Privacy disrespected (by default)
Reported by
stu...@anchev.net,
Dec 16 2017
|
||||||
Issue descriptionPRIVACY ISSUE Chromium communicates with hosts behind the scenes without user consent, without any tabs open and even with browser privacy settings strengthened to the maximum. VERSION: Chrome Version: chromium-63.0.3239.84-127.1.x86_64 (from official openSUSE Leap 42.3 repo) Operating System: openSUSE Leap 42.3 REPRODUCTION STEPS 1. mv ~/.config/chromium ~/.config/chromium-backup 2. chromium --disk-cache-dir=/dev/null --show-component-extension-options Do not login to any account 3. chrome://settings/ Show home button = OFF Search engine used in address bar = https://duckduckgo.com/?q=%s On startup: Open a specific page or set of pages = about:blank Set all these to OFF: - Use a web service to help resolve navigation errors - Use a prediction service to help complete searches and URLs typed in the address bar - Use a prediction service to load pages more quickly - Automatically send some system information and page content to Google to help detect dangerous apps and sites - Protect you and your device from dangerous sites - Continue running background apps when Chromium is closed Send a "Do Not Track" request with your browsing traffic = ON Ask where to save each file before downloading = ON 4. chrome://settings/content Disable all these: chrome://settings/content/cookies chrome://settings/content/location chrome://settings/content/camera chrome://settings/content/microphone chrome://settings/content/notifications chrome://settings/content/javascript chrome://settings/content/flash chrome://settings/content/backgroundSync chrome://settings/content/automaticDownloads chrome://settings/content/unsandboxedPlugins chrome://settings/content/midiDevices chrome://settings/content/protectedContent 5. chrome://settings/clearBrowserData -> Advanced -> Clear everything 6. Close the browser 7. Turn off any additional network services such as ntpd and similar (to prevent "poluting" the tcpdump monitoring with external data) 8. Reboot and login to Plasma desktop. Do not start any applications. 9. In a console run: # tcpdump -i eth1 -l > /tmp/tcpdump.log & tail -f /tmp/tcpdump.log 10. Start chromium chromium --disk-cache-dir=/dev/null --show-component-extension-options 11. Watch tcpdump output EXPECTED No communication with any host. Even without all the "strengthening" explained above - full privacy should be there by default. ACTUAL tcpdump shows that some "chattering" begins (connections to googleapis.com and other hosts). Attaching excerpt. This is an issue because the hosts on the other side of the wire are practically informed about what the user does (starts the browser), maybe also some other info is sent (I am not an expert to investigate further). It results in a form of telemetry which happens without user knowledge and approval.
,
Dec 18 2017
On the first on dump: Chrome downloads a list of languages supported by translate at runtime. This is a cookieless request but there is currently no way to disable it. On the second dump: This is Chrome's attempt to check whether you are behind a proxy that requires you to enter a password like what you see a lot in hotels. Chrome sends DNS lookup requests to random names. If they all resolve to the same address, it is very likely that the router of the hotel redirects you to a page where you have to accept terms of service, or login, or pay for internet. In this case, Chrome can ask you to login once instead of trashing all your tabs. I guess your feature request boils down to "Create a setup in Chrome such that not network communication happens in the background." I acknowledge this feature request but don't think that it is very likely to become a priority soon.
,
Dec 18 2017
To clarify: I am testing Chromium, not Google Chrome. As far as I know (and I hope) there is a difference and because of that difference one may prefer the former. Why does it check proxy settings considering that in settings it is explicit that there is no proxy? (see attachment) Also why is Freedom 0 low priority for a FOSS? https://www.gnu.org/philosophy/free-sw.en.html > "In this freedom, it is the user's purpose that matters, not the developer's purpose;" Your guess is correct but it is partial. The actual request is summarized in the first expected section. By default on first run there should be no background communication whatsoever. If any communication with a host different from the actual URL which the user types is necessary, it must happen after user agreement. No lengthy legal terms, just a simple sentence in layman terms. Example: - Do you allow Chromium to connect to Google (translate.google.com) to check supported languages? [y/N] - Do you allow Chromium to store cookies for this site? [a/y/N] ... similar for all other settings. This is the proper way to ensure Freedom 0. Of course this may have slight usability implications but this can easily be resolved if on first run there are for example 2 buttons: 1. I want to have full control over my browser (recommended) 2. I want to use default settings (includes automatic background connections to google.com and ... <list of hosts>, there should be a resume of what it means, again - short, in layman terms)
,
Dec 18 2017
Regarding proxy: I should have said "gateway". The hotel paywalls are typically not implemented by SOCKS proxies... Therefore, the proxy settings don't apply. I think that you should acknowledge that your perception is also biased. I would say that the vast majority of users does not care a lot about cookieless requests that download static files and that a) the cost of extra questions that are hard to understand (reminds me a bit of `make menuconfig` of the Linux kernel) is not negligible and, more importantly b) the return of investment is bigger in other areas. If you feel passionate about this and have the resources to design and implement this, you can write a design doc and send it to chromium-dev@chromium.org as an intent to implement.
