Why is this strange IP address in Network connections?

For discussions about security.
Message
Author
gcmartin

#21 Post by gcmartin »

anikin wrote:
I'm afraid you are making some wild assumptions.
ipinfo is using icanhazip.com to report you external IP to you.
Not at all, I'm just stating the facts. ... .
Hi @Anikin, I am NOT making any attempt to further upset your view. I can see from your current position that you would like to see a different approach used. Let me try to help.

You don't have to look very far into Networking Architecture to see how the WHOLE system operates. One of the key underlying foundations that has been in existence since "electronic" protocols have been around is what I term as the "call - response sequence". Its a protocol to assist devices to determine existence.

Even if you don't agree that it should happen, it is the foundation of how thing communicate and is used for very productive purposes.

If I can help, I steer you to look at your simple LAN protocol's architecture. You choose the source(s) that you trust, but what you will see is how it is structured so that the LAN devices report their existence and location. This is also try in old Async or BiSync or SDLC or Sonet or ATM or ...

You or I may not "like" that the architecture is this way, but, until we can architect a better way, it remains a suitable way for operations.

After reviewing the protocol foundation and architecture, you might glean some more appropriate means of devices to request, report, and determine existence of the whole (LAN/WAN) that they exist so that it can become a new approach to deterministic identity that would be better suited for what devices do. Remember, it took 25years for the LAN protocols to emerge. It took equally long for Arpa to evolve to Ethernet to evolve to the Internet.

BTW, other distros and OS may not necessarily used the exact identical model that we are discussing here, but, their models are equally consistent with what PUPs are doing.

The thread opens with a request. And, where there was alarm, it seems to be an operation which is not impacting or jeopardizing the devices or its intent.

If someone(s) of us can show that there is an even saver means to achieve the same result, then we need to post follow-ons or open a new thread to show something of increased safety for community users. To "STOP" does NOT address our needs. We need a solution and STOP is not a solution (it might be thought of as a band-aid, though...but it does NOT address the need and causes us to still our heads further in the sand without addressing the need). The current solution we have seemingly is safe.

Hope this helps

gcmartin

#22 Post by gcmartin »

On anorher note; one thought is we could have info in the community which attempts to share, by PUP distro, which ports are used via its network services.

Which leads to the following questions
Should:
  • this be done in this thread?
  • a new one thread be started?
  • this be a part of each distro's announcement?
  • or would there be useful value in this info or would it be a confusing and distracting entry?
Thoughts ...

User avatar
greengeek
Posts: 5789
Joined: Tue 20 Jul 2010, 09:34
Location: Republic of Novo Zelande

#23 Post by greengeek »

anikin wrote:An average user will hardly ever want to know the external IP address in his entire lifetime. However, if curiosity hits him, here's a little piece of code:

Code: Select all

my ip
. Type, or copy/paste it into Google search bar and you will see your IP right on the top of the page.
Thanks for this tip.

I agree with Anikin. It seems odd to enforce an unseen connection which is supposed to be of benefit to the user - who actually has no idea the connection has been made, or what info it provides him.

The 'my ip' tip will suffice for anyone who needs this info, or else maybe a small script could be written (Pipinfo??) that links to the icanhazip (or other) site when the user feels the need to voluntarily get hold of the ip info. I find it disturbing that it is necessary to delete code in order to have a 'quiet' system.

I was equally disturbed by the recent use of the pupdesk.flg file in some puppies and my vote goes to keeping puppies quiet, restrained and receptive to the commands of the owner, not indulging in secretive behaviour, no matter how innocent.

gcmartin

#24 Post by gcmartin »

This may be a good time to ask something differently.

If you are going to look at how this is to be accomplished, how would you redesign this such that the system knows what this intends it to know? This extends from the system's boots all the way to normal network and internet operations.

And while doing so, lets look backward into why it was put in place; and forward into current system applications and PPM stuff that would be delayed, slowed, or stop working. This way, a solid approach to the system's knowledge can be put in place.

Maybe this thread can re-design this. Thoughts, please..

BTW: How many of you are aware of the stuff flying around on your home LANs. Even though its flying around, that does NOT mean that something covert is going on. Look at the architecture.

Again, maybe we start with identifying all of the system's ports in a thread, then step back and see what if anything is wrong. (For example; is any port's use presenting any negative system behavior? Is there a better way to use the port services? etc....)

