Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 24 Apr 2014, 22:45
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Why is this strange IP address in Network connections?
Post new topic   Reply to topic View previous topic :: View next topic
Page 3 of 15 [211 Posts]   Goto page: Previous 1, 2, 3, 4, 5, ..., 13, 14, 15 Next
Author Message
gcmartin

Joined: 14 Oct 2005
Posts: 3645
Location: Earth

PostPosted: Tue 07 Jan 2014, 01:02    Post subject:  

After thinking thru the concern being pushed, it occurs that the problem MAY be that its not known the difference between "port" versus "destination". This lack of knowledge could be the root of discomfort.

Hope this helps

_________________
Get ACTIVE Create Circles; Do those good things which benefit people's needs!
We are all related ... Its time to show that we know this!
3 Different Puppy Search Engine or use DogPile
Back to top
View user's profile Send private message 
01micko


Joined: 11 Oct 2008
Posts: 7547
Location: qld

PostPosted: Tue 07 Jan 2014, 01:10    Post subject:  

anikin wrote:
I didn't ask you to ditch ipinfo - only the "feature."


What will a user loose if you remove these lines from ipinfo:
Code:
   # external ip
   #var0="`wget -O - -q icanhazip.com`"
   #var0="$(gettext 'External IP:') ""$var0"

I have removed them - no loss of functionality.


What and have half an app? Laughing

anikin wrote:
Following your logic, if a browser calls home, why can't we allow ipinfo to do the same.


That's not such a bad idea... I might put that one to Raffy, he hosts puppylinux.org and it's only a simple php script that can run the code. And my point was not about phoning home but phoning anywhere, who knows where? Go on, try it. Remove some of the filters you have in place and see how many connections there are when you open a browser. Why aren't people whining about that?

anikin wrote:
By the way, I'm afraid, you're also not prepared to ditch xorgwizard - because if you do, Woof will lose its flag-sticking functionality - another useful feature.


Oh dear... we're not on a moon mission. This I won't discuss anyway, not here.

anikin wrote:
Quote:
Until someone proves to me that icanhazip.com breaches your privacy or security it stays.

No, icanhazip doesn't breach my privacy and security. Puppy Linux does.


The tears are a streaming now.. Crying or Very sad . Did you even read about Major Hayden?

If you must, go and use trisquel. Then after you hack out half the firmware from some other distro you might be able to run Xorg and even get online, or leave it and stay off line, more secure that way. Whining like this really isn't called for. If you really want to do something positive, you PM raffy yourself. He's a good guy. Go and find the PHP script I mentioned. I've lost the motivation.

EDIT: I got a sudden burst of motivation!!!

Here is the script:
.
Code:
<?PHP

$ipaddress = $_SERVER["REMOTE_ADDR"];

Echo "$ipaddress\n";

?>


Run this:
Code:
curl http://01micko.com/ipaddy/


Now, armed with this, PM raffy and ask him to host that file, call it index.php and stick it in puppylinux.org/my-ip or something. I did my bit, you do your bit, then I'll do my bit at the woof end. Then can we call quits to this silly argument and argue about something interesting, like flags?

_________________
Woof Mailing List | keep the faith Cool |
Back to top
View user's profile Send private message Visit poster's website 
Smithy


Joined: 12 Dec 2011
Posts: 378

PostPosted: Tue 07 Jan 2014, 03:24    Post subject:  

01micko wrote:
Remove some of the filters you have in place and see how many connections there are when you open a browser. Why aren't people whining about that?


I guess that is because a lot of people know how to sort out their browsers from the default offerings, i.e do not track me= track me by telling sites or a database I do not want to be tracked. Third party cookies forever etc. Just a hangover from old business practise that won't cut it anymore.

There is at least some form of consented control.

I had to remove Pmusic, because it whizzed off for 5minutes getting my music files tagged, all I wanted to do was play one single mix. Would be nice for an option to ask maybe. Maybe I missed that option. As it was I had to sit there wondering what the heck it was doing when I could have got a cuppa together.

We're here to learn, contribute and make Puppy the best Linux OS.
Back to top
View user's profile Send private message 
mavrothal


Joined: 24 Aug 2009
Posts: 1388

PostPosted: Tue 07 Jan 2014, 12:24    Post subject:  

anikin wrote:
Quote:
I'm afraid you are making some wild assumptions.
ipinfo is using icanhazip.com to report you external IP to you.

Not at all, I'm just stating the facts.