,
Dec 18 2017
Thanks for explaining. The majority of users are not network (or computer) experts and cannot possibly care as they simply don't understand the implications of all this. So it is the job and responsibility of the experts to take care of the user, not to simply rely on his negligence or ignorance. Just like it is the job of the mother to take care of the child who still doesn't know a lot of things. Just like a responsible person would take care to help the blind person cross the street. I don't know why you consider this biased. It is quite sane and ethical. Could you please provide some guidelines/examples about what kind of design doc is necessary? I don't know what resources you mean also. So please explain. I may be interested.
,
Dec 18 2017
I guess what's needed are: - An analysis of alternatives (you could do a first run flow and settings, use an extension, use command-line parameters, use compiler settings). - An analysis of the costs in terms of UI complexity, code complexity and compatibility to the core principles (https://www.chromium.org/developers/core-principles) - I guess in particular simplicity would be affected (chrome://settings won't be extended with a hundred checkboxes for sure) and binary size for translated strings. - A commitment to implement the necessary changes for every piece of code that creates network requests. You can find them by searching for the functions in this header: https://cs.chromium.org/chromium/src/net/traffic_annotation/network_traffic_annotation.h I would estimate the effort to be about 6-12 months of a full time engineer. You can also search for "ungoogled-chromium" and see whether this works for you. But you may be trading in security. I don't know how well they are able to track security fixes, how they deal with SafeBrowsing, etc..
,
Dec 18 2017
Thanks for explaining. I understand the rationale of what you explain but I am not a developer so most of this is beyond what I can do. Of course I still hope this will be implemented. Meanwhile: 1. Considering your explanations I suppose (and please correct me if I am wrong) that after step 12 and as in the second dump, there are no actual connections to Google hosts but the DNS requests are sent to the DNS server specified in OS network settings. If that is so - this means that after step 12 everything is reasonably (not absolutely) private. So as a temporary measure/workaround (until a better implementation happens): How can the settings made in the steps outlined above be propagated to /etc/chromium/master_preferences (which I suppose controls the default preferences?) 2. Re. SafeBrowsing and other services requiring connections to Google (or other companies?): Is there a way to anonymize these particular service connections? That would practically mean "ungoogled-chromium" as there will be no direct connection between the user and Google/affiliates.
,
Dec 18 2017
@1 You are correct that the DNS requests go to the DNS server specified in your OS network settings. I cannot guarantee that after step 12 there are no more connections to Google. That would require auditing the entire code base. But I think that after that everything is reasonably private. I am not familiar with /etc/chromium/master_preferences but you can try enterprise policies: https://www.chromium.org/administrators/linux-quick-start @2 The default SafeBrowsing (i.e. without "Automatically send some system information and page content to Google to help detect dangerous apps and sites") uses cookies that are kept in memory, scoped to the lifetime of a browser session, and not shared with your profile. You can find details here: https://www.google.com/intl/en/chrome/browser/privacy/whitepaper.html#malware If you disagree with this, you can only disable SafeBrowsing, there is no way to customize it.
,
Dec 18 2017
Thank you. I will look at all that. I will remain subscribed and hopefully in 2018 we can see some implementation for the acknowledged request.
,
Jan 12 2018
New findings: Opening settings://<whatever> sends packets to translate.google.com (although translation is turned off).