Lastly, because we, personally, did not know about it does NOT mean that we have been betrayed....does it???

User avatar
01micko
Posts: 8741
Joined: Sat 11 Oct 2008, 13:39
Location: qld
Contact:

#25 Post by 01micko »

What are you arguing for.. security? Privacy?
anikin wrote:

Code: Select all

my ip
. Type, or copy/paste it into Google search bar...
That's where your argument lost all credibility.
Puppy Linux Blog - contact me for access

User avatar
perdido
Posts: 1528
Joined: Mon 09 Dec 2013, 16:29
Location: ¿Altair IV , Just north of Eeyore Junction.?

#26 Post by perdido »

mavrothal wrote: I'm afraid you are making some wild assumptions.
ipinfo is using icanhazip.com to report you external IP to you. ie not the IP that your machine has (usually the one provided by the adsl router) but the one the world sees.
Many sites can do that and icanhazip.com is probably the less intrusive.
If you connect with a modem through a provider, this IP is destined to change depending on your provider's IP range. It can even be from another country depending on how your provider is entering the web.
It is certainly not tracking since many users of a given provider go out with the same IPs (think of it as connecting through a proxy).
If you do not want to know your external IP you can comment out these lines in ipinfo.
If you use a static IP (where everybody can track you by your IP) you can also comment out these lines.
But comments about "tracking" "business partners" etc sound at least unfounded (to be nice).
Hi mavrothal,

I tend to agree with you here.

I quoted your post and hilighted in red where you mention you can comment out "these lines" in ipinfo. I tried that and broke ipinfo. So I replaced the "icanhazip.com" with "127.0.0.1" (drop the quotation marks) and all works well with no connection to icanhazip.com.

edit: I broke ipinfo due to not commenting out both lines of code, your way works just fine!
.
Last edited by perdido on Tue 07 Jan 2014, 06:30, edited 4 times in total.

anikin
Posts: 994
Joined: Thu 10 May 2012, 06:16

#27 Post by anikin »

01micko wrote:What are you arguing for.. security? Privacy?
Anikin, the brave mouse-pusher, will never fight for a cause lesser than Privacy and Security! :)

I recall, once you sided with me on the above. Although, you didn't follow through fully on your pledge, that was not your fault. The issue was embedded in Woof. I have a brutally upfront question for you: Micko, you're now in control. Are you prepared to ditch this feature?

.

User avatar
01micko
Posts: 8741
Joined: Sat 11 Oct 2008, 13:39
Location: qld
Contact:

#28 Post by 01micko »

anikin, the brave wrote: Are you prepared to ditch this feature?
No.

The program is ipinfo. That's what it is and does. Granted, it doesn't need to be in 3 places, the other 2 are pets anyway, they can be adjusted.

May I remind you and everyone that the moment you open a browser it phones home and various other places. Mozilla is also a Google partner. So what browser do you suggest? Dillo? Sure, if all you want is static content. Nothing against Dillo, NetSurf, Links, Elinks or Lynx, they all have their place, but not as a default browser in a distro that is supposed to have everything at your fingertips.

If you really want to be secure don't use a computer. But then, of course if you have a bank account then you're screwed. Social security, insurance, taxation, any public or private organisation has digital records, all vulnerable.

Until someone proves to me that icanhazip.com breaches your privacy or security it stays.

What get's me is that folks are keen enough to search for and find what's coming in and out of their computer but not keen enough to search for and find information on the topic before starting a FUD war!
Puppy Linux Blog - contact me for access

anikin
Posts: 994
Joined: Thu 10 May 2012, 06:16

#29 Post by anikin »

I didn't ask you to ditch ipinfo - only the "feature."
What will a user loose if you remove these lines from ipinfo:

Code: Select all

	# external ip
	#var0="`wget -O - -q icanhazip.com`"
	#var0="$(gettext 'External IP:') ""$var0"

I have removed them - no loss of functionality. Following your logic, if a browser calls home, why can't we allow ipinfo to do the same. By the way, I'm afraid, you're also not prepared to ditch xorgwizard - because if you do, Woof will lose its flag-sticking functionality - another useful feature.
Until someone proves to me that icanhazip.com breaches your privacy or security it stays.
No, icanhazip doesn't breach my privacy and security. Puppy Linux does.

