Project

General

Profile

Privacy Issue #3429

[connman] Contacts a website without asking for authorization

nona - about 1 year ago - . Updated about 1 year ago.

Status:
confirmed
Priority:
bug
Assignee:
-
% Done:

0%


Description

I found this in /etc/connman/main.conf. In my opinion, it should be disabled by default.

# Enable use of http get as on online status check.
# When a service is in a READY state, and is selected as default,
# ConnMan will issue an HTTP GET request to verify that end-to-end
# connectivity is successful. Only then the service will be
# transitioned to ONLINE state.
# If this setting is false, the default service will remain in READY state.
# Default value is true.
# EnableOnlineCheck = false

# Urls (IPv4 and IPv6 respectively) used during the online status check.
# Please refer to the README for more detailed information.
# Default values are http://ipv4.connman.net/online/status.html and
# http://ipv6.connman.net/online/status.html respectively.
# OnlineCheckIPv4URL= http://ipv4.connman.net/online/status.html
# OnlineCheckIPv6URL= http://ipv6.connman.net/online/status.html

# WARNING: Experimental feature!!!
# In addition to EnableOnlineCheck setting, enable or disable use of HTTP GET
# to detect the loss of end-to-end connectivity.
# If this setting is false, when the default service transitions to ONLINE
# state, the HTTP GET request is no more called until next cycle, initiated
# by a transition of the default service to DISCONNECT state.
# If this setting is true, the HTTP GET request keeps beeing called to guarantee
# that end-to-end connectivity is still successful. If not, the default service
# will transition to READY state, enabling another service to become the
# default one, in replacement.
# EnableOnlineToReadyTransition = false

Related issues

Related to Packages - Privacy Issue #2037: [networkmanager] Connects to apollo.archlinux.org without asking to check for Connection.in progress

Actions

History

#1

Updated by direnis about 1 year ago

Yeah, i heard that connman phones home to intel by default on startup

#2

Updated by nona about 1 year ago

  • Subject changed from [connman] to [connman] Contacts a website without asking for authorization
#3

Updated by bill-auger about 1 year ago

[connman] Contacts a website without asking for authorization

that is a common feature of many network-aware applications, and all
connection managers, commonly know as a "keep-alive" or "heartbeat" -
without that feature, people using wifi would be rather dissatisfied
with those tools

to be most correct, the user does give authorization, by clicking the
"connect" button - it is simply that most users are not aware that
connection managers normally do this

extra/networkmanager pings archlinux.org for the same reason - i
modified nonsystemd/networkmanager to ping parabola.nu instead - for
networkmanager, the change was rather simple

  # packaged configuration
  install -Dm644 /dev/stdin usr/lib/NetworkManager/conf.d/20-connectivity.conf <<END
[connectivity]
uri=https://www.parabola.nu/static/nm-check.txt
enabled=false
END
#4

Updated by nona about 1 year ago

Thank you for the explanation, bill. It still seems like an obscure way to accept the (unknown) situation. Surely, all users appreciate that the wireless connection works. It also seems like a good situation to be addressed by your-privacy and nonprism (or a post-installation message).

from: https://labs.parabola.nu/issues/2037#note-4

i added the target file to the parabola server as not to ping the arch server - that was probably the appropriate thing to do anyways for any fork; and it should allow for any parabola system to be fully functional without ever communicating with any 3rd party servers ...

Would a similar solution apply here? (changing the defaults).

#5

Updated by bill-auger about 1 year ago

yeap - definitely related to #2037

#6

Updated by bill-auger about 1 year ago

  • Related to Privacy Issue #2037: [networkmanager] Connects to apollo.archlinux.org without asking to check for Connection. added
#7

Updated by bill-auger about 1 year ago

  • Status changed from unconfirmed to confirmed

Also available in: Atom PDF