,
Jan 12 2018
Hi, In this specific test, the reason is Chrome tries to load the list of available languages for translation, even though this is not still enabled. I agree it is better not to be done before translation is activated, but it does not send any user data.
,
Jan 12 2018
> but it does not send any user data. Isn't the IP address user data? The big question here is: can one use Chromium without ever having to send a single packet to Google or to any other company unless one explicitly chooses to do so.
,
Jan 14 2018
I agree with you, as long as it is not needed, nothing should be sent. I will follow up this case.
,
Jan 15 2018
I asked about it, the list of languages are required to show the translation menu for manually triggered translations. The settings option just disables the automatic translation suggestions.
,
Jan 15 2018
Thank you. I still maintain that it is needed the program to be fully privacy respecting, i.e. it must be possible to have a setting which ensures zero packets sent to third parties and communication only with the website which the user types. I have tested various browsers. Firefox (and all its forks) doesn't have that and Mozilla refuses to pay attention to it. Things are even worse in Brave browser. So far the only browsers (tested) which show zero packet 3rd party connections are Konqueror, Midori, lynx. I am not mentioning Tor because it is a special case (everything there is communicated anonymously). So Chromium seems a good candidate to be one of the privacy respecting browsers if proper attention is paid to this. I hope you can consider this and hopefully give it a higher priority.
,
Jan 16 2018
,
May 2 2018
[~]: rpm -q chromium
chromium-66.0.3359.139-155.1.x86_64
Run chromium with an empty profile with these settings:
Disabled:
chrome://settings/content/cookies
chrome://settings/content/location
chrome://settings/content/camera
chrome://settings/content/microphone
chrome://settings/content/notifications
chrome://settings/content/javascript
chrome://settings/content/flash
chrome://settings/content/backgroundSync
chrome://settings/content/automaticDownloads
chrome://settings/content/unsandboxedPlugins
chrome://settings/content/midiDevices
chrome://settings/content/protectedContent
chrome://settings/languages - disable spell check and translation
chrome://settings/cloudPrinters
chrome://inspect/#devices
Disable "Discover USB devices" and "Discover network targets"
chrome://flags/#disable-hyperlink-auditing = disabled
chrome://flags/#shared-array-buffer = disabled
chrome://flags/#enable-site-per-process = enabled
chrome://settings/onStartup
Open a specific page or set of pages: about:blank
chrome://settings/privacy
Disable:
Use a web service to help resolve navigation errors
Use a prediction service to help complete searches and URLs typed in the address bar
Use a prediction service to load pages more quickly
Automatically send some system information and page content to Google to help detect dangerous apps and sites
Protect you and your device from dangerous sites