.

gcmartin

#30 Post by gcmartin »

Again, this port does NOT have a known security issue nor a privacy violation. It is simply a port for its protocol's intent.

Why is this so hard to understand, especially in light of both evidence aw well as members showing how, if you feel threatened, to change your system.

Where is there harm? We now know why you feel that way, but, there is no known harm shown. Nor has it been shown how to exploit the port for grave system behavior. We are aware of its benefit, even if its not universally agreed.

Here to help

gcmartin

#31 Post by gcmartin »

After thinking thru the concern being pushed, it occurs that the problem MAY be that its not known the difference between "port" versus "destination". This lack of knowledge could be the root of discomfort.

Hope this helps

User avatar
01micko
Posts: 8741
Joined: Sat 11 Oct 2008, 13:39
Location: qld
Contact:

#32 Post by 01micko »

anikin wrote:I didn't ask you to ditch ipinfo - only the "feature."


What will a user loose if you remove these lines from ipinfo:

Code: Select all

	# external ip
	#var0="`wget -O - -q icanhazip.com`"
	#var0="$(gettext 'External IP:') ""$var0"

I have removed them - no loss of functionality.
What and have half an app? :lol:
anikin wrote:Following your logic, if a browser calls home, why can't we allow ipinfo to do the same.
That's not such a bad idea... I might put that one to Raffy, he hosts puppylinux.org and it's only a simple php script that can run the code. And my point was not about phoning home but phoning anywhere, who knows where? Go on, try it. Remove some of the filters you have in place and see how many connections there are when you open a browser. Why aren't people whining about that?
anikin wrote:By the way, I'm afraid, you're also not prepared to ditch xorgwizard - because if you do, Woof will lose its flag-sticking functionality - another useful feature.
Oh dear... we're not on a moon mission. This I won't discuss anyway, not here.
anikin wrote:
Until someone proves to me that icanhazip.com breaches your privacy or security it stays.
No, icanhazip doesn't breach my privacy and security. Puppy Linux does.
The tears are a streaming now.. :cry: . Did you even read about Major Hayden?

If you must, go and use trisquel. Then after you hack out half the firmware from some other distro you might be able to run Xorg and even get online, or leave it and stay off line, more secure that way. Whining like this really isn't called for. If you really want to do something positive, you PM raffy yourself. He's a good guy. Go and find the PHP script I mentioned. I've lost the motivation.

EDIT: I got a sudden burst of motivation!!!

Here is the script:
.

Code: Select all

<?PHP

$ipaddress = $_SERVER["REMOTE_ADDR"];

Echo "$ipaddress\n";

?>
Run this:

Code: Select all

curl http://01micko.com/ipaddy/
Now, armed with this, PM raffy and ask him to host that file, call it index.php and stick it in puppylinux.org/my-ip or something. I did my bit, you do your bit, then I'll do my bit at the woof end. Then can we call quits to this silly argument and argue about something interesting, like flags?
Puppy Linux Blog - contact me for access

User avatar
Smithy
Posts: 1151
Joined: Mon 12 Dec 2011, 11:17

#33 Post by Smithy »

01micko wrote:Remove some of the filters you have in place and see how many connections there are when you open a browser. Why aren't people whining about that?
I guess that is because a lot of people know how to sort out their browsers from the default offerings, i.e do not track me= track me by telling sites or a database I do not want to be tracked. Third party cookies forever etc. Just a hangover from old business practise that won't cut it anymore.

There is at least some form of consented control.

I had to remove Pmusic, because it whizzed off for 5minutes getting my music files tagged, all I wanted to do was play one single mix. Would be nice for an option to ask maybe. Maybe I missed that option. As it was I had to sit there wondering what the heck it was doing when I could have got a cuppa together.

We're here to learn, contribute and make Puppy the best Linux OS.

