Canonical Takes Stand Against Unofficial Ubuntu Images, Reportedly Risky & Insecure

Mark Shuttleworth has written a new blog post where he's outlining a dispute Canonical is having with a European cloud provider over a breach of contract and "publishing insecure, broken images of Ubuntu" for its cloud customers.

With these Ubuntu Cloud unofficial images reportedly being buggy, users are complaining to Canonical/Ubuntu, assuming it's an upstream issue. Having enough of that, they are now preparing for legal steps to remove the unofficial Ubuntu images from the particular cloud provider.

Among the alleged actions by those making shoddy Ubuntu spins, "clouds have baked private keys into their public images, so that any user could SSH into any machine; clouds have made changes that then blocked security updates for over a week; clouds have confused users with image- or kernel-soup, and users have been pushed into building their own images; VMs have had changes that resulted in very slow boot or poor performance; unstable kernels that disable features Ubuntu packages expect to be there."

Those wishing to read Mark's blog post can do so at insights.ubuntu.com, "Taking a stand against unofficial Ubuntu images".

Mark didn't publicly say who is this "European cloud provider" they are targeting, but there is some belief by individuals that it's OVH, especially given some tweets dating back months by the owner of OVH. Meanwhile, resulting from Mark's blog post, well known kernel developer Matthew Garrett has written a blog post that "Ubuntu stll isn't free software" over Canonical's work on clamping down unofficial images.

What do you think of the situation? Share your thoughts with us by commenting on the forums.