Enable:
Send a "Do Not Track" request with your browsing traffic
chrome://settings/searchEngines
Set default search engine to nothing: https://%s
Start the program:
chromium --password-store=gnome --disk-cache-dir=/dev/null --show-component-extension-options -incognito
IP pc.48737 > 239.255.255.250.ssdp: UDP, length 167
IP pc.mdns > 224.0.0.251.mdns: UDP, length 40
IP pc.48737 > 239.255.255.250.ssdp: UDP, length 167
IP pc.mdns > 224.0.0.251.mdns: UDP, length 40
IP pc.48737 > 239.255.255.250.ssdp: UDP, length 167
IP pc.48737 > 239.255.255.250.ssdp: UDP, length 167
IP pc.mdns > 224.0.0.251.mdns: UDP, length 40
netstat:
udp 0 0 *:mdns *:* 28861/chromium
udp 0 0 *:mdns *:* 28861/chromium
Go to chrome://settings/
IP pc.55534 > fra16s13-in-f10.1e100.net.https: tcp 0
IP pc.55534 > fra16s13-in-f10.1e100.net.https: tcp 0
IP pc.55534 > fra16s13-in-f10.1e100.net.https: tcp 208
IP pc.55534 > fra16s13-in-f10.1e100.net.https: tcp 0
IP pc.55534 > fra16s13-in-f10.1e100.net.https: tcp 93
IP pc.55534 > fra16s13-in-f10.1e100.net.https: tcp 93
IP pc.55534 > fra16s13-in-f10.1e100.net.https: tcp 228
IP pc.55534 > fra16s13-in-f10.1e100.net.https: tcp 0
IP pc.55534 > fra16s13-in-f10.1e100.net.https: tcp 38
IP pc.55534 > fra16s13-in-f10.1e100.net.https: tcp 0
IP pc.55534 > fra16s13-in-f10.1e100.net.https: tcp 0
IP pc.55534 > fra16s13-in-f10.1e100.net.https: tcp 46
Type 'translate' in search field:
IP pc.46816 > fra16s13-in-f3.1e100.net.https: tcp 0
IP pc.46816 > fra16s13-in-f3.1e100.net.https: tcp 0
IP pc.46816 > fra16s13-in-f3.1e100.net.https: tcp 199
IP pc.46816 > fra16s13-in-f3.1e100.net.https: tcp 0
IP pc.46816 > fra16s13-in-f3.1e100.net.https: tcp 0
IP pc.46816 > fra16s13-in-f3.1e100.net.https: tcp 93
IP pc.46816 > fra16s13-in-f3.1e100.net.https: tcp 93
IP pc.46816 > fra16s13-in-f3.1e100.net.https: tcp 194
IP pc.46816 > fra16s13-in-f3.1e100.net.https: tcp 0
IP pc.46816 > fra16s13-in-f3.1e100.net.https: tcp 38
IP pc.46816 > fra16s13-in-f3.1e100.net.https: tcp 0
IP pc.46816 > fra16s13-in-f3.1e100.net.https: tcp 0
IP pc.46816 > fra16s13-in-f3.1e100.net.https: tcp 46
Do nothing:
IP pc.55534 > fra16s13-in-f10.1e100.net.https: tcp 0
IP pc.46816 > fra16s13-in-f3.1e100.net.https: tcp 0
IP pc.55534 > fra16s13-in-f10.1e100.net.https: tcp 0
IP pc.57345 > 239.255.255.250.ssdp: UDP, length 167
IP pc.57345 > 239.255.255.250.ssdp: UDP, length 167
IP pc.57345 > 239.255.255.250.ssdp: UDP, length 167
IP pc.57345 > 239.255.255.250.ssdp: UDP, length 167
IP pc.46816 > fra16s13-in-f3.1e100.net.https: tcp 0
IP pc.55534 > fra16s13-in-f10.1e100.net.https: tcp 0
IP pc.36249 > 239.255.255.250.ssdp: UDP, length 167
IP pc.46816 > fra16s13-in-f3.1e100.net.https: tcp 0
IP pc.36249 > 239.255.255.250.ssdp: UDP, length 167
IP pc.36249 > 239.255.255.250.ssdp: UDP, length 167
IP pc.36249 > 239.255.255.250.ssdp: UDP, length 167
IP pc.55534 > fra16s13-in-f10.1e100.net.https: tcp 0
netstat:
tcp 0 0 pc:55534 fra16s13-in-f234.:https ESTABLISHED 29183/chromium
tcp 0 0 pc:46816 fra16s13-in-f3.1e:https ESTABLISHED 29183/chromium
udp 0 0 *:mdns *:* 29183/chromium
