Dev creeped out after he fired up Ubuntu VM on Azure, was immediately approached by Canonical sales rep

I always feel like somebody's watching me


Updated An Azure customer was outraged after finding himself on the receiving end of an unexpected LinkedIn message from Ubuntu maker Canonical last night.

The user, Luca Bongiorni, had spun up an instance of the Linux distro on an Azure corporate subscription in order to evaluate some tooling. Sensibly, the subscription is used as a sandbox for the purpose of testing.

Upon clicking "Add new VM", the first option was Ubuntu 18.04, according to Bongiorni, which he selected in order to get his Linux kicks. Shortly after, however, a message turned up from an Enterprise Development representative at Ubuntu with the ominous phrase: "I saw that you spun up an Ubuntu image in Azure," and offering to be a point of contact.

I would not have deployed that if I knew someone would stalk me outside corporate channels

Was Canonical somehow aware of what an Azure customer was doing on the dashboard?

The Register spoke to Bongiorni, who confirmed the sequence of events and noted that "Azure Portal's UI didn't provide any insight on whether that Template was coming with a specific ToS" as he cheerfully chose Ubuntu.

It's a reminder to always check the small print (and icons) as, indeed, the implications of the orange icon were not clear to him. Particularly not that his data would be shared.

"The creepiest thing," he said, "[was] the direct contact on my private LinkedIn account" – which he noted did not share "the same corporate email. Which means that Canonical sales hunted my name down into social medias to reach me directly."

Microsoft and Canonical are certainly good chums. The companies recently boasted of the one-year anniversary of "a partnership that delivers the best and most secure open source for customers" and a co-sell model launched back 2019 that was step up from mere passive engagement.

Certainly, a cold-call message out of the blue would not come under the description of "passive".

While the thought of Canonical's engineers peering over one's virtual shoulder with the tacit approval of Microsoft might appeal, the explanation is likely a little simpler. A look at the terms for the Azure Marketplace throws up this sentence: "If you purchase or use a Marketplace Offering, we may share with the Publisher of such Offering your contact information and details about the transaction and your usage."

A hunt around Ubuntu's legals (as noted by Twitter user @dezren39) shows a whole section giving the company the green light "To market our products or services to you."

Bongiorni reckoned that the sharing of data was "in some ways" understandable when spinning up a third party's template on Azure, but added: "Make it very clear when you are going to pick a specific VM from the Azure Portal UI.

"I would not have deployed that if I knew someone would stalk me outside corporate channels."

Certainly, something a bit clearer than a little orange icon would be useful to indicate the imminent deployment of the stalkerbots. Or maybe just not doing it at all, hmm?

We asked Microsoft and Canonical for comment but have yet to receive an explanation from either. AWS commentator Corey Quinn reacted in colourful fashion:

And Bongiorni? He told us he was considering a switch to a different provider, likely based in Europe, "just to be sure there will be more transparency and more GDPR openness."

He also highlighted a further wrinkle in the story. If Canonical, as an Azure Marketplace Publisher, are handed information about anyone using its templates, could a hypothetical malicious publisher also receive similar?

"I am very curious to know what else these 'publishers' are getting from Microsoft about me and the machines I spun over the time that relied on their templates."

Updated at 1000 UTC on 12 February to add

Following publication of this article, Canonical responded to our calls for comment with a written statement:

"As per the Azure T&Cs, Microsoft shares with Canonical, the publisher of Ubuntu, the contact details of developers launching Ubuntu instances on Azure. These contact details are held in Canonical’s CRM in accordance with privacy rules.

"On February 10th, a new Canonical Sales Representative contacted one of these developers via LinkedIn, with a poor choice of word. In light of this incident, Canonical will be reviewing its sales training and policies."

Microsoft also sent us a canned remark:

"Customer privacy and trust is our top priority at Microsoft. We do not sell any information to third-party companies and only share customer information with Azure Marketplace publishers when customers deploy their product, as outlined in our Terms and Conditions. Our terms with our publishers allow them to provide customers with implementation and technical support for their products but restricts them from using contact details for marketing purposes." ®

Similar topics


Other stories you might like

  • Ransomware encrypts files, demands three good deeds to restore data
    Shut up and take ... poor kids to KFC?

