[opensuse] Firefox phones home/Google
Hi list. Just when I wanted to debug a web problem, I saw tcpdump showing Firefox making silent requests to Google. (wtf at this point!) To reproduce: Open a random webpage (preferably one that does not reference external content, e.g. http://jengelh.hopto.org/ ; local files don't trigger it) 14:23:03.581788 IP 10.10.106.161.50386 134.76.10.66.3128: P 1:691(690) ack 1 win 5840 [EMAIL PROTECTED]@... j..L B...8..%.g..P...GET http://sb.google.com/safebrowsing/update?client=navclient-auto-ffox2.0.0.2premozver=1.8.1.2pre-2006102300version=goog-white-domain:1:19,goog-white-url:1:371,goog-black-url:1:8400,goog-black-enchash:1:17514 HTTP/1.1 Host: sb.google.com User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.2pre) Gecko/20061023 SUSE/2.0.0.1-0.1 Firefox/2.0.0.2pre Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: UTF-8,* Keep-Alive: 300 Proxy-Connection: keep-alive Cookie: PREF=ID=b81b7fa78ae17cf1:TM=1168225067:LM=1168225067:S=xIIiZGyQbydqdfSG Can I _please_ get information why there's spyware like this in Firefox? Added by SUSE? (I don't have the Google Toolbar installed, which, in itself, already transmits data unwanted, leading to congestion on modem lines.) Jan -- ft: http://freshmeat.net/p/chaostables/ -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Firefox phones home/Google
On Wednesday 31 January 2007 08:26, Jan Engelhardt wrote: Hi list. Just when I wanted to debug a web problem, I saw tcpdump showing Firefox making silent requests to Google. (wtf at this point!) To reproduce: Open a random webpage (preferably one that does not reference external content, e.g. http://jengelh.hopto.org/ ; local files don't trigger it) 14:23:03.581788 IP 10.10.106.161.50386 134.76.10.66.3128: P 1:691(690) ack 1 win 5840 [EMAIL PROTECTED]@... j..L B...8..%.g..P...GET http://sb.google.com/safebrowsing/update?client=navclient-auto-ffox2.0.0.2p ^^^' Do you have the website checker on? The one that looks for fake sites? Nick -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Firefox phones home/Google
On Wed, Jan 31, 2007 at 02:26:16PM +0100, Jan Engelhardt wrote: Hi list. Just when I wanted to debug a web problem, I saw tcpdump showing Firefox making silent requests to Google. (wtf at this point!) To reproduce: Open a random webpage (preferably one that does not reference external content, e.g. http://jengelh.hopto.org/ ; local files don't trigger it) 14:23:03.581788 IP 10.10.106.161.50386 134.76.10.66.3128: P 1:691(690) ack 1 win 5840 [EMAIL PROTECTED]@... j..L B...8..%.g..P...GET http://sb.google.com/safebrowsing/update?client=navclient-auto-ffox2.0.0.2premozver=1.8.1.2pre-2006102300version=goog-white-domain:1:19,goog-white-url:1:371,goog-black-url:1:8400,goog-black-enchash:1:17514 HTTP/1.1 Host: sb.google.com User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.2pre) Gecko/20061023 SUSE/2.0.0.1-0.1 Firefox/2.0.0.2pre Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: UTF-8,* Keep-Alive: 300 Proxy-Connection: keep-alive Cookie: PREF=ID=b81b7fa78ae17cf1:TM=1168225067:LM=1168225067:S=xIIiZGyQbydqdfSG Can I _please_ get information why there's spyware like this in Firefox? Added by SUSE? (I don't have the Google Toolbar installed, which, in itself, already transmits data unwanted, leading to congestion on modem lines.) We did not add this code. I suspect the anti phishing filter or similar. Ciao, Marcus -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Firefox phones home/Google
On 31-01-2007 at 15:26, Jan Engelhardt [EMAIL PROTECTED] wrote: Hi list. Just when I wanted to debug a web problem, I saw tcpdump showing Firefox making silent requests to Google. (wtf at this point!) To reproduce: Open a random webpage (preferably one that does not reference external content, e.g. http://jengelh.hopto.org/ ; local files don't trigger it) Jan, Maybe you could have a look at this site: http://www.google.com/tools/firefox/safebrowsing/ The link it requested there is the Web Forgery Protection. Dominique Oh: I don't think SUSE did add this link... it's a known feature of FireFox 2, isn't it? -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Firefox phones home/Google