Exit chromium:
IP pc.46816 > fra16s13-in-f3.1e100.net.https: tcp 0
IP pc.46816 > fra16s13-in-f3.1e100.net.https: tcp 0
netstat:
tcp 0 0 pc:46816 fra16s13-in-f3.1e:https TIME_WAIT -
Start chromium again after the socket dies:
IP pc.44800 > 239.255.255.250.ssdp: UDP, length 167
IP pc.mdns > 224.0.0.251.mdns: UDP, length 40
IP pc.44800 > 239.255.255.250.ssdp: UDP, length 167
IP pc.mdns > 224.0.0.251.mdns: UDP, length 40
IP pc.44800 > 239.255.255.250.ssdp: UDP, length 167
IP pc.44800 > 239.255.255.250.ssdp: UDP, length 167
IP pc.mdns > 224.0.0.251.mdns: UDP, length 40
netstat:
udp 0 0 *:mdns *:* 30236/chromium
udp 0 0 *:mdns *:* 30236/chromium
fsf.org/robots.txt
IP pc.34188 > www.fsf.org.http: tcp 0
IP pc.34188 > www.fsf.org.http: tcp 0
IP pc.34188 > www.fsf.org.http: tcp 372
IP pc.34188 > www.fsf.org.http: tcp 0
IP pc.60078 > www.fsf.org.https: tcp 0
IP pc.60078 > www.fsf.org.https: tcp 0
IP pc.60078 > www.fsf.org.https: tcp 191
IP pc.60078 > www.fsf.org.https: tcp 0
IP pc.60078 > www.fsf.org.https: tcp 0
IP pc.60078 > www.fsf.org.https: tcp 0
IP pc.60078 > www.fsf.org.https: tcp 318
IP pc.60078 > www.fsf.org.https: tcp 405
IP pc.60081 > www.fsf.org.https: tcp 0
IP pc.60078 > www.fsf.org.https: tcp 0
IP pc.60081 > www.fsf.org.https: tcp 0
IP pc.60081 > www.fsf.org.https: tcp 195
IP pc.60081 > www.fsf.org.https: tcp 0
IP pc.60081 > www.fsf.org.https: tcp 0
IP pc.60081 > www.fsf.org.https: tcp 318
IP pc.60081 > www.fsf.org.https: tcp 409
IP pc.60081 > www.fsf.org.https: tcp 0
IP pc.60081 > www.fsf.org.https: tcp 375
IP pc.60081 > www.fsf.org.https: tcp 0
IP pc.54640 > svnweb.fsf.org.https: tcp 0
IP pc.54640 > svnweb.fsf.org.https: tcp 0
IP pc.54640 > svnweb.fsf.org.https: tcp 198
IP pc.54640 > svnweb.fsf.org.https: tcp 0
IP pc.54640 > svnweb.fsf.org.https: tcp 326
IP pc.54640 > svnweb.fsf.org.https: tcp 426
IP pc.54640 > svnweb.fsf.org.https: tcp 0
Page loaded. Do nothing:
IP pc.54640 > svnweb.fsf.org.https: tcp 0
IP pc.54640 > svnweb.fsf.org.https: tcp 0
netstat:
tcp 0 0 pc:60081 www.fsf.org:https ESTABLISHED 30236/chromium
tcp 0 0 pc:60078 www.fsf.org:https ESTABLISHED 30236/chromium
tcp 0 0 pc:34188 www.fsf.org:www-http ESTABLISHED 30236/chromium
tcp 38 0 pc:54640 svnweb.fsf.org:https CLOSE_WAIT 30236/chromium
Wait 1 minute.
IP pc.34188 > www.fsf.org.http: tcp 0
IP pc.60078 > www.fsf.org.https: tcp 0
IP pc.60081 > www.fsf.org.https: tcp 0
IP pc.54640 > svnweb.fsf.org.https: tcp 0
IP pc.36359 > 239.255.255.250.ssdp: UDP, length 167
IP pc.36359 > 239.255.255.250.ssdp: UDP, length 167
IP pc.36359 > 239.255.255.250.ssdp: UDP, length 167
IP pc.36359 > 239.255.255.250.ssdp: UDP, length 167
IP pc.34188 > www.fsf.org.http: tcp 0
IP pc.60078 > www.fsf.org.https: tcp 0
IP pc.60081 > www.fsf.org.https: tcp 0
IP pc.54640 > svnweb.fsf.org.https: tcp 0
netstat:
tcp 0 0 pc:60081 www.fsf.org:https ESTABLISHED 30236/chromium
tcp 0 0 pc:60078 www.fsf.org:https ESTABLISHED 30236/chromium
tcp 0 0 pc:34188 www.fsf.org:www-http ESTABLISHED 30236/chromium
udp 0 0 *:mdns *:* 30236/chromium
Wait another minute.
