[03:17] <lotuspsychje> the direct link to community docs fix has been published in UWN by our UWN friends, tnx again for everyone participating on this matter
[03:17] <lotuspsychje> https://wiki.ubuntu.com/UbuntuWeeklyNewsletter/Issue773
[04:53] <arraybolt3[m]> \o/
[16:45] <ahoneybun[m]> Heyo folks
[18:46] <arraybolt3> o/
[19:15] <teward> Fallen: you around?  gonna need some intervention from your team / Mark RE: APT and the heavy "pro" adverts that'r egoing through and messing with user experience
[19:15] <teward> ... with my CC hat on
[19:16] <leftyfb> +100
[19:16] <teward> because it's come to my attention the community at large is "angry" at Ubuntu/Canonical
[19:17] <teward> and unless Mark puts a stop to the number of overly-annoying commits made on apt in Ubuntu for all the pro advertisement placed *everywhere* you're looking at a brand/community problem
[19:20] <leftyfb> As I've mentioned elsewhere, I love this idea of Canonical going above and beyond patching software outside of their purview. And I understand using pro to help pay for that. I'll be enabling it where I can and suggest others do the same. That said, the messaging about this and the in-your-face message during regular updates was a misstep and conveys the wrong impression. Currently the message translates to:  "Your system is 
[19:20] <leftyfb> insecure. Please enable this commercial product (regardless of price) to keep your system updated"   This will drive away users to other distro's and is going to cause a firestorm in the press, causing more damage to the brand.
[19:20] <arraybolt3> I added a comment on that bug report - the notification almost looks like malware.
[19:21] <arraybolt3> So yeah, if we can get it changed (not removed entirely, mind you - it's benefitial), that would be great. Something to notify users of the option without looking like we're trying to extort them.
[19:21] <leftyfb> I don't think it looks like malware. Though I think the messaging about the pro service doesn't belong there at all. 
[19:22] <arraybolt3> Meh, I see "There are security holes in your system! Sign up for XYZ service to patch them!" as what Potentially Unwanted Programs are notorious for doing on Windows. (Then again Microsoft has released update notifications that also scared users in a similar way, in particular GWX, so...)
[19:23] <leftyfb> I feel the apt, during updates is inadequate to properly tell the story of pro and what services it is actually providing. A URL is also not the right solution. Nobody is going to click on it and they're already ticked off and are going into it with a jaded mindset and are mainly just going to be looking for a way to get the updates they feel they are entitled to or a way to turn off the messaging
[19:25] <leftyfb> It needs to be removed
[19:27] <leftyfb> I see no adequate way to explain "Canonical has a commercial product that patches community software, something that has never been done before. This is a new benefit only available to pro users. You will continue to get regular security updates" in a way that won't annoy or alarm people. Not in this context 
[19:28] <Fallen> Sorry, at conferences so super busy. aaronprisk might be able to help. I know there has been some iteration on the messaging, but we are happy to help distill community feedback. 
[19:28] <leftyfb> ignoring the message is also an inadequate response to this oversight 
[19:33] <teward> Fallen: well, I've emailed you and Mark
[19:33] <teward> because I finally caught up on statements Julian made regarding my voicing of opinions
[19:34] <teward> and I take personal offense to his attitude, which is **very** dangerous ground to be on because his words are tantamount to accusing an IT Security Professional and "IT Security" at large of not knowing what they're talking about with his wording
[19:34] <teward> which is an even more egregious offense
[19:34] <teward> so I've emailed you Fallen and SABDFL in the To field with my concerns, and CC'd the Community Council list as well
[19:35] <teward> and regarding my personal offense to his attitude, I'm going to raise this as a "Personal Complaint against Canonical" issue to the point that Canonical HR will need to do some "attitude adjustment" towards Julian in this matter
[19:35] <arraybolt3> teward: Dang, they might just not have known what you do for a living.
[19:35] <teward> (basically, the argument is defined by him as "but this makes things more secure" and you're arguing Security vs. End User Impact with someone who balances that on the daily)
[19:36] <arraybolt3> FWIW I did back you up, but no need to go on the war path :P
[19:36] <teward> arraybolt3: blatantly laid out in my Launchpad profile
[19:36] <teward> takes him 5 seconds to realize that
[19:36] <teward> so if I get a contact at Canonical HR (I have Legal's contact already), I'm happy to lodge THAT as a personal complaint against him
[19:37]  * arraybolt3 would have never thought to check someone's LP profile
 "I feel the apt, during updates..." <- If there was a more generalized message encouraging users to check out Ubuntu Pro sans the potentially confusing messaging about security, would that be preferable in your view?
[19:39] <aaronprisk[m]> Ideally there would be some middle ground where the benefits of Pro can still be made known without leading to community frustration and confusion. 
