Luke Shumaker <[email protected]> writes: > On Wed, 14 Jun 2017 18:00:38 -0400, > [email protected] wrote: >> the connman[0] connection manager tries to detect whether an internet >> connection is available by installing a temporary route to >> ipv4.connman.net and ipv6.connman.net >> >> This is documented in the README[1] and mentioned in the Arch wiki[2]. >> >> Although the official documentation claims that the remote servers do >> not log any connection information, nothing grants that this may change >> in the future. >> >> It is possible, however, to disable the online checks with a >> configuration setting in /etc/connman/main.conf as shown below. >> >> $ cat /etc/connman/main.conf >> [General] >> EnableOnlineCheck=false >> >> Should Paraboola ship a connman package with that setting since the >> default is to enable online checks? > > It's a useful feature, and it does require a server-side. That's > unavoidable if you want to implement the feature. It isn't going > through your browser or leaking any data other than your IP. The only > information being leaked is "someone is using connman 1.23 at IP > $XXXX". That's not a notable privacy violation in my book. > > I wouldn't be opposed to patching it to go to ipv{4,6}.parabola.nu or > something so that Parabola could ensure that the data isn't being > logged (the user would still need to trust us, but they're largely > doing that anyway by trusting our binaries). But none of our servers > are IPv6 right now. And I'm not really sure it's worth the effort, > given the tiny amount of information in the leak.
Hello, Thanks for taking time to write a reply to my email. Honesly, I have no strong feelings about this and just wanted to make you guys aware of this feature in case you weren't. I have personally disabled the check and haven't had any issue with that. That's why I thought that simply shipping the option to disable the check by default and leaving it to the user to opt in would be sensible. Regarding the information that connman sends to the servers, that should be easily verifiable from the source code. However the server-side behavior may change in the future with little or no notice. Anyway, the whois record of connman.net has an email contact so we could always reach out for questions. Best, -- S. _______________________________________________ Dev mailing list [email protected] https://lists.parabola.nu/mailman/listinfo/dev
