Project

General

Profile

Feature #5306

Prevent gweather from disclosing customized location

Added by Tails about 6 years ago. Updated about 4 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
Due date:
% Done:

100%

Feature Branch:
Type of work:
Test
Blueprint:
Starter:
No
Affected tool:

Description

When one adds a custom location in the GNOME Clock applet, and "Set"'s it, a request for weather information is made to weather.noaa.gov, that presumably discloses the custom location chosen by the user.

Setting the /apps/gweather/prefs/auto_update GConf key to false does not help.

A workaround that was suggested to us is to add weather.noaa.gov to the "Ignore Host" list in the GNOME Network Proxy preferences: without a proxy configured, these requests cannot go out. At first glance, it looks a bit hackish, and it would be nicer to disable this feature in a way that works even if the hostname in use changes some day, but in last resort, we might end up doing that.

We should research a (probably GConf -based) way to disable that feature.

Next thing to do:

  • If we stop using the GNOME clock applet (#6284), verify this fixes this issue, and be done with it.
  • test the /schemas/apps/clock_applet/prefs/show_weather and /schemas/apps/clock_applet/prefs/show_temperature GConf options.

Note that the connection is apparently done by gnome-panel, through the configured HTTP proxy (Polipo). It ignores SOCKS proxy settings.

tails-1.png View (109 KB) hybridwipe, 08/07/2015 10:16 AM


Related issues

Related to Tails - Feature #6284: Display time in local timezone Confirmed 10/27/2015
Related to Tails - Bug #7949: Disable GNOME 3.14's geolocation framework Resolved 09/26/2014

History

#1 Updated by intrigeri almost 6 years ago

  • Starter set to No

#2 Updated by BitingBird over 5 years ago

  • Subject changed from prevent gweather from disclosing customized location to Prevent gweather from disclosing customized location

#3 Updated by BitingBird almost 5 years ago

GNOME's new safety and privacy team seems to be on it :) https://people.gnome.org/~federico/news-2014-08.html#the-safety-and-privacy-team

#4 Updated by intrigeri almost 5 years ago

GNOME's new safety and privacy team seems to be on it :)
https://people.gnome.org/~federico/news-2014-08.html#the-safety-and-privacy-team

My understanding is that they aim at protecting against a network attacker, while this ticket is about protecting against the remote server as well (by not querying it at all, I suppose). Sorry, didn't read the ticket again, so I may be off-topic or fully wrong.

#5 Updated by intrigeri almost 5 years ago

  • Related to Bug #7949: Disable GNOME 3.14's geolocation framework added

#6 Updated by BitingBird almost 5 years ago

Is this fixed like #7949 ?

#7 Updated by intrigeri almost 5 years ago

Is this fixed like #7949 ?

I don't think so: #7949 is about a new GNOME 3.14 feature, while this ticket is about Wheezy (GNOME 3.4).

#8 Updated by intrigeri over 4 years ago

This should be tested again with Tails 1.3 or later: since we've removed Polipo, it may very well be that gweather cannot connect to Internet anymore.

#9 Updated by kytv over 4 years ago

  • Assignee set to kytv

Assigning to myself to test once the high priority CI work is done.

#10 Updated by hybridwipe about 4 years ago

Using tails-1.4.1, I added a location, and the local time appears, but I do not get local weather.

#11 Updated by intrigeri about 4 years ago

  • Status changed from Confirmed to In Progress
  • Assignee changed from kytv to hybridwipe
  • % Done changed from 0 to 10

Using tails-1.4.1, I added a location, and the local time appears, but I do not get local weather.

Thanks!

I've confirmed this: after setting a custom location, I see in the logs that our firewall rejects connections to some hosts on port 80; I don't see any such thing if I don't customize location, so I guess those are the servers used to query weather information.

I was tempted to call this resolved in the version of Tails that removed Polipo (1.3), but now I'm in doubt. This problem is currently fixed only because gweather (or the library it uses for HTTP requests) doesn't honor HTTP_PROXY and friends: we still have "Show weather" and "Show temperature" enabled. So I think we should set these two GConf keys to false:

/apps/panel3-applets/clock/show_weather
/apps/panel3-applets/clock/show_temperature

hybridwipe, would you want to try coming up with a tested patch (or a branch) that implements this? It requires a Tails ISO build environment, not sure if you have one yet. And I guess one will need to add a file to config/chroot_local-includes/usr/share/amnesia/gconf/.

... and then, we'll need find out how to do the same on the feature/jessie branch (probably these settings have been moved to dconf, and the custom ones will go to config/chroot_local-includes/etc/dconf/db/local.d/00_Tails_defaults).

#12 Updated by intrigeri about 4 years ago

  • Status changed from In Progress to Resolved
  • Assignee deleted (hybridwipe)
  • % Done changed from 10 to 100

Well, actually I see the firewall rejects that traffic even when "Show weather" and "Show temperature" are disabled, so I guess that weather information is unconditionally retrieved (rather: attempted to be retrieved), and these settings only affect the display. So, it feels useless to change these settings. Calling this done!

#13 Updated by BitingBird about 4 years ago

  • Target version deleted (Hole in the Roof)

Removing "hole in the roof" since it's resolved :)

Also available in: Atom PDF