Privacybadger: Connection to IP on Firefox startup
Privacy Badger seems to connect to 151.101.16.201 (currently) on port 443 every time Firefox is started.
I could not find any documentation what this connection is for.
Please explain.
In relation with this issue: https://github.com/EFForg/privacybadger/issues/1064 (Privacy Badger maintains a separate, plain-text list of every domain you've ever visited) it's all a bit weird.
martinfischer
All 8 comments
This seems to resolve to www.eff.org. If you call the IP directly, you get the following:
<html>
<head>
<title>Fastly error: unknown domain 151.101.16.201</title>
</head>
<body>
Fastly error: unknown domain: 151.101.16.201. Please check that this domain has been added to a service.</body></html>
But if you overwrite the host header to www.eff.org and use https you get the EFF page:
curl --header 'Host: www.eff.org' -k 'https://151.101.16.201'
Doesn't make this any less shady, but at least it's probably not some unknown third party.
Sebb767
on 14 Dec 2016
Definitely not documented - but could be:
- Checking for updates?
- Checking either of these URLs from the
constants.js? https://github.com/EFForg/privacybadger/blob/6509b89b1015a16ba4cd3139f7e9c468e4e1cf2f/src/constants.js#L33-L34
jamescooke
on 14 Dec 2016
Please see https://github.com/EFForg/privacybadgerfirefox-legacy/issues/816 for previous discussion.
ghostwords
on 14 Dec 2016
@jamescooke this is a call to get the latest version of the two files listed in constants.js. One of them is the list of acceptable DNT policies, the other is the yellow list (cookie block list). Both are needed for privacy badger to operate.
A question for you all is where would you want to see this documented? Like if you were looking for documentation about this, where would you look?
cooperq
on 16 Dec 2016
@cooperq Thanks for the explanation of these calls.
I would like to see these documented as part of the FAQs on the Privacy Badger page: https://www.eff.org/privacybadger - this has some detailed explanation of the blocking algo (under "How does Privacy Badger work?"), so why not have additional information about any phoning home?
In addition, it would be reassuring to know that no tracking or stats are collected as a result of these calls.
jamescooke
on 17 Dec 2016
Thanks we will add this to the docs. I can assure you that no tracking or identifying information are collected or stored as a result of these calls.
cooperq
on 5 Jan 2017
Would anyone like to add this to docs/IMPLEMENTATION.md?
cowlicks
on 19 Jun 2017
This is finally up on the website:
https://www.eff.org/privacybadger#faq-Why-does-my-browser-connect-to-fastly.com-IP-addresses-on-startup-after-installing-Privacy-Badger?
Why does my browser connect to fastly.com IP addresses on startup after installing Privacy Badger?
Fastly is EFF's CDN. Privacy Badger pings the CDN for the following resources to ensure that the information in them is fresh even if there hasn't been a new Privacy Badger release in a while:
The EFF does not set cookies or retain IP addresses for these queries.
$ host www.eff.org
www.eff.org is an alias for eff.map.fastly.net.
eff.map.fastly.net has address 151.101.40.201
eff.map.fastly.net has IPv6 address 2a04:4e42:a::201
Related issues
iammyr
路
4Comments
aphid
路
4Comments
apehex
路
4Comments
iamlukeallen
路
5Comments
jawz101
路
4Comments
Most helpful comment
Thanks we will add this to the docs. I can assure you that no tracking or identifying information are collected or stored as a result of these calls.