NetSurf version 3.6-3.1, Spying ?

[Chris]

I installed the NetSurf version 3.6-3.1 with apt-get in Debian v 9.5.
The program is setup to open with a blank page and when I start the program, the monitoring program iftop show Netsurf automatically connects to one of Amazon's servers.

Is that OK?

[bw123]

I couldn't say that it's okay if it bugs you. I doubt that it's spying though...Is it possibly a resource for online documentation? Or maybe for ca-certificates? These things ave to be hosted somewhere, would any other server be okay or is it just amazon that concerns you for some reason?

[Chris]

WebSurf documentation is located at http://www.netsurf-browser.org, so that's not why.
Maybe CA certificates, but when the program opens with a blank page, it shouldn't look for certificates.
The addresses as it connects to are 79,125,105,113 and 46.51.179.90, both of which belong to Amazon and it worries me, since I absolutely do not trust any commercial company related to the Internet.

[GarryRicketson]

If you don't want it accessing certain IP's, why don't you use your IP tables and just don't allow out going connection to those IP's ?
This can be applied to anything, not just the amazon IP's.
I am not expert enough to tell you exactly how, but I am sure with some search foo, you can get that information, or some one else will be able to give more details. On my main OS I don't use IP tables, I do use Netsurf occasionally but have never noticed on that.

Is that OK?

Many people do not have any problem with it, but as you say:

since I absolutely do not trust any commercial company related to the Internet.

Then maybe it is not OK with you,...I suppose you will want to block anything to or from google as well, ?

[Segfault]

The source code is available, you could grep it for those IP addresses. If not found then the party who provided the binary package is to blame.

[bw123]

WebSurf documentation is located at http://www.netsurf-browser.org, so that's not why.
Maybe CA certificates, but when the program opens with a blank page, it shouldn't look for certificates.
The addresses as it connects to are 79,125,105,113 and 46.51.179.90, both of which belong to Amazon and it worries me, since I absolutely do not trust any commercial company related to the Internet.

I don't like automatic connections to anything either, but for me it's more about bandwidth. I guess there are privacy and security issues too. I don't want to update or download anything, or go "online" for documentation or other things. It's a sad thing that programs (even browsers) take for granted that everybody is always connected, and don't mind a few (hundred?) bytes now and then.

I don't think it's realistic to try and avoid any commercial company related to the internet. Commerce is what keeps people motivated a lot of times. Piggybacking on large commercial entities who donate serverspace or bandwidth seem pretty common in opensource, but I guess it does have implications.

Maybe it's a netsurf issue, or maybe some other pkg it uses? I think you should find out before you assume it's netsurf. Even if it's that program, I don;t think you should assume it is for spying. I did a quick look at the link you posted and the project seems well documented, with many support options like irc, mailing list, direct email etc...

[Chris]

Yes, IP tables is an option, but should not be needed in this case when I'm using Debian, where the programs should be clean.
I don't use Google direct, Facebook, Twitter or other like that, and have never done so.

[GarryRicketson]

Ok, well, how long have you been using Netsurf on Debian, ? You might want to update your Netsurf version, if possible. But as I mentioned , I never have seen anything like this my self, on older versions .
Turned out I did not have netsurf installed on this system yet, so I installed it,
but the version is newer, 3.8 , Aug.29, 2018. No amazon Ip 's show any where, checking with 'netstat'. How ever, a quick look at the manual:

Code: Select all

man netsurf

--cookie_file
cookie file

--cookie_jar
cookie jar

The OP might want to take a look at the manual, and how they have things configured, they could have picked up some cookies from the cookie monster, and that is causing a connection to amazon IP's. Hard to say with the lack of details. Besides , not really being a Debian problem necessarily, but a specific browser issue, if it was me I would ask about this on a Netsurf support site
https://www.netsurf-browser.org/contact/
I do not use netsurf that much, so don't know more about it...all though I am impressed at how fast it is, and it has really improved a lot, since the last time I used it.
I notice in the contact page, there is a mail address for security questions, or problems, if the OP really thinks it is "spying" on them , then it would be a security issue, I do not think that is the case though, so I would suggest the OP research this more, check all their cookie caches, etc, before claiming that Netsurf is spying on them. That is sort of like FUD in my opinion.
On any browser, when a lot of cookies accumulate in the cache, strange things can and do start happening.