What facts?
If the "facts" is that the ipinfo app uses a site to report to you your external IP we agree. Everything else is just your imagination (to be nice)

anikin wrote:
An average user will hardly ever want to know the external IP address in his entire lifetime. However, if curiosity hits him, here's a little piece of code:
Code:
my ip
. Type, or copy/paste it into Google search bar and you will see your IP right on the top of the page.

if you you do not want this functionality built in, comment it out, but I do not see anybody complaining.

anikin wrote:
There's absolutely no need to have a murky url permanently glued to the user's computer.

"murky" is simply a lie or paranoia.
There are many utilities out there with tracker blockers and tracker databases and icanhazip.com is not in any of these.

anikin wrote:
Let him make his own choices, or at least ask him first if he wants to be directed there every time his computer starts.

That is another lie. The computer is not "directed" there in any way. Is just checking it's IP the same way it does with your router or your ISP.
Is not accepting any "cookies" or flags and no other app is looking in to this. Besides, let me repeat in case you missed it, you public IP reported in ipinfo by icanhazip.com is the IP of your service provider. No one can track YOU with this IP (even if somehow could have access to it).

anikin wrote:
If you care about the future of Puppy Linux and its users, you will have to remove this "feature" from Woof CE. Just sweeping the issue under the rug, won't make it go away - it will resurface in another thread here, sooner or later.

"Caring" can be easily seen by the post record in this forum. For everybody...

anikin wrote:
Quote:
But comments about "tracking" "business partners" etc sound at least unfounded (to be nice).

Add here setting flags on user's partitions and they will start making presumptions, that's human nature.


Precisely. Presumptions. The nature of which mostly depend on the person doing them...

_________________
Kids all over the world go around with an XO laptop. They deserve one puppy (or many) too Very Happy
Back to top
View user's profile Send private message 
mavrothal


Joined: 24 Aug 2009
Posts: 1388

PostPosted: Tue 07 Jan 2014, 12:33    Post subject:  

01micko wrote:

Now, armed with this, PM raffy and ask him to host that file, call it index.php and stick it in puppylinux.org/my-ip or something.

Are you nuts?
Are you suggesting to have puppy calling a puppy-associated website?
And who is this "raffy" anyway?
And what is (s)he going to do with my IP?
And how do I know that the code will not be changed?
And...?
Razz

_________________
Kids all over the world go around with an XO laptop. They deserve one puppy (or many) too Very Happy
Back to top
View user's profile Send private message 
puppy_apprentice


Joined: 07 Feb 2012
Posts: 106

PostPosted: Tue 07 Jan 2014, 15:59    Post subject:  

Linux: Get IP Address on Command Line/Shell (internal/external)

http://www.if-not-true-then-false.com/2010/linux-get-ip-address/

So it is nothing bad with this ip script. But it could me made as alternative solution eg. via 'Show my IP' button in net configuration/info tab.
Back to top
View user's profile Send private message 
anikin

Joined: 10 May 2012
Posts: 395

PostPosted: Tue 07 Jan 2014, 19:08    Post subject:  

mavrothal wrote:
anikin wrote:
Let him make his own choices, or at least ask him first if he wants to be directed there every time his computer starts.

That is another lie. The computer is not "directed" there in any way. Is just checking it's IP the same way it does with your router or your ISP.
Is not accepting any "cookies" or flags and no other app is looking in to this. Besides, let me repeat in case you missed it, you public IP reported in ipinfo by icanhazip.com is the IP of your service provider. No one can track YOU with this IP (even if somehow could have access to it).

A typical approach: diminish an opponent - call him a liar, because he doesn't share your view, and throw in unrelated info to divert the forum's attention. I've never said, icanhazip uses cookies or puts something into your computer. All that's needed for tracking is the address and time of the incoming connection. As per se, icanhazip is not an issue here. It is not a threat, never have I said it has a bad or any other record. It is just an obscure, unknown to the public outlet, hence the word "murky." Put any address instead of icanhazip - the tracking functionality will remain unchanged. Why tracking? Because, that address is welded, riveted to the user's computer. Remove the code, if you don't like it, says the dev. Thanks, for the tip, I removed the code a long time ago. But I'm testing every new release of Puppies and of course most of the time I will forget about the issue. Those who are even more noobs, than I'm, are completely out of luck. They blissfully believe, Puppy connects only to the sites it is told to go to. They are unaware of the "feature" - Puppy Linux has a buddy, let's go say hello to him. By the time the new, unsuspecting user comes across this or other threads, Puppy's buddy will have a little record to share. Perhaps, he is not a buddy at all - just a dull business partner, who knows. Yep, looks more like a business partner :/