User avatar
mavrothal
Posts: 3096
Joined: Mon 24 Aug 2009, 18:23

#34 Post by mavrothal »

anikin wrote:
I'm afraid you are making some wild assumptions.
ipinfo is using icanhazip.com to report you external IP to you.
Not at all, I'm just stating the facts.
What facts?
If the "facts" is that the ipinfo app uses a site to report to you your external IP we agree. Everything else is just your imagination (to be nice)
anikin wrote:An average user will hardly ever want to know the external IP address in his entire lifetime. However, if curiosity hits him, here's a little piece of code:

Code: Select all

my ip
. Type, or copy/paste it into Google search bar and you will see your IP right on the top of the page.
if you you do not want this functionality built in, comment it out, but I do not see anybody complaining.
anikin wrote:There's absolutely no need to have a murky url permanently glued to the user's computer.
"murky" is simply a lie or paranoia.
There are many utilities out there with tracker blockers and tracker databases and icanhazip.com is not in any of these.
anikin wrote:Let him make his own choices, or at least ask him first if he wants to be directed there every time his computer starts.
That is another lie. The computer is not "directed" there in any way. Is just checking it's IP the same way it does with your router or your ISP.
Is not accepting any "cookies" or flags and no other app is looking in to this. Besides, let me repeat in case you missed it, you public IP reported in ipinfo by icanhazip.com is the IP of your service provider. No one can track YOU with this IP (even if somehow could have access to it).
anikin wrote:If you care about the future of Puppy Linux and its users, you will have to remove this "feature" from Woof CE. Just sweeping the issue under the rug, won't make it go away - it will resurface in another thread here, sooner or later.
"Caring" can be easily seen by the post record in this forum. For everybody...
anikin wrote:
But comments about "tracking" "business partners" etc sound at least unfounded (to be nice).
Add here setting flags on user's partitions and they will start making presumptions, that's human nature.
Precisely. Presumptions. The nature of which mostly depend on the person doing them...
== [url=http://www.catb.org/esr/faqs/smart-questions.html]Here is how to solve your[/url] [url=https://www.chiark.greenend.org.uk/~sgtatham/bugs.html]Linux problems fast[/url] ==

User avatar
mavrothal
Posts: 3096
Joined: Mon 24 Aug 2009, 18:23

#35 Post by mavrothal »

01micko wrote: Now, armed with this, PM raffy and ask him to host that file, call it index.php and stick it in puppylinux.org/my-ip or something.
Are you nuts?
Are you suggesting to have puppy calling a puppy-associated website?
And who is this "raffy" anyway?
And what is (s)he going to do with my IP?
And how do I know that the code will not be changed?
And...?
:P
== [url=http://www.catb.org/esr/faqs/smart-questions.html]Here is how to solve your[/url] [url=https://www.chiark.greenend.org.uk/~sgtatham/bugs.html]Linux problems fast[/url] ==

User avatar
puppy_apprentice
Posts: 299
Joined: Tue 07 Feb 2012, 20:32

#36 Post by puppy_apprentice »

Linux: Get IP Address on Command Line/Shell (internal/external)

http://www.if-not-true-then-false.com/2 ... p-address/

So it is nothing bad with this ip script. But it could me made as alternative solution eg. via 'Show my IP' button in net configuration/info tab.

anikin
Posts: 994
Joined: Thu 10 May 2012, 06:16

#37 Post by anikin »

mavrothal wrote:anikin wrote:
Let him make his own choices, or at least ask him first if he wants to be directed there every time his computer starts.

That is another lie. The computer is not "directed" there in any way. Is just checking it's IP the same way it does with your router or your ISP.
Is not accepting any "cookies" or flags and no other app is looking in to this. Besides, let me repeat in case you missed it, you public IP reported in ipinfo by icanhazip.com is the IP of your service provider. No one can track YOU with this IP (even if somehow could have access to it).
A typical approach: diminish an opponent - call him a liar, because he doesn't share your view, and throw in unrelated info to divert the forum's attention. I've never said, icanhazip uses cookies or puts something into your computer. All that's needed for tracking is the address and time of the incoming connection. As per se, icanhazip is not an issue here. It is not a threat, never have I said it has a bad or any other record. It is just an obscure, unknown to the public outlet, hence the word "murky." Put any address instead of icanhazip - the tracking functionality will remain unchanged. Why tracking? Because, that address is welded, riveted to the user's computer. Remove the code, if you don't like it, says the dev. Thanks, for the tip, I removed the code a long time ago. But I'm testing every new release of Puppies and of course most of the time I will forget about the issue. Those who are even more noobs, than I'm, are completely out of luck. They blissfully believe, Puppy connects only to the sites it is told to go to. They are unaware of the "feature" - Puppy Linux has a buddy, let's go say hello to him. By the time the new, unsuspecting user comes across this or other threads, Puppy's buddy will have a little record to share. Perhaps, he is not a buddy at all - just a dull business partner, who knows. Yep, looks more like a business partner :/

Do you, guys happen to know, why other distros do not have this feature? How come, they are unaware of it's usefulness?