IP pc.34188 > www.fsf.org.http: tcp 0
IP pc.60078 > www.fsf.org.https: tcp 0
IP pc.60078 > www.fsf.org.https: tcp 0
IP pc.60081 > www.fsf.org.https: tcp 0
IP pc.60081 > www.fsf.org.https: tcp 0
netstat:
tcp 0 0 pc:60081 www.fsf.org:https ESTABLISHED 30236/chromium
tcp 0 0 pc:60078 www.fsf.org:https ESTABLISHED 30236/chromium
tcp 0 0 pc:34188 www.fsf.org:www-http ESTABLISHED 30236/chromium
Wait more:
IP pc.34188 > www.fsf.org.http: tcp 0
IP pc.60078 > www.fsf.org.https: tcp 0
IP pc.60081 > www.fsf.org.https: tcp 0
netstat:
udp 0 0 *:mdns *:* 30236/chromium
udp 0 0 *:mdns *:* 30236/chromium
Wait more:
IP pc.53400 > 239.255.255.250.ssdp: UDP, length 167
IP pc.53400 > 239.255.255.250.ssdp: UDP, length 167
IP pc.53400 > 239.255.255.250.ssdp: UDP, length 167
IP pc.53400 > 239.255.255.250.ssdp: UDP, length 167
netstat:
udp 0 0 *:mdns *:* 30236/chromium
udp 0 0 *:mdns *:* 30236/chromium
udp 0 0 *:mdns *:* 30236/chromium
Exit chromium.
No packets or connections.
Set in /etc/hosts
0.0.0.0 www.translate.google.com
0.0.0.0 translate.google.com
::0 www.translate.google.com
::0 translate.google.com
Reboot system.
Run chromium.
IP pc.52332 > 239.255.255.250.ssdp: UDP, length 167
IP pc.mdns > 224.0.0.251.mdns: UDP, length 40
IP pc.52332 > 239.255.255.250.ssdp: UDP, length 167
IP pc.34681 > stz-bg.com.ntp: UDP, length 48
IP pc.mdns > 224.0.0.251.mdns: UDP, length 40
IP pc.52332 > 239.255.255.250.ssdp: UDP, length 167
IP pc.52332 > 239.255.255.250.ssdp: UDP, length 167
IP pc.mdns > 224.0.0.251.mdns: UDP, length 40
Type chrome://settings and do NOT press 'enter':
IP pc.55776 > fra15s24-in-f3.1e100.net.https: tcp 0
IP pc.55776 > fra15s24-in-f3.1e100.net.https: tcp 0
IP pc.55776 > fra15s24-in-f3.1e100.net.https: tcp 199
IP pc.55776 > fra15s24-in-f3.1e100.net.https: tcp 0
IP pc.55776 > fra15s24-in-f3.1e100.net.https: tcp 0
IP pc.55776 > fra15s24-in-f3.1e100.net.https: tcp 93
IP pc.55776 > fra15s24-in-f3.1e100.net.https: tcp 93
IP pc.55776 > fra15s24-in-f3.1e100.net.https: tcp 194
IP pc.55776 > fra15s24-in-f3.1e100.net.https: tcp 0
IP pc.55776 > fra15s24-in-f3.1e100.net.https: tcp 38
IP pc.55776 > fra15s24-in-f3.1e100.net.https: tcp 0
IP pc.55776 > fra15s24-in-f3.1e100.net.https: tcp 0
IP pc.55776 > fra15s24-in-f3.1e100.net.https: tcp 46
Press 'enter':
IP pc.36852 > fra15s24-in-f234.1e100.net.https: tcp 0
IP pc.36852 > fra15s24-in-f234.1e100.net.https: tcp 0
IP pc.36852 > fra15s24-in-f234.1e100.net.https: tcp 208
IP pc.36852 > fra15s24-in-f234.1e100.net.https: tcp 0
IP pc.36852 > fra15s24-in-f234.1e100.net.https: tcp 93
IP pc.36852 > fra15s24-in-f234.1e100.net.https: tcp 93
IP pc.36852 > fra15s24-in-f234.1e100.net.https: tcp 228
IP pc.36852 > fra15s24-in-f234.1e100.net.https: tcp 0
IP pc.36852 > fra15s24-in-f234.1e100.net.https: tcp 38
IP pc.36852 > fra15s24-in-f234.1e100.net.https: tcp 0
IP pc.36852 > fra15s24-in-f234.1e100.net.https: tcp 0
IP pc.36852 > fra15s24-in-f234.1e100.net.https: tcp 46
IP pc.55776 > fra15s24-in-f3.1e100.net.https: tcp 0
Exit chromium.