[19:39] <teward> aaronprisk[m]: with an emphasis on "Free for personal users"
[19:39] <leftyfb> aaronprisk[m]: yes
[19:39] <leftyfb> aaronprisk[m]: the service is great
[19:39] <teward> aaronprisk[m]: the current community impact from all the apt stuff and hgeavy handed advertisements is the only place you see "free for personal use and 5 machines" is the end of the Ubuntu Pro pages
[19:39] <leftyfb> the choice of messaging and messaging platform is poor
[19:39] <teward> not mentioned anywhere else
[19:39] <teward> so the **messaging** and PLATFORM need to change
[19:39] <aaronprisk[m]> teward: Right.
[19:40] <leftyfb> aaronprisk[m]: to be clear, NOT during regular apt updates. Ads have no business in such a critical context.
[19:42] <leftyfb> messaging during updates is either, "these are your updates" "updates installed perfectly fine" or "something went wrong with your updates". Add a sense of security to each of those messages. Advertisements do not belong
[19:43] <leftyfb> put another way, messaging from apt is either predictable and benign, or conveys a message that something is wrong
[19:45] <aaronprisk[m]> leftyfb: From an end user/former sysadmin viewpoint, I can definitely see your point.
[19:45] <leftyfb> I also understand that advertising in OSS is very hard
[19:46] <leftyfb> and is usually met with pushback from the community. But this was honestly probably one of the worst ways to go about it.
[19:49] <aaronprisk[m]> I think the community feedback here is important. I appreciate you all sharing your thoughts. As I mentioned, I think going to the team with a viable alternative is also valuable. Whether that's simply an motd message with more precise language or something else.
[19:51] <arraybolt3[m]> IMO adding info about Ubuntu Pro to the MOTD and removing it from apt might be fantastic (and maybe also add it to the welcome wizard that users go through when they're first booting up Ubuntu after installing it? Maybe right next to the Livepatch option?). That will get it where it needs to be seen, and won't annoy users (at least as much).
[19:52] <arraybolt3[m]> Shoot, if we just put Ubuntu Pro everywhere Livepatch used to be advertised, that almost certainly would go over well (people already live with the Livepatch notices just fine), and Ubuntu Pro includes Livepatch anyway!
[19:52] <ahoneybun[m]> I was actually thinking of on the slideshow as well! 
[19:52] <leftyfb> aaronprisk[m]: again, apt is the wrong place for ads. It has no business there. It's too critical regardless of the relation to the product
[19:53] <leftyfb> MOTD would be worlds better, but I know there's already been pushback from the community on that front. 
[19:54] <teward> aaronprisk[m]: also
[19:54] <teward> i would like to draw attention to a potential CoC violation from Julian's public comments here
[19:55] <teward> https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1992026/comments/28
[19:55] <teward> "You don't seem to understand" to a member of the CC, who is also a Core Developer who definitely understands Security impact on things, is a very aggressive and very non-CoC-compliant way of approaching an opinion
[19:55] <teward> and when that's in the public eye, that draws additional ire
[19:56] <teward> so whether I take personal offense or not here, this is a case where Julian's skirting against the CoC in tone with comments
[19:56] <leftyfb> it's taking the marketing message of pro a little too far
[19:56] <teward> which I'm pretty sure could be handled as a Canonical HR level issue if the CC wishes to raise it as one (it's been done before)
[19:56] <leftyfb> every application is insecure. It's just a matter of time. 
[19:57] <teward> aaronprisk[m]: so, basically, unless Mark or the CCT (Canonical Community Team) elevates this to a critical level of concern regarding Community impact, the user base as a whole - the community - will not be taking this lightly
[19:57] <teward> and we know that Mark is definitely open to listening to Community level critical concerns when they affect the wider userbase as a whole
[19:57] <teward> agreed apt is NOT the proper place to do this advertising
[19:57] <teward> and unless it gets top-down intervention there's nothing stopping Julian or otehrs from adding to the weight levels of the advertisements
[19:58] <teward> cc Eickmeyer who is a strong proponent of my opinion as Ubuntu Studio and Edubuntu driver.
[19:58] <teward> (so its far more widespread because this shows in all flavors as well)
[19:59] <teward> s/and unless/but unless/
[19:59] <arraybolt3> (And may I point out that the flavors don't have an easy spot to turn on Ubuntu Pro the way that Ubuntu Desktop does, so it's even more of an impediment to flavors because it leaves users concerned *and* confused as to how to enable Pro if they choose to.)
[19:59] <teward> ^^ that
[19:59] <teward> so you're also impacting Flavor UX as a whole because there's no easy way to enable Pro on flavors except by command line AND confuses people
[19:59] <teward> so when I'm saying that this is a community wide level critical concern - regardless of Julian's opinion - I'm not lying
[20:00] <leftyfb> it's starting to make it's way through the community and it one step away from being on OMG and HN. It's already hit reddit, fortunately, there's an upvoted reply with a good explanation. But that only goes so far
 "i would like to draw attention..." <- Thank you for letting me know. I'll make sure to discuss it further with Fallen once he has returned from his conference time.
[20:00] <ahoneybun[m]> I feel like Flavors shouldn't even have it anyway since they only get 3 years for LTS releases for the most part anyway.