User avatar
cowboy
Posts: 250
Joined: Thu 03 Feb 2011, 22:04
Location: North America; the Western Hemisphere; Yonder

ican haz ip

#38 Post by cowboy »

from Lifehacker:

http://lifehacker.com/5785602/find-your ... anhazipcom

"..Rackspace employee Major Hayden runs icanhazip.com as a service to the general internet community. What is great about the site is that there are no ads, text or other "stuff" along with your IP. This allows you to build the domain into scripts to automatically determine what your public IP address is from any system on the earth..."

While I understood the initial concern - it's a service, not a conspiracy. I've found reference to icanhazip on forum boards for several linux distros, including Ubuntu and Suse. Sadly, I had to use google to find all that, so I'm compromised...Dang it.
[i]"you fix what you can fix and you let the rest go.."[/i] - Cormac McCarthy - No Country For Old Men.

User avatar
greengeek
Posts: 5789
Joined: Tue 20 Jul 2010, 09:34
Location: Republic of Novo Zelande

#39 Post by greengeek »

01micko wrote:
anikin wrote:

Code: Select all

my ip
. Type, or copy/paste it into Google search bar...
That's where your argument lost all credibility.
I don't understand why this comment is problematic. I understood Anikin to be suggesting that this was one way a user could determine their external IP. Is that not correct? It certainly works for me (or are you suggesting that the resultant info cannot be trusted?)
Until someone proves to me that icanhazip.com breaches your privacy or security it stays.
The issue for me is not one of the integrity of icanhazip.com, it is more one of my unhappiness that a connection was made unnecessarily and compulsorily. I would have preferred a popup screen to offer me the choice (and a brief explanation to help me understand the value to me of allowing the connection). Up until now I thought my PC would only connect to my browser home page when I asked it to, and until then would not go beyond contacting my router for a DHCP address. This thread has educated me that I was mistaken and given me the opportunity to decide for myself about these connections (some of which are not related to icanhazip)
mavrothal wrote:you public IP reported in ipinfo by icanhazip.com is the IP of your service provider. No one can track YOU with this IP (even if somehow could have access to it
Is this actually the case? It seems at odds with the following comment:
cowboy wrote:This allows you to build the domain into scripts to automatically determine what your public IP address is from any system on the earth..."

User avatar
James C
Posts: 6618
Joined: Thu 26 Mar 2009, 05:12
Location: Kentucky

#40 Post by James C »

greengeek wrote:
01micko wrote:
anikin wrote:

Code: Select all

my ip
. Type, or copy/paste it into Google search bar...
That's where your argument lost all credibility.
I don't understand why this comment is problematic. I understood Anikin to be suggesting that this was one way a user could determine their external IP. Is that not correct? It certainly works for me (or are you suggesting that the resultant info cannot be trusted?)
If anyone could be suspected of possible tracking/data-mining/anything to make a buck it would be the mighty Google.Trust Google at your own risk.
greengeek wrote:
Until someone proves to me that icanhazip.com breaches your privacy or security it stays.
The issue for me is not one of the integrity of icanhazip.com, it is more one of my unhappiness that a connection was made unnecessarily and compulsorily. I would have preferred a popup screen to offer me the choice (and a brief explanation to help me understand the value to me of allowing the connection). Up until now I thought my PC would only connect to my browser home page when I asked it to, and until then would not go beyond contacting my router for a DHCP address. This thread has educated me that I was mistaken and given me the opportunity to decide for myself about these connections (some of which are not related to icanhazip)
mavrothal wrote:you public IP reported in ipinfo by icanhazip.com is the IP of your service provider. No one can track YOU with this IP (even if somehow could have access to it
Is this actually the case? It seems at odds with the following comment:
cowboy wrote:This allows you to build the domain into scripts to automatically determine what your public IP address is from any system on the earth..."
A script can be run in any Linux distro, on any individual computer,from anywhere on earth to get the public IP address of the one individual computer that sent the request.That's it....nothing more and nothing less.

Post Reply