Bug#820361: chromium connections to 1e100.net

Thu, 07 Apr 2016 11:48:53 -0700 

Package: chromium
Version: 49.0.2623.108-1
Severity: serious


Hello,

Kernel : 4.3
chromium 49
Chromium (despite being open source) makes undesired outgoing connection. Upon startup even with about:blank home page and even with all options from menu unchecked, it still makes outgoing connections to Google servers such as 1e100.net. All options for sending are disabled (e.g. malware protection is unchecked), no web page is loaded, nothing. No browser add-ons, pure Debian installation. Still, the connections are present. All of them are in an encrypted form, which is bothersome. 

I see this by:
1) Close all programs
2) Plugin ethernet cable
3) Start terminal and type sudo netstat -t -u -c
4) no active connections
5) I start Chromium 49 - about:blank page (no start page)
6) Immediately there are numerous encrypted connections
What is worse - no matter what page I load, similar connections to Google IPs and 1e100.net are always active, encrypted connections to Google mothership.
This looks seriously suspicious - like I installed backdoor from Google which is always calling the mother ship no matter the page opened. 

E.g. :

tcp 0 0 10.0.0.1:44210 xx-fbcdn-shv-01-a:https ESTABLISHED
tcp 0 0 10.0.0.1:33040 sof02s17-in-f3.1e:https ESTABLISHED
tcp 0 0 10.0.0.1:41366 server-54-240-166:https ESTABLISHED
tcp 0 0 10.0.0.1:45492 wa-in-f95.1e100.n:https ESTABLISHED
tcp 0 0 10.0.0.1:40262 sof01s11-in-f14.1e:http ESTABLISHED
tcp 0 0 10.0.0.1:39928 edge-star-shv-01-:https ESTABLISHED
tcp6 1 0 ip6-localhost:53082 ip6-localhost:ipp CLOSE_WAIT

Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 10.0.0.1:47336 68.232.35.127:https ESTABLISHED
tcp 0 0 10.0.0.1:44210 xx-fbcdn-shv-01-a:https ESTABLISHED
tcp 0 0 10.0.0.1:33040 sof02s17-in-f3.1e:https ESTABLISHED
tcp 0 0 10.0.0.1:41366 server-54-240-166:https ESTABLISHED
tcp 0 0 10.0.0.1:45492 wa-in-f95.1e100.n:https ESTABLISHED
tcp 0 0 10.0.0.1:40262 sof01s11-in-f14.1e:http ESTABLISHED
IMHO, Chromium should have no unwanted outgoing connections to Google - none at all. I suggest this to be reviewed and changed. This is serious privacy/security issues. 
Chrome, may be, not Chromium.

Thank you!

Best regards,
A. Spasov

Reply via email to