    In what is either a creepy, weird spin on Robin Hood or something from a Black Mirror episode, we're told a ransomware gang is encrypting data and then forcing each victim to perform three good deeds before they can download a decryption tool.

    The so-called GoodWill ransomware group, first identified by CloudSEK's threat intel team, doesn't appear to be motivated by money. Instead, it is claimed, they require victims to do things such as donate blankets to homeless people, or take needy kids to Pizza Hut, and then document these activities on social media in photos or videos.

    "As the threat group's name suggests, the operators are allegedly interested in promoting social justice rather than conventional financial reasons," according to a CloudSEK analysis of the gang. 

    Continue reading
  • Microsoft Azure to spin up AMD MI200 GPU clusters for 'large scale' AI training
    Windows giant carries a PyTorch for chip designer and its rival Nvidia

    Microsoft Build Microsoft Azure on Thursday revealed it will use AMD's top-tier MI200 Instinct GPUs to perform “large-scale” AI training in the cloud.

    “Azure will be the first public cloud to deploy clusters of AMD's flagship MI200 GPUs for large-scale AI training,” Microsoft CTO Kevin Scott said during the company’s Build conference this week. “We've already started testing these clusters using some of our own AI workloads with great performance.”

    AMD launched its MI200-series GPUs at its Accelerated Datacenter event last fall. The GPUs are based on AMD’s CDNA2 architecture and pack 58 billion transistors and up to 128GB of high-bandwidth memory into a dual-die package.

    Continue reading
  • New York City rips out last city-owned public payphones
    Y'know, those large cellphones fixed in place that you share with everyone and have to put coins in. Y'know, those metal disks representing...

    New York City this week ripped out its last municipally-owned payphones from Times Square to make room for Wi-Fi kiosks from city infrastructure project LinkNYC.

    "NYC's last free-standing payphones were removed today; they'll be replaced with a Link, boosting accessibility and connectivity across the city," LinkNYC said via Twitter.

    Manhattan Borough President Mark Levine said, "Truly the end of an era but also, hopefully, the start of a new one with more equity in technology access!"

    Continue reading
  • Cheers ransomware hits VMware ESXi systems
    Now we can say extortionware has jumped the shark

    Another ransomware strain is targeting VMware ESXi servers, which have been the focus of extortionists and other miscreants in recent months.

    ESXi, a bare-metal hypervisor used by a broad range of organizations throughout the world, has become the target of such ransomware families as LockBit, Hive, and RansomEXX. The ubiquitous use of the technology, and the size of some companies that use it has made it an efficient way for crooks to infect large numbers of virtualized systems and connected devices and equipment, according to researchers with Trend Micro.

    "ESXi is widely used in enterprise settings for server virtualization," Trend Micro noted in a write-up this week. "It is therefore a popular target for ransomware attacks … Compromising ESXi servers has been a scheme used by some notorious cybercriminal groups because it is a means to swiftly spread the ransomware to many devices."

    Continue reading
  • Twitter founder Dorsey beats hasty retweet from the board
    As shareholders sue the social network amid Elon Musk's takeover scramble

    Twitter has officially entered the post-Dorsey age: its founder and two-time CEO's board term expired Wednesday, marking the first time the social media company hasn't had him around in some capacity.

    Jack Dorsey announced his resignation as Twitter chief exec in November 2021, and passed the baton to Parag Agrawal while remaining on the board. Now that board term has ended, and Dorsey has stepped down as expected. Agrawal has taken Dorsey's board seat; Salesforce co-CEO Bret Taylor has assumed the role of Twitter's board chair. 

    In his resignation announcement, Dorsey – who co-founded and is CEO of Block (formerly Square) – said having founders leading the companies they created can be severely limiting for an organization and can serve as a single point of failure. "I believe it's critical a company can stand on its own, free of its founder's influence or direction," Dorsey said. He didn't respond to a request for further comment today. 

    Continue reading

Biting the hand that feeds IT © 1998–2022