rcnetwork restart
tcpdump -i eth1 ip src host pc and dst host not router and dst host not pc -tq
IP pc.36852 > fra15s24-in-f234.1e100.net.https: tcp 0
IP pc.55776 > fra15s24-in-f3.1e100.net.https: tcp 0
IP pc.36852 > fra15s24-in-f234.1e100.net.https: tcp 0
IP pc.55776 > fra15s24-in-f3.1e100.net.https: tcp 0
IP pc.36852 > fra15s24-in-f234.1e100.net.https: tcp 0
IP pc.55776 > fra15s24-in-f3.1e100.net.https: tcp 0
IP pc.36852 > fra15s24-in-f234.1e100.net.https: tcp 0
IP pc.55776 > fra15s24-in-f3.1e100.net.https: tcp 0
IP pc.36852 > fra15s24-in-f234.1e100.net.https: tcp 0
IP pc.55776 > fra15s24-in-f3.1e100.net.https: tcp 0
netstat:
tcp 0 1 pc:55776 fra15s24-in-f3.1e:https FIN_WAIT1 -
tcp 0 1 pc:36852 fra15s24-in-f234.:https FIN_WAIT1 -
After some time this ends.
So after all this mini-fight for privacy, Chromium still does not ensure privacy. It keeps connecting to a host in Mountain View, California:
[~]: host fra15s24-in-f3.1e100.net
fra15s24-in-f3.1e100.net has address 216.58.205.227
https://www.geoiptool.com/en/?ip=216.58.205.227
And thus Chromium reports the user IP address to Google, regardless of any attempt to stop this. Additionally through keeping connections active when they are no longer needed it also informs the remote host (fsf.org in this case) that the user's system is still online. This is not only privacy problem but also inefficient because the page loads for less than a seconds yet these packets fly for several minutes after that. Test the same with lynx and connection closes immediately.
I hope someone will raise the priority of this as it is not a minor issue.
,
May 3 2018
-blumberg +georgesak@ for the logging tool. Hi studio@, Thank you for the report. As you found yourself and mentioned here (https://support.google.com/faqs/answer/174717), 1e100.net belongs to Google services servers. Some services in Chrome get initialized even if they are not used, and I agree with you that at least user's IP is leaked, and should be prevented. I will put this bug on my own plate and try to follow up why each of the requests is sent, but it takes time and needs adding tools to log the origin of each requests. I will update the bug when I have more data.
,
May 3 2018
Thanks. Looking forward to it.
,
Jun 22 2018
Why is it that for 6 months this has not been fixed (and there is no sign that any work has been done on it), yet there is time for adding features, releasing new browser versions etc? Are features more important than privacy and security? This is very confusing.
,
Jun 27 2018
While I agree with your concerns, we have been quite busy with higher priority bugs, and you should consider that Chromium is an open source project and all the contributes (not necessarily from Google) have access to the filed bugs and choose from them based on their priorities. So maybe while I would like to solve this issue, I should unassign myself from it and make it available for all contributes.
,
Jun 27 2018
This really sounds like "There was enough time to implement this anti-privacy behavior but Google won't spend time to remove it, so let's leave it to the open source community to dig through our millions of lines of code to remove it".
,
Oct 24
> I still maintain that it is needed the program to be fully privacy respecting,
> i.e. it must be possible to have a setting which ensures zero packets sent to
> third parties and communication only with the website which the user types.
I understand that some may consider that desirable, but this is not a design goal of Chrome. For example, we rely on frequent and automatic updates for keeping users secure (which requires frequent connection to Google), and we think this is the right tradeoff for the majority of users.
If there are actual bugs such as features sending data to Google although they're disabled, we're grateful for reports and happy to address those. However I can't see any such concrete problems in this bug report, and the underlying philosophical point is not likely to be addressed. Therefore I'm closing this bug.
Btw, I disagree with the premise of your report ("privacy disrespected") -- respecting our users is at the core of what we do, please refer to [1] and [2] for descriptions on how we handle user data.
[1] https://www.google.com/chrome/privacy/
[2] https://www.google.com/chrome/privacy/whitepaper.html
|
||||||
►
Sign in to add a comment |
||||||
Comment 1 by stu...@anchev.net
, Dec 17 2017898 bytes
898 bytes View Download