[ubuntu-studio-devel] How wide spread is Linux spyware?
lukefromdc at hushmail.com
lukefromdc at hushmail.com
Sun Jul 12 18:31:04 UTC 2015
This email wasn't finished and get sent by accident before I could finish the Firefox details. I'm sure others can add to the
overall list of applications, as there are thousands I have never tested or run.
Firefox, details below:
Google "prefs" cookie-disable all "safebrowsing" then
delete all cookies to disable
Google "safebrowsing" service itself
Cisco H264 codec in Firefox (auto-updates) disable in about: config. Use gstreamer H264 codec for video playback instead
"plugins" and remove URL's in about: config
Firefox crash reporter
Firefox health report
Firefox "heartbeat" survey (disable by removing "self-support" url in about: config
"Prefetch"and "Keyword" should be disabled to prevent sending every keystroke in the URL bar to your DNS provider instead of just finished URL's
Be sure to disable "geo" services
I recommend removing all URLs in about: config except the one used to get extensions
As I type this email, the only IP addresses to come up in Wireshark in at least 15 minutes are Hushmail's and my own, so I must be doing
something right.
On 7/12/2015 at 2:21 PM, lukefromdc at hushmail.com wrote:
>
>One of the first things to do is install Wireshark, get it
>running, and then engage
>in a variety of offline actions with no browser running but
>connected to the network.
>Trap every IP address you see, then open a browser and enter each
>IP address and
>find out what it is.
>
>This is how I found that Ubuntu's flashplugin-installer has a
>dependency that phones
>home, namely the cron job in update-notifier-common. After getting
>rid of that, I can
>now run the system at idle, even with the browser open, and the
>only way any IP
>addresses external to my setup show up in Wireshark is if a web
>page is open in
>browser that updates itself. Otherwise no traffic.
>
>In short, every system is different, and Wireshark will find
>everything except anything
>that starts and finishes before you can get Wireshark running. I
>have not yet used
>wireshark from one machine to monitor another but that would be
>the way to check
>the whole boot process.
>
>Here is a partial list of known problems that I have found:
>
>Unity remote lenses (all of them)
>
>Any kind of desktop remote search service
>
>Mate-panel clock applet if and only if configured with a location
>to show weather
>
>Popularity-contest (obvious)]
>
>Whoopsie (never had it installed but saw it on this list)
>
>Apport
>
>Update-notifier and update-notifier-common (chron job needs
>disabling if IP addresses require concealment)
>
>Flashplugin-installer (depends on update-notifier-common)
>
>Ardour (reported to phone home)
>
>Lightworks (nonfree, has phone-home activation)
>
>Chromium (requires disabling Google services)
>
>Chrome (closed, cannot disable all the Google spyware)
>
>Firefox, details below:
>
> Google "prefs" cookie-disable all "safebrowsing" then
>delete all cookies to disable
> Google "safebrowsing" service itself
> Cisco H264 codec in Firefox (auto-updates) disable in
>"plugins" and remove URL's in about: config
>
>
>
>
>
>On 7/12/2015 at 7:29 AM, "Ralf Mardorf" <ralf.mardorf at alice-
>dsl.net> wrote:
>>
>>On Sun, 12 Jul 2015 12:11:37 +0200, Jimmy Sjölund wrote:
>>> However a good guideline or tutorial on how to set up your
>system
>>> like for instance with Luke's experience would be great.
>>
>>A Wiki is a good idea, OTOH there is already much information
>>available. Users need to consider if a secure computer makes sense
>>when they "Add to an Amzone Cart" and publish their diary at
>>Facebook
>>and they 24/365 carry a turned on mobile.
>>To become a rocket scientists, we can't simply switch from
>watching
>>"The Bold And The Beautiful" to watching "Into the Universe with
>>Stephen Hawking". We need to dig deeper and perhaps change our
>>lifestyle.
>>
>>
>>Oops, I should subscribe with several email accounts and set up
>>mailman
>>to send list mail to just one account.
>>
>>Begin forwarded message:
>>
>>Date: Sun, 12 Jul 2015 12:50:43 +0200
>>From: Ralf Mardorf <... at rocketmail.com>
>>To: ubuntu-studio-devel at lists.ubuntu.com
>>Subject: Re: [ubuntu-studio-devel] How wide spread is Linux
>>spyware?
>>
>>
>>On Sun, 12 Jul 2015 10:21:34 +0200, Set Hallstrom wrote:
>>>Perhaps Ralf and lukefromdc wants to search through the packages
>>to
>>>establish a list of homecry software, vs. cool software?
>>
>>No-go: Apport, Whoopsie, all that stuff from Canonical that
>>recommends
>>Amazone or similar https://stallman.org/amazon.html, that spies
>if
>>a
>>user runs desktop searches etc..
