Bug#667050: iceweasel: "Block reported attack sites/web forgeries" should mention its use of Google and allow opt-out
On Tue, Apr 03, 2012 at 12:18:51PM -0500, Stephen Crowley wrote: > Package: iceweasel > Version: 10.0.3esr-2 > Severity: normal > > Dear Maintainer, > I was curious about the following excessive access to the url GET > http://safebrowsing-cache.google.com/safebrowsing/... and realized > it > was coming from firefox by having the "Block reported attack > sites/web > forgeries" option. I consider this network spam a bit of a security > risk considering all the skullduggery going on with the net these > days, at the very least the menu option should explicltly state > that it > will bombard google with requests for this data. Why does it matter that the data comes from google specifically? BTW, it's only downloading a list or a delta if you already have a list locally. It's not sending anything related to your browsing. If you click on help, you're brought to a page that explains the settings, and which contains a link to a page explaining how the feature works. Mike -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#667050: iceweasel: "Block reported attack sites/web forgeries" should mention its use of Google and allow opt-out
Package: iceweasel Version: 10.0.3esr-2 Severity: normal Dear Maintainer, I was curious about the following excessive access to the url GET http://safebrowsing-cache.google.com/safebrowsing/... and realized it was coming from firefox by having the "Block reported attack sites/web forgeries" option. I consider this network spam a bit of a security risk considering all the skullduggery going on with the net these days, at the very least the menu option should explicltly state that it will bombard google with requests for this data. -- Package-specific info: -- Addons package information -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages iceweasel depends on: ii debianutils 4.2.1 ii fontconfig 2.8.0-3.1 ii libc6 2.13-27 ii libgdk-pixbuf2.0-0 2.24.1-1 ii libglib2.0-02.30.2-6 ii libgtk2.0-0 2.24.10-1 ii libnspr4-0d 4.9-1 ii libstdc++6 4.7.0-1 ii procps 1:3.3.2-3 ii xulrunner-10.0 10.0.3esr-2 iceweasel recommends no packages. Versions of packages iceweasel suggests: ii libgssapi-krb5-21.10+dfsg~beta1-2 ii mozplugger ii ttf-lyx 2.0.3-2 ii ttf-mathematica4.1 ii xfonts-mathml 4 Versions of packages xulrunner-10.0 depends on: ii libasound21.0.25-2 ii libatk1.0-0 2.2.0-2 ii libbz2-1.01.0.6-1 ii libc6 2.13-27 ii libcairo2 1.10.2-7 ii libdbus-1-3 1.4.18-1 ii libdbus-glib-1-2 0.98-1 ii libevent-2.0-52.0.17-stable-1 ii libfontconfig12.8.0-3.1 ii libfreetype6 2.4.8-1 ii libgcc1 1:4.7.0-1 ii libgdk-pixbuf2.0-02.24.1-1 ii libglib2.0-0 2.30.2-6 ii libgtk2.0-0 2.24.10-1 ii libhunspell-1.3-0 1.3.2-4 ii libjpeg8 8d-1 ii libmozjs10d 10.0.3esr-2 ii libnotify40.7.4-1 ii libnspr4-0d 4.9-1 ii libnss3-1d3.13.3-1 ii libpango1.0-0 1.29.4-3+b1 ii libpixman-1-0 0.24.4-1 ii libreadline6 6.2-8 ii libsqlite3-0 3.7.11-2 ii libstartup-notification0 0.12-1 ii libstdc++64.7.0-1 ii libvpx1 1.0.0-2 ii libx11-6 2:1.4.4-4 ii libxext6 2:1.3.0-3 ii libxrender1 1:0.9.6-2 ii libxt61:1.1.1-2 ii zlib1g1:1.2.6.dfsg-2 Versions of packages xulrunner-10.0 suggests: ii libcanberra0 0.28-3 ii libgnomeui-0 2.24.5-2 -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org