On Wednesday 31 January 2007 08:26, Jan Engelhardt wrote:

Hi list.

Just when I wanted to debug a web problem, I saw tcpdump showing Firefox making silent requests to Google. (wtf at this point!) To reproduce: Open a random webpage (preferably one that does not reference external content, e.g. http://jengelh.hopto.org/ ; local files don't trigger it)

14:23:03.581788 IP 10.10.106.161.50386 > 134.76.10.66.3128: P 1:691(690) ack 1 win 5840 E....a@.@...

j..L B...8"..%.g..P.......GET http://sb.google.com/safebrowsing/update?client=navclient-auto-ffox2.0.0.2p

^^^^^^^^^^^^^^^' Do you have the website checker on? The one that looks for fake sites? Nick -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org

Jan Engelhardt wrote:

B...8"..%.g..P.......GET http://sb.google.com/safebrowsing/update?client=navclient-auto-ffox2.0.0.2pre&mozver=1.8.1.2pre-2006102300&version=goog-white-domain:1:19,goog-white-url:1:371,goog-black-url:1:8400,goog-black-enchash:1:17514 HTTP/1.1 Host: sb.google.com User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.2pre)

Can I _please_ get information why there's spyware like this in Firefox?

Looks like you have enabled the phishing protection using external blacklists like Google. If you don't have it might be a bug.

Added by SUSE?

Why would you think that? SUSE is not getting money from Google while the Mozilla Corporation does. (What doesn't mean that's the reason for the option) Wolfgang -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org

...

...

On 31-01-2007 at 15:26, Jan Engelhardt wrote: Hi list.

Just when I wanted to debug a web problem, I saw tcpdump showing Firefox making silent requests to Google. (wtf at this point!) To reproduce: Open a random webpage (preferably one that does not reference external content, e.g. http://jengelh.hopto.org/ ; local files don't trigger it)

Jan, Maybe you could have a look at this site: http://www.google.com/tools/firefox/safebrowsing/ The link it requested there is the Web Forgery Protection. Dominique Oh: I don't think SUSE did add this link... it's a known feature of FireFox 2, isn't it? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org

Jan Engelhardt wrote:

j..L B...8"..%.g..P.......GET http://sb.google.com/safebrowsing/update?client=navclient-auto-ffox2.0.0.2pre&mozver=1.8.1.2pre-2006102300&version=goog-white-domain:1:19,goog-white-url:1:371,goog-black-url:1:8400,goog-black-enchash:1:17514 HTTP/1.1 Host: sb.google.com User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.2pre) Gecko/20061023 SUSE/2.0.0.1-0.1 Firefox/2.0.0.2pre Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: UTF-8,* Keep-Alive: 300 Proxy-Connection: keep-alive Cookie: PREF=ID=b81b7fa78ae17cf1:TM=1168225067:LM=1168225067:S=xIIiZGyQbydqdfSG

Can I _please_ get information why there's spyware like this in Firefox?

I just checked mine, and no such thing happening here. I suspect it is your phishing filter. That is your configuration item. BTW, mine is turned on but set to check using a downloaded list of suspected sites. What is yours set to. I noticed Google is the default choice if set to Check by asking <download list> about each site I visit. -- Joe Morris Registered Linux user 231871 running openSUSE 10.2 x86_64 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org