https://bugs.kde.org/show_bug.cgi?id=399449
Bug ID: 399449 Summary: [PRIVACY VIOLATION] plasma-browser-integration-host creates network connections Product: plasma-browser-integration Version: unspecified Platform: Other OS: Linux Status: REPORTED Severity: normal Priority: NOR Component: Firefox Assignee: k...@privat.broulik.de Reporter: chemob...@gmail.com Target Milestone: --- After upgrading to F29 beta with Plasme 5.13.5 I got the reminder about the Browser integration. I installed the Firefox extension and started to test it. No problems there.... firefox-62.0-3.fc29.x86_64 plasma-browser-integration-5.13.5-1.fc29.x86_64 [this might also apply to Chromium, but I didn't activate the integration for it] ...but afterwards I had a look at "netstat -tp" and was surprised to see that the browser integration seems to create *outgoing* network connections on its own. Which is rather surprising when you read the statement from the Wiki https://community.kde.org/Plasma/Browser_Integration#Privacy: Everything is handled on your PC between the browser and your desktop, no additional data is sent via the web. Snapshot from my test system: $ netstat -tnp | fgrep -e plasma- -e firefox tcp 0 0 192.168.3.6:39846 xxxx:443 ESTABLISHED 1753/firefox tcp 0 0 192.168.3.6:33556 xxxx:443 ESTABLISHED 1753/firefox ... many more open connections from firefox .... tcp 2194537 0 192.168.3.6:49664 xxxx:443 ESTABLISHED 1753/firefox tcp 1 0 192.168.3.6:35696 104.16.111.25:443 CLOSE_WAIT 2686/plasma-browser tcp 32 0 192.168.3.6:57386 151.101.193.69:443 CLOSE_WAIT 2686/plasma-browser ... tcp 8692 0 192.168.3.6:50810 104.20.117.11:443 CLOSE_WAIT 2686/plasma-browser [NOTE: at other times I also saw ESTABLISHED connections. I tried to reverse look up the IPs but didn't get any usable information from them] $ ps -efw | fgrep 2686 stefanb 2686 1753 0 09:38 ? 00:00:00 /usr/bin/plasma-browser-integration-host /usr/lib64/mozilla/native-messaging-hosts/org.kde.plasma.browser_integration.json plasma-browser-integrat...@kde.org The above connections are not created by firefox, because firefox connections are associated with the firefox process. I haven't yet studied the source code for the messaging host binary to check for network connection creation, but I'll try to do so when I get the time. -- You are receiving this mail because: You are watching all bug changes.