Do you, guys happen to know, why other distros do not have this feature? How come, they are unaware of it's usefulness?
Back to top
View user's profile Send private message 
cowboy


Joined: 03 Feb 2011
Posts: 245
Location: North America; the Western Hemisphere; Yonder

PostPosted: Tue 07 Jan 2014, 23:30    Post subject: ican haz ip  

from Lifehacker:

http://lifehacker.com/5785602/find-your-public-ip-anywhere-with-icanhazipcom

"..Rackspace employee Major Hayden runs icanhazip.com as a service to the general internet community. What is great about the site is that there are no ads, text or other "stuff" along with your IP. This allows you to build the domain into scripts to automatically determine what your public IP address is from any system on the earth..."

While I understood the initial concern - it's a service, not a conspiracy. I've found reference to icanhazip on forum boards for several linux distros, including Ubuntu and Suse. Sadly, I had to use google to find all that, so I'm compromised...Dang it.

_________________
"Never trust a computer you can't throw out a window. - Steve Wozniak
Back to top
View user's profile Send private message 
greengeek

Joined: 20 Jul 2010
Posts: 2114
Location: New Zealand

PostPosted: Wed 08 Jan 2014, 02:45    Post subject:  

01micko wrote:

anikin wrote:
Code:
my ip
. Type, or copy/paste it into Google search bar...


That's where your argument lost all credibility.
I don't understand why this comment is problematic. I understood Anikin to be suggesting that this was one way a user could determine their external IP. Is that not correct? It certainly works for me (or are you suggesting that the resultant info cannot be trusted?)

Quote:
Until someone proves to me that icanhazip.com breaches your privacy or security it stays.
The issue for me is not one of the integrity of icanhazip.com, it is more one of my unhappiness that a connection was made unnecessarily and compulsorily. I would have preferred a popup screen to offer me the choice (and a brief explanation to help me understand the value to me of allowing the connection). Up until now I thought my PC would only connect to my browser home page when I asked it to, and until then would not go beyond contacting my router for a DHCP address. This thread has educated me that I was mistaken and given me the opportunity to decide for myself about these connections (some of which are not related to icanhazip)

mavrothal wrote:
you public IP reported in ipinfo by icanhazip.com is the IP of your service provider. No one can track YOU with this IP (even if somehow could have access to it
Is this actually the case? It seems at odds with the following comment:
cowboy wrote:
This allows you to build the domain into scripts to automatically determine what your public IP address is from any system on the earth..."
Back to top
View user's profile Send private message 
James C


Joined: 26 Mar 2009
Posts: 5453
Location: Kentucky

PostPosted: Wed 08 Jan 2014, 03:24    Post subject:  

greengeek wrote:
01micko wrote:

anikin wrote:
Code:
my ip
. Type, or copy/paste it into Google search bar...


That's where your argument lost all credibility.
I don't understand why this comment is problematic. I understood Anikin to be suggesting that this was one way a user could determine their external IP. Is that not correct? It certainly works for me (or are you suggesting that the resultant info cannot be trusted?)


If anyone could be suspected of possible tracking/data-mining/anything to make a buck it would be the mighty Google.Trust Google at your own risk.

greengeek wrote:
Quote:
Until someone proves to me that icanhazip.com breaches your privacy or security it stays.
The issue for me is not one of the integrity of icanhazip.com, it is more one of my unhappiness that a connection was made unnecessarily and compulsorily. I would have preferred a popup screen to offer me the choice (and a brief explanation to help me understand the value to me of allowing the connection). Up until now I thought my PC would only connect to my browser home page when I asked it to, and until then would not go beyond contacting my router for a DHCP address. This thread has educated me that I was mistaken and given me the opportunity to decide for myself about these connections (some of which are not related to icanhazip)

mavrothal wrote:
you public IP reported in ipinfo by icanhazip.com is the IP of your service provider. No one can track YOU with this IP (even if somehow could have access to it
Is this actually the case? It seems at odds with the following comment:
cowboy wrote:
This allows you to build the domain into scripts to automatically determine what your public IP address is from any system on the earth..."