>>
>>Within the next days or weeks I plan to tidy up my hard disk
>>drives [1],
>>to replace my Arch Linux's VirtualBox Win XP with a KVM, QEMU,
>>virt-manager Win 7 and then to install an Ubuntu Studio 15.10
>(Wily
>>Werewolf) Daily Build [2], perhaps Alpha 2 on July 30th [3].
>>
>>However, regarding the default browser I wonder if Firefox should
>>be
>>replaced.
>>
>>Most of the times I'm using Firefox, Pale Moon and QupZilla. I
>>can't
>>say much about differences regarding security, but all three are a
>>PITA because they ignore environment font sizes, the menu fonts
>>are much
>>to small, only QupZilla has a usable history, but regarding
>>security
>>users perhaps don't want a history at all and QupZilla can't use
>>Firefox
>>add-on. Most important seems to be the user's browser preferences.
>>
>>I wonder that Firefox still is that much used, since QupZill and
>>Pale
>>Moon likely perform better than Firefox. Perhaps QupZilla less
>>often
>>gets unresponsive when waiting for action of a website, than
>>Firefox
>>and Pale Moon do, but I didn't really test this.
>>
>>Since Paul Davis calls me names, for claims that were not made by
>>me,
>>but e.g. by Len and others or when Paul Davis simply is mistaken
>>and
>>because he bans my mails, just sometimes replies without reading
>>them,
>>it's hard for me to e.g. find out how risky Ardour update checks
>>are.
>>Since Len was mentioned at the last Ardour release's "special
>thanx
>>too"-list he might could find out easier, if Ardour is an app
>that
>>could
>>be recommended regarding security needs.
>>
>>Personally I seldom care about security for my computer usage, I
>>just
>>dislike myth about security.
>>
>>Btw. some links that were posted in a FreeBSD mailing list within
>>the
>>last days:
>>
>>OpenSSH
>>
>>http://undeadly.org/cgi?action=article&sid=20150708134520&mode=exp
>a
>>nded&count=27
>>http://undeadly.org/cgi?action=article&sid=20150603090420
>>
>>And this one
>>
>>http://slashdot.org/story/10/12/15/004235/FBI-Alleged-To-Have-
>>Backdoored-OpenBSDs-IPSEC-Stack
>>
>>Regards,
>>Ralf
>>
>>[1]
>>$ grep menuentry /mnt/debi386/boot/grub/grub.cfg | cut -f2 -d"'"
>>Debian, Linux 3.8.13-rt14-pae-rocketmouse-2
>>Debian, Linux 3.12-0.bpo.1-rt-686-pae
>>Debian, Linux 3.8.13.14-rt30-pae-rocketmouse-1
>>Debian GNU/Linux, with Linux 3.2.0-4-rt-686-pae
>>Debian GNU/Linux, with Linux 3.2.0-4-rt-686-pae (recovery mode)
>>Kubuntu Saucy, kernel 3.8.13-rt14-1-rt
>>Kubuntu Saucy, kernel 3.6.5-rt14
>>Kubuntu Saucy, kernel 3.11.0-19-lowlatency threadirqs
>>Kubuntu Saucy, kernel 3.11.0-14-lowlatency threadirqs
>>Kubuntu Saucy, kernel 3.11.0-14-lowlatency single
>>Arch Linux Rt
>>Arch Linux Rt LTS
>>Arch Linux Rt nohz=off
>>Arch Linux
>>Arch Linux threadirqs
>>Arch Linux Fallback
>>openSUSE 11.2, Kernel 2.6.31.6-rt19
>>menuentry "FreeBSD"{
>>menuentry "XP"{
>>Ubuntu Quantal, kernel 3.6.5-rt14
>>Ubuntu Quantal, kernel 3.10.9-rt5 experimental
>>Ubuntu Quantal, kernel 3.5.0-18-lowlatency threadirqs
>>Ubuntu Quantal, kernel 3.5.0-18-lowlatency (recovery mode)
>>Ubuntu Studio Quantal, Kernel 3.6.5-rt14
>>Ubuntu Studio Quantal, Kernel 3.5.0-18-lowlatency threadirqs
>>Ubuntu Studio Precise, Kernel 3.0.30 threadirqs
>>Ubuntu Studio Precise, Kernel 3.2.0-23-lowlatency threadirqs
>>Edubuntu 10.10, Kernel 2.6.33.9-rt31
>>Ubuntu Studio Oz, Kernel 3.0.0-17-generic
>>Ubuntu Studio Oz, Kernel 3.0.0-20-generic
>>
>>[2]
>>http://cdimage.ubuntu.com/ubuntustudio/dvd/pending/
>>
>>[3]
>>https://wiki.ubuntu.com/WilyWerewolf/ReleaseSchedule
>>
>>--
>>ubuntu-studio-devel mailing list
>>ubuntu-studio-devel at lists.ubuntu.com
>>Modify settings or unsubscribe at:
>>https://lists.ubuntu.com/mailman/listinfo/ubuntu-studio-devel
More information about the ubuntu-studio-devel
mailing list