On Fri, Oct 2, 2020 at 12:34 am, Marius Schwarz
<fedoradev@xxxxxxxxxxxx> wrote:
If you send a DNS REQUEST to a US DNS server from within a company
network, and with ipv6 the internal ip is sent out i learned lately,
you
have sent personal data which is protected under the GDRP. It's not
unlikely to use company pcs for private webvisits while having a meal
break.
Hm, thanks for the explanation. I guess the DNS request would indeed be
the *first* way you lose, because you have to do DNS before you do
anything else. But you are going to lose immediately after anyway:
* Immediately after you connect to the network, Fedora connects to
http://fedoraproject.org/static/hotspot.txt to see if you're behind a
captive portal
* Next, GNOME Software starts checking for updates in the background.
You've leaked "personal data" to fedoraproject.org again, and also
fwupd.
* You open Firefox, it downloads Safe Browsing data from Google.
(Admittedly this one is probably only behind a European CDN, but maybe
Google is having a bad day, or maybe IP address logs are sent to the
US.) Oh yeah, it also displays news from Pocket. Probably it does more
connections to the US that I don't know about.
* You switch to Financial Mode in Calculator, it downloads exchange
rate data.
* Anything crashes. A truncated stack trace gets sent to Fedora.
I'm sure my list is missing quite a lot. If your interpretation is
correct, then I suppose German companies should immediately discontinue
use of Fedora, and also most other computer operating systems....
Michael
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
