Luca Bongiorni, Security Advisor, posted on his Twitter something that happened to him and that has questioned the privacy of users when use Ubuntu Linux instances in Azure. Specifically, Bongiorni reported that he created an Ubuntu 18.04 instance in Azure and that three hours later an Ubuntu business development salesperson wrote to him through his LinkedIn profile.
This entrepreneur told him in his short message that he had seen that he had launched Ubuntu in Azure and said that it would be his “point of contact for anything Ubuntu related in the company”And asking the advisor if he was looking for a specific project within the Canonical platform, Ubuntu developer company.
Many Twitter users questioned the veracity of the information provided by Bongiorni, to which he responded by recording the screen of his mobile showing how the message he posted was on his LinkedIn profile.
For the folks that think is a fake ... pic.twitter.com/ekvYkhE5Xf- ＣｙｂｅｒＡｎｔａｎｉ (@LucaBongiorni) February 10, 2021
Canonical's response: sales policies of salespeople will need to be reviewed
According to ZDnet, Canonical has issued a statement regarding this matter explaining that "according to the terms and conditions of Azure, Microsoft share with Canonical, the publisher of Ubuntu, the contact details of the developers that launch Ubuntu instances on Azure. These contact details are kept in Canonical's CRM in accordance with the privacy rules ”.
This release also acknowledged that “on February 10, a new Canonical sales representative contacted one of these developers via LinkedIn, with a poor choice of words. In light of this incident, Canonical will review your training and sales policies”.
Bongiorni said that he doesn't blame the Canonical sales rep. "He's just done what he's been told to do. The problem is with top management, I guess." The Register has published an interview with Luca Bongiorni after he related this story on Twitter, where the security adviser said he is considering take your tasks to a supplier based in Europe "Just to be sure there will be more transparency and the Data Protection Law is applied."