use special fancy flags. If Artix doesn't contain systemd, so it shouldn't contain this "telemetry", which is a PR name for "spyware".

Re: KDE Spyware

Reply #14
I don't think rebuild some KDE packages would be a problem but rebuild the whole plasma is another topic. Our resources are very limited and build the whole KDE is costly. Also, rebuild just some KDE packages could possibly  make Plasma more difficult to upgrade for all those users that are as unfortunate as to make an upgrade while Arch packages have an update but we could not update ours yet.

I didn't read the reddit thread, and I understand some users can feel strongly against this kind of practices I also value my privacy, if KDE is gonna follow this path from now on, I would suggest to move to something else, even if we end maintaining our own packages for it.