Linux cannot guarantee your privacy

While what Steven J. Vaughan-Nichols says in this article is mostly true, it is not Linux per se that will protect your privacy, but open source software in general. And even then there are caveats.

Despite being better than the alternatives, Linux by itself cannot guarantee the security of a system.

Allow me to explain.

One of the ingredients of the secret sauce for open source (and, by extension, Linux) is its auditability -- there is little point in including nefarious code in an application if everybody can see what it does. This is especially true of projects with a large, technically-savvy community, like the Linux kernel, or, indeed, Kolab.

However, open source-as-privacy-protection is pointless if you use even one closed source component in your stack. The proverbial weakest link makes the whole stack vulnerable. At Kolab Systems AG, the framework is built exclusively using open source components. There is not an unauditable line of code in the whole setup. But, even then, to be consistent with our mission of protecting our users' data at all costs, we have had to take this philosophy further. We have had to journey into the realms of hardware.

Power8 systems allow third parties to examine and replace all its components and the software they run.

By gradually migrating to Power8, a server platform with open specs and customisable components, we can make sure that, even at the lowest level, there is nothing we cannot inspect and secure ourselves. For us, a company for which our customer's privacy is the most important thing, to discover the OpenPower Foundation was a pretty big deal. Admittedly, the license for the Power hardware would not pass OSI's or the FSF's filter, but, for the effects of guaranteeing auditability and, hence, privacy protection, it is good enough.

Scratch that. It is in fact quite a bit better than 'good enough'. In a field in which open, auditable hardware is so rare; in which it is all but impossible to purchase hardware for personal use without closed and proprietary components embedded within it; and in which the fact that proprietary chips contain software that bleeds user data to outside sources, whether on purpose or by accident, is well-documented, a platform we can examine and customise to make sure every component behaves is a must.

Migrating away from what is currently the industry standard to a whole new hardware platform is neither easy, nor cheap however. But if you are serious about privacy, there is no other choice.

So, yes, Linux can help and is clearly much better than Windows or MacOS X, but in no way is it the be-all and end-all solution for protecting your privacy. To reach a true solution to the privacy conundrum, you are going to have to do more than just install Ubuntu.