[clug] browser connection question

Eyal Lebedinsky eyal at eyal.emu.id.au
Sun Aug 16 09:35:00 UTC 2015 

On 16/08/15 12:42, csirac2 at gmail.com wrote:
>
>
> Sent from my android device.
>
> -----Original Message-----
> From: Eyal Lebedinsky <eyal at eyal.emu.id.au>
> To: list CLUG <linux at lists.samba.org>
> Sent: Sun, 16 Aug 2015 12:07
> Subject: [clug] browser connection question
>
>> About 3 minutes later I see a connection
> "CONNECT duckduckgo.com:443 HTTP/1.1" 200 257620
>> The log shows activity without delay and the messages are timestamped anyway.
>>
>> What is causing this? I expected the closed tab to be done with this site.
>
> Could it be related to the fact that this is selected as your search provider (ctrl+k search thingy?) I'm not saying this is an excuse, but might just be an accident of lazy implementation of some unused/unimportant feature.

Never used ctrl+k and do not use a search provider.

I tried the same by accessing google.com. Again, without doing any search. One minute after I
closed that tab I see another request to google.com. Same with yahoo.com. Bing not showing this.

Simple URLs access does not show this behaviour.

>> <OT> As an aside, I see a connection to www.eff.org:443 every 5 minutes. And I thought
>> I disabled all those pesky features. Sad to see Mozilla diverging so far from the
> original manifesto of openness and treating the user as in charge.</OT>
>
> This is why there are whole distro's built around protecting information leakage: it really does take an expert to configure such things these days. Most famous is Tails [1], but I think Whonix [2] is much stronger technically, and they've received funding re recently to do QubesOS integration [3].
>
> You really need to build your browser with WebRTC support disabled, fiddle with config etc. If you really want to stop your PC from being so chatty :/
>
> [1] http://tails.boum.org/
> [2] http://whonix.org/
> [3] http://blog.invisiblethings.org/2015/06/04/otf-funding-announcement.html

Yes, I get it, and I am saying that life would be so much nicer if one did not need to fight
all the time, especially with Mozilla which was promoted as being on my side.

I marked it <OT> because it was just a sigh of frustration. I just spent some time disabling
firefox config items to stop gratuitous connections that are really supposed to opt-ins, are
poorly documented and require fiddling with about:config. Some need blocking in my proxy and
some may need stronger measures yet. And there are more of these with each release.

cheers

-- 
Eyal Lebedinsky (eyal at eyal.emu.id.au)

More information about the linux mailing list