[20:01] <teward> aaronprisk[m]: i'll forward it to you as well
[20:01] <teward> if you want to address it before Fallen returns
[20:01] <teward> because it really does need rapid intervention
[20:02] <arraybolt3> (I just dug around in Ubuntu Desktop, and actually they have an easy bitton for enabling Livepatch, but not Ubuntu Pro? So that may be another thing to think about - maybe add a way to enable Ubuntu Pro on Ubuntu Desktop from within Software and Updates.)
[20:02] <arraybolt3> *button, not bitton
[20:04] <teward> now, i haven't eaten yet today, nor had enough coffee, and I need to relax, so I'm going to disappear for a long relaxing shower, if you wantme to include you aaronprisk[m] on the email DM me your email and I'll redirect the message to you so you're in the loop as well
[20:04] <aaronprisk[m]> teward: Will do. Thank you teward 
[20:06] <aaronprisk[m]> arraybolt3: That is something I may inquire about from my side. It may already be on the desktop team's radar. I don't know for sure though.
[20:08] <aaronprisk[m]> Eickmeyer: as a flavor lead, what's the ideal path for your users to take advantage of Ubuntu Pro? I'd like to gauge your thoughts as well.
[20:08] <aaronprisk[m]> ahoneybun: as well
[20:09] <Eickmeyer[m]> That's difficult, because the tooling in 22.04 doesn't exist, and 20.04 goes EOL for flavors in 2 months.
[20:09] <Eickmeyer[m]> (for KDE Plasma)
[20:09] <Eickmeyer[m]> The tooling for KDE Plasma, that is.
[20:09] <ahoneybun[m]> I don't know if there is, it seems more for businesses that need longer support but it doesn't really help flavors due to our shortly life cycle for LTS releases
[20:09] <ahoneybun[m]> I guess it would make it easier to match a normal Ubuntu LTS?
[20:11] <Eickmeyer[m]> Somebody, somewhere, forgot that flavor LTS's automatically go EOL at 3 years.
[20:11] <Eickmeyer[m]> So, does Pro apply to flavors? I don't know!
[20:12] <Eickmeyer[m]> This is all extremely frustrating.
[20:12] <ahoneybun[m]> I didn't know about Pro until the message confused a customer (putting on System76 hat on). 
[20:12] <aaronprisk[m]> Eickmeyer[m]: I'm going to ask for some clarity on this from my side.
[20:14] <arraybolt3[m]> ESM probably doesn't apply to flavors, but I would think Pro would, since the insecure packages (i.e., Imagemagick) are installed on flavors.
[20:14] <Eickmeyer[m]> aaronprisk[m]: Yeah. Flavors have traditionally only gone 3-year LTS since we have significantly less resources to maintain two LTS's for a significant amount of time, let alone 3 at a time, and don't even offer extended support.
[20:14] <arraybolt3[m]> I get the Ubuntu Pro "warning" on Ubuntu Studio 22.04.
[20:15] <aaronprisk[m]> arraybolt3[m]: Noted. If Pro isn't intended for flavor use, that's a pretty glaring issue.
[20:15] <Eickmeyer[m]> arraybolt3[m]: As ahoneybun stated, it even happens on Pop!_OS.
[20:16] <ahoneybun[m]> Well that was Ubuntu as we have very few packages from Ubuntu.
[20:16] <ahoneybun[m]> We also have our own fork of apt I think?
[20:16] <Eickmeyer[m]> Ah, nvm then.
[20:17] <Eickmeyer[m]> Even so, that can be confusing when System76 has their own support.
[20:20] <ahoneybun[m]> This one is odd:... (full message at <https://libera.ems.host/_matrix/media/v3/download/libera.chat/638feeee1c9088a200f57d62e9450141603be73b>)
[20:20] <arraybolt3[m]> > <@ahoneybun:matrix.org> This one is odd:... (full message at <https://libera.ems.host/_matrix/media/v3/download/libera.chat/a138f8379f35052321d89dc64422bf770c7314b6>)
[20:21] <arraybolt3[m]> That's what I called the Ubuntu Pro "warning". (It's not really a warning but it comes across that way.)
[20:21] <ahoneybun[m]> I got into this talk at the rear of it I think but I certainly have heard about Ubuntu Pro but not in that it's a great offer, though in theory it can certainly be for the right person or group.
[20:22]  * arraybolt3[m] wonders how this affects KDE neon?
[20:30] <Eickmeyer[m]> It's literally an ad, part of the apt code. It's not actually a warning. It's made to look like a security warning, and it's a scare tactic, as I said in the above-mentioned bug report.
[21:56] <aaronprisk[m]> Thank you all for the feedback so far. If you can provide me with any additional insight as to how these changes impact your users, and the community as a whole, it will allow us to have a more cohesive community message that we can present. Keep in mind, I'm not promising any changes, but a unified message helps us better represent you all.
 "Thank you all for the feedback..." <- arraybolt3's comment here, second paragraph, sums up the message I'd like to see nicely: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1992026/comments/30