[bw123]

Yes, IP tables is an option, but should not be needed in this case when I'm using Debian, where the programs should be clean.
I don't use Google direct, Facebook, Twitter or other like that, and have never done so.

We passed the point where programs are clean a long time ago. Normally, when a browser loads a resource it goes to sleep, what eles is there to do? These browsers now keep running, doing nobody knows what, even when they are just sitting there. It drives me crazy. Why the heck would a browser be doing anything at all before or after loading a page?

It's an interesting topic, hope you figure it out.

[stevepusser]

Interesting...I just built Netsurf 3.8 for MX Linux on vanilla Stretch and Jessie pbuilder platforms: http://mxrepo.com/mx/testrepo/pool/test/n/netsurf/

It doesn't appear that it's being maintained in Debian, though.

[Chris]

GarryRicketson - I installed the Web surf about 2 weeks ago and it is still the latest to get via Debian.
Cookie caches are cleaned when I look in iftop.

I forgot to mention a few days ago, I wrote an email to Debian maintainer Vincent Sanders, but unfortunately without any response.

[debiman]

i just grepped the source code:

Code: Select all

grep -rw amazon
netsurf/test/nsurl.c:	  "http://The%20Old%20Organ%20Trail%20http://www.amazon.com/gp/product/B007B57MCQ/ref=as_li_tf_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B007B57MCQ&linkCode=as2&tag=brimck0f-20",
netsurf/resources/SearchEngines:Amazon|www.amazon.com|http://www.amazon.com/s/ref=nb_ss_gw?field-keywords=%s|http://www.amazon.com/favicon.ico|
netsurf/!NetSurf/Resources/SearchEngines:Amazon|www.amazon.com|http://www.amazon.com/s/ref=nb_ss_gw?field-keywords=%s|http://www.amazon.com/favicon.ico|
netsurf/!NetSurf/Resources/AdBlock,f79:*[src*="rcm-images.amazon.com"],
netsurf/!NetSurf/Resources/AdBlock,f79:*[src*="rcm.amazon.com"],
libnspsl/public_suffix_list.dat:// Amazon CloudFront : https://aws.amazon.com/cloudfront/
libnspsl/public_suffix_list.dat:// Submitted by Donavan Miller <donavanm@amazon.com>
libnspsl/public_suffix_list.dat:// Amazon Elastic Compute Cloud: https://aws.amazon.com/ec2/
libnspsl/public_suffix_list.dat:// Submitted by Philip Allchin <pallchin@amazon.com>
libnspsl/public_suffix_list.dat:// Amazon Elastic Beanstalk : https://aws.amazon.com/elasticbeanstalk/
libnspsl/public_suffix_list.dat:// Submitted by Adam Stein <astein@amazon.com>
libnspsl/public_suffix_list.dat:// Amazon Elastic Load Balancing : https://aws.amazon.com/elasticloadbalancing/
libnspsl/public_suffix_list.dat:// Submitted by Scott Vidmar <svidmar@amazon.com>
libnspsl/public_suffix_list.dat:// Amazon S3 : https://aws.amazon.com/s3/
libnspsl/public_suffix_list.dat:// Submitted by Luke Wells <lawells@amazon.com>

it could be search engines checking for updates for themselves.
try disabling amazon search engine?
and then there's that libnspsl/public_suffix_list.dat - no idea what that does, but maybe you should find out?

[stevepusser]

Seems to me like quite a leap in logic from that code to accusing Netsurf of spying on you...