Jan Engelhardt wrote: j..L B...8..%.g..P...GET http://sb.google.com/safebrowsing/update?client=navclient-auto-ffox2.0.0.2premozver=1.8.1.2pre-2006102300version=goog-white-domain:1:19,goog-white-url:1:371,goog-black-url:1:8400,goog-black-enchash:1:17514 HTTP/1.1 Host: sb.google.com User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.2pre) Gecko/20061023 SUSE/2.0.0.1-0.1 Firefox/2.0.0.2pre Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: UTF-8,* Keep-Alive: 300 Proxy-Connection: keep-alive Cookie: PREF=ID=b81b7fa78ae17cf1:TM=1168225067:LM=1168225067:S=xIIiZGyQbydqdfSG Can I _please_ get information why there's spyware like this in Firefox? I just checked mine, and no such thing happening here. I suspect it is your phishing filter. That is your configuration item. BTW, mine is turned on but set to check using a downloaded list of suspected sites. What is yours set to. I noticed Google is the default choice if set to Check by asking download list about each site I visit. -- Joe Morris Registered Linux user 231871 running openSUSE 10.2 x86_64 -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Firefox phones home/Google
On Wed, 31 Jan 2007 08:30:27 -0500, Nick Zentena [EMAIL PROTECTED] took time to say the following: (^_^)On Wednesday 31 January 2007 08:26, Jan Engelhardt wrote: (^_^) Hi list. (^_^) (^_^) (^_^) Just when I wanted to debug a web problem, I saw tcpdump (^_^) showing Firefox making silent requests to Google. (wtf at this point!) (^_^) To reproduce: Open a random webpage (preferably one that does not (^_^) reference external content, e.g. http://jengelh.hopto.org/ ; local (^_^) files don't trigger it) (^_^) (^_^) (^_^) 14:23:03.581788 IP 10.10.106.161.50386 134.76.10.66.3128: P 1:691(690) (^_^) ack 1 win 5840 (^_^) [EMAIL PROTECTED]@... (^_^) (^_^) j..L (^_^) B...8..%.g..P...GET (^_^) http://sb.google.com/safebrowsing/update?client=navclient-auto-ffox2.0.0.2p (^_^) (^_^)^^^' (^_^) (^_^) Do you have the website checker on? The one that looks for fake sites? (^_^) (^_^) Nick Also does he have the googletoolbar installed? That phones home all the time. I Too many people spend money they haven't earned to buy things they don't want, to impress people they don't like. -Will Rogers -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Firefox phones home/Google
On Wed, 2007-01-31 at 14:26 +0100, Jan Engelhardt wrote: Hi list. Just when I wanted to debug a web problem, I saw tcpdump showing Firefox making silent requests to Google. (wtf at this point!) To reproduce: Open a random webpage (preferably one that does not reference external content, e.g. http://jengelh.hopto.org/ ; local files don't trigger it) Can I _please_ get information why there's spyware like this in Firefox? Added by SUSE? Assuming you are running Firefox 2, you almost certainly have the anti-phishing filter turned on. Go to Edit-Preferences-Security and see if the checkbox labeled Tell me if the site I'm visiting is a suspected forgery is checked. If so, you have the anti-phishing filter turned on. There are two ways to have Firefox check for phishing sites. You'll notice two radio buttons. One is labeled Check using a downloaded list of suspected sites and the other says Check by asking Google about each site I visit. If you select the first option, Firefox will regularly (I think once a week though I could be wrong) and automatically a file of suspected sites from Google. For every site you visit it will check that site against the local file that it downloaded. If you select the second option, Firefox will check every site you visit by sending the site URL to Google for comparison with the online file they have. The first option is faster but the information on phishing sites might not be as up-to-date as the second option. Rick -- Rick's Law: What cannot be imagined will be accomplished by a fool. PGP Key Id: 9E1125E0 signature.asc Description: This is a digitally signed message part
Re: [opensuse] Firefox phones home/Google
On Jan 31 2007 14:50, Dominique Leuenberger wrote: On 31-01-2007 at 15:26, Jan Engelhardt [EMAIL PROTECTED] wrote: Hi list. Just when I wanted to debug a web problem, I saw tcpdump showing Firefox making silent requests to Google. (wtf at this point!) To reproduce: Open a random webpage (preferably one that does not reference external content, e.g. http://jengelh.hopto.org/ ; local files don't trigger it) Maybe you could have a look at this site: http://www.google.com/tools/firefox/safebrowsing/ The link it requested there is the Web Forgery Protection. Ah thanks for the info. (And I don't run Google Toolbar, it phones home even more often and for modem users, I have seen it congesting their line.) Jan -- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]