[clug] browser connection question

Eyal Lebedinsky eyal at eyal.emu.id.au
Sun Aug 16 09:35:00 UTC 2015

On 16/08/15 12:42, csirac2 at gmail.com wrote:
> Sent from my android device.
> -----Original Message-----
> From: Eyal Lebedinsky <eyal at eyal.emu.id.au>
> To: list CLUG <linux at lists.samba.org>
> Sent: Sun, 16 Aug 2015 12:07
> Subject: [clug] browser connection question
>> About 3 minutes later I see a connection
> "CONNECT duckduckgo.com:443 HTTP/1.1" 200 257620
>> The log shows activity without delay and the messages are timestamped anyway.
>> What is causing this? I expected the closed tab to be done with this site.
> Could it be related to the fact that this is selected as your search provider (ctrl+k search thingy?) I'm not saying this is an excuse, but might just be an accident of lazy implementation of some unused/unimportant feature.

Never used ctrl+k and do not use a search provider.

I tried the same by accessing google.com. Again, without doing any search. One minute after I
closed that tab I see another request to google.com. Same with yahoo.com. Bing not showing this.

Simple URLs access does not show this behaviour.

>> <OT> As an aside, I see a connection to www.eff.org:443 every 5 minutes. And I thought
>> I disabled all those pesky features. Sad to see Mozilla diverging so far from the
> original manifesto of openness and treating the user as in charge.</OT>
> This is why there are whole distro's built around protecting information leakage: it really does take an expert to configure such things these days. Most famous is Tails [1], but I think Whonix [2] is much stronger technically, and they've received funding re recently to do QubesOS integration [3].
> You really need to build your browser with WebRTC support disabled, fiddle with config etc. If you really want to stop your PC from being so chatty :/
> [1] http://tails.boum.org/
> [2] http://whonix.org/
> [3] http://blog.invisiblethings.org/2015/06/04/otf-funding-announcement.html

Yes, I get it, and I am saying that life would be so much nicer if one did not need to fight
all the time, especially with Mozilla which was promoted as being on my side.

I marked it <OT> because it was just a sigh of frustration. I just spent some time disabling
firefox config items to stop gratuitous connections that are really supposed to opt-ins, are
poorly documented and require fiddling with about:config. Some need blocking in my proxy and
some may need stronger measures yet. And there are more of these with each release.


Eyal Lebedinsky (eyal at eyal.emu.id.au)

More information about the linux mailing list