A script can be run in any Linux distro, on any individual computer,from anywhere on earth to get the public IP address of the one individual computer that sent the request.That's it....nothing more and nothing less.
Back to top
View user's profile Send private message 
raffy

Joined: 25 May 2005
Posts: 4752
Location: Manila

PostPosted: Wed 08 Jan 2014, 10:31    Post subject: host the code  

Gee, I was about to host the code suggested above, but I suddenly recalled that hits at puppylinux.org are always at the overload end, so that got me frozen.

I see no problem with icanhazip.com, although I used to visit who.is for my ip address.

_________________
Puppy user since Oct 2004. Want FreeOffice? Get the sfs (English only).
Back to top
View user's profile Send private message 
gcmartin

Joined: 14 Oct 2005
Posts: 3645
Location: Earth

PostPosted: Wed 08 Jan 2014, 13:04    Post subject:  

One of the problems that this discussion highlights is that the community does NOT have a document (oh pray tell, a standard) that we understand to contain what ports a distro uses. Since there is none, the community will continue to see these kinds of alarms crop up, then a fire-fight surface where it becomes a distraction.

For those who dislike this protocol for system behavior, there have been altenative(s) presented.

We have, in this thread, identified that there is not a corruption as the behavior provides a service to the system. IS THIS SERVICE BAD? we have NOT seen any evidence that there is misuse or corruption.

Why is this getting the attention it is garnering??? IS THERE SOMETHING WRONG THAT THIS OPERATION IS DOING.

Again I share that your system on your LAN is doing things that most users are unaware. It has been doing it, by standard architecture, for almost 30 years. Most of you are unaware. Because it does "good" things for you should we have cause for alarm and call for the LAN to be trashed because you didn't know it was doing good things for you? This kind of reasoning is escaping me and maybe others.

HOW HAVE YOU BEEN HARMED?

And maybe a better question is:
How will any change improve things such that we see an improvement in the system's performance or its network performance and behavior?

Let's get the emotions behind us and focus on the system improvement for user benefit without putting ANY additional burden on the distro users.

Here to help

_________________
Get ACTIVE Create Circles; Do those good things which benefit people's needs!
We are all related ... Its time to show that we know this!
3 Different Puppy Search Engine or use DogPile
Back to top
View user's profile Send private message 
anikin

Joined: 10 May 2012
Posts: 395

PostPosted: Wed 08 Jan 2014, 13:28    Post subject:  

gcmartin,
This discussion has nothing to do with ports, protocols or network architecture.
Please, stop trolling.
Back to top
View user's profile Send private message 
greengeek

Joined: 20 Jul 2010
Posts: 2114
Location: New Zealand

PostPosted: Wed 08 Jan 2014, 14:36    Post subject:  

gcmartin wrote:
Why is this getting the attention it is garnering??? IS THERE SOMETHING WRONG THAT THIS OPERATION IS DOING.

Again I share that your system on your LAN is doing things that most users are unaware. It has been doing it, by standard architecture, for almost 30 years.

Apparently puppy 4.3.1 does not make any of these connections when booted, so I think it is unfair to suggest that it is 'expected' behaviour and that it has been so for 30 years.

One of the reasons I first started using Puppy was that I had discovered the Gibson Research Institute "shields up" site and become concerned about how unreasonably 'open' my Windows system was, according to the tests available there.

By contrast, Puppy seemed better locked down, and I felt happier using Puppy rather than Windows. My attitude was probably poorly informed, but nonetheless I felt that a 'quiet' system must be better than one that opened ports without user consent or knowledge. To learn that recent puppies have several connections open from boot time has awakened me to the fact I know way too little about how to keep my system secure.

Quote:
After thinking thru the concern being pushed, it occurs that the problem MAY be that its not known the difference between "port" versus "destination". This lack of knowledge could be the root of discomfort.

You may be right. Are you suggesting that each of these connections is just a 'safe destination' rather than an 'unnecessarily open port'?
Back to top
View user's profile Send private message 
greengeek

Joined: 20 Jul 2010
Posts: 2114
Location: New Zealand

PostPosted: Wed 08 Jan 2014, 14:43    Post subject:  

Also...I'm probably blind, but I cannot see any response that has provided a justification for a connection with Nugget enterprises - which as far as I can see is nothing at all to do with icanhazip.

Did I miss something? Why is my PC connecting to Nugget enterprises?
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 3 of 15 [211 Posts]   Goto page: Previous 1, 2, 3, 4, 5, ..., 13, 14, 15 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.1279s ][ Queries: 12 (0.0084s) ][ GZIP on ]