Favicon.ico

Playing with xerobank and wireshark, I noticed that when connected through xerobank, all traffic is encrypted and routed through their anonymization network... besides the favicon.ico!! I mean that every time I visit a site, for some reasone, the site favicon (if exists) is downloaded without being encrypted, and in this way it leaks all the sites that I visit (since the favicon is usually in http://site.com/favicon.ico).

How come is that? How can I solve this?

I tried to disabile favicon from about:config in firefox, but this option only prevents firefox from showing it, not from downloading it.

Any advice?

 

Still having this problem?

 

Yes, and I cannot understand why.
I am having this problem using xerobank on port 443 and through http proxy.

I have not tested yet on a direct connection, udp, on port 1194.

 

I think Kyle may have mentioned this to me as a browser behavior, but you are still VPNed through, just a different port. Let me see what I can dig up.

 

Try:
browser.chrome.site_icons false
browser.chrome.image_icons.max_size 0
browser.chrome.load_toolbar_icons 0

 

Testerazzi, even with your adviced configuration, I have the same problem.

This is not happening when going UDP, but with TCP I see no way to solve it. Any help?

 

I think I now understand what is the problem: Google Desktop!
Disabling the indexing of browser history it stops GETting the favicon.ico...

What I wonder is why Google Desktop doesn't go through the VPN like everything else...

 

Cause thats google for you I seriously don't no if they made it do that on purpose but google is all about getting information about its users.

 

Yes I know, and in fact I don't use any Google Apllication (especially Google Desktop) on any machine with sensitive data... but still I don't understand how the heck they make it bypass the VPN. Cause I have some applications I would like to bypass the VPN (not discriminating on IP address) but I don't know how to do it.

 

A VPN acts as a virtual network adapter. Applications should use it by default, but they can still use another (e.g. the real network adapter which connects to the Internet).

Windows doesn't really work nice in such setups; most program don't allow you to choose to which (virtual) network an application binds. They are expected to bind to the one you want and prefer, but that doesn't have to be the case.

Only way to prevent this is config your firewall to disallow such behavior, edit the network settings of Windows (using custom routing tables or such) or login to your home router and setup special firewall rules (most routers son't support that though).

 

Sadly I think the only system that would work the best for a openvpn is linux, it seems like networking was kinda just added into windows cause when ms-dos first came out it was never built to use a public internet,linux was built from the ground up for internet and the firewall is built into the kernal its called ip tables.I see people always thinking that the program firestarter is there firewall in linux no it only controls the ip tables cause there very hard to use and configure.Back to the point though windows is proboly always going to be very hard to secure and use a vpn.The only way they could ever fix this issue is if they completly overhauled networking which microsoft will proboly never do.

 

Google desktop doesn't go through the VPN? I thought that everything was forced through the VPN. Does that mean that Google can collect all of your personal data along with you true IP?

 

Here is a bit of info even if its a little dated. Interesting enough to explore this farther.
http://www.gss.co.uk/news/article/1436/Google_Desktop_Security_Warning_Issued/?highlight=VPN

 

We've got a solution for this. It should be ready soon, it makes all your adapters dead to the world except for the tap adapter.

 

markoman, and any others having DNS leaks, please contact me directly via email at steve dot topletz at xerobank dot c o m. We want to run some tests to duplicate your issue and test out some solutions.