Escaping from Geolocation awareness in Linux

Discussion in 'all things UNIX' started by Amanda, Jan 10, 2016.

  1. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,417
    My post dealt with the latter case. BTW, here's a list of packages on the LiveCD: http://cdimage.ubuntu.com/releases/14.04.1/release/ubuntu-14.04.3-desktop-amd64 mac.manifest
    AIUI, there's a clean-up at the end of the install process that removes some software. So this manifest is not necessarily what will be present on a newly installed system. gparted is one package I know of which is removed.
     
  2. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,417
    How about this?
    Source: http://askubuntu.com/a/664860
     
  3. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    Really interesting stuff. Most surprising was Linux geeks (not just here) downplaying potential privacy issues...
     
  4. MisterB

    MisterB Registered Member

    Joined:
    May 31, 2013
    Posts:
    1,267
    Location:
    Southern Rocky Mountains USA
    Just checked again with the manifest list on the first Ubuntu system I removed geoclue from, and both the geoclue and geoclue-ubuntu-geoip packages are completely gone. Geoip-database remains but a simulated removal brings up no dependency issues and can be safely done. When I first saw the list, I thought geoclue-ubuntu-geoip might be what caused problems with the wildcard but that is not the case.
     
  5. Amanda

    Amanda Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,115
    Location:
    Brasil
    Exactly, that's why I said it's not a problem for them :p

    I think these ones are enough: http://pastebin.com/raw/jCdDFCLV

    Really? I can't believe I might have to switch to an Ubuntu flavor :argh:

    Could you tell if you have these packages installed?

    libgoa-*
    libgoogle-*
    libkgapi*

    That's really interesting! I removed two geoclue packages on Debian with the same command as yours, and didn't get that promp. But I think I already had all those packages installed.

    Interesting. For me, on Debian, I got no warning that I can remember. It only removed the packages
    Correct. My mistake.

    But that's a non-issue. You can remove geoclue even if some packages depend on it.

    What you really won't be able to remove it libgoa-* and libkgapi-*. These packages are for GNOME and KDE online accounts (which includes Google stuff). I might look into the source code of these to see what they do. Either that or create dummy packages to trick Debian into thinking their installed. At least this way is easier than to compile MATE/KDE without them as dependencies. Good thing Arch doesn't depend on one of them.


    I know, right? It makes me furious to see what Linux has become. We were great at GNOME2 and KDE3 era.



    Exactly. Just like in the Windows world where most regular users just don't care and try to put the ones who care about this in a down state, there are some tech-savy users here who do the same. But hey, if someone talks about a brand's actions, and you see some people with Avatars from that brand coming, what else would you expect besides them defending this brand with their teeth, even if this brand did something terrible? ;)

    Yes. There's a post here in this sub-forum somewhere, where I say that only Ubuntu 12.04 need to worry about "geoclue-ubuntu-geoip". However, a ton of users still won't know their local searches are being sent to 3rd parties, and this happens on 14.04 too.

    So:

    Ubuntu 12.04: Has "geoclue-ubuntu-geoip" as a dependency of the clock, and the OS might ping Ubuntu's servers even if you set the clock to Manual. It also makes connections at boot time, and from time to time after the OS has started;
    Ubuntu 14.04: Doesn't have "geoclue-ubuntu-geoip" anymore, but still has local searches sent to 3rd parties by default. The Boot-time and regular connections also exist;
    Ubuntu 16.04: Finally, Canonical got the message and removed the "feature". However, users still probably have the boot-time connection and regular connections from time to time.

    Not only that, but there are other connections made from a Unity service (web service of some sort), some Ubuntu one things (that you can't easily remove), and etc.

    These are some of the connections Ubuntu made back in 2012:

    • ntp.ubuntu.com (only once at boot time)
    • daisy.ubuntu.com (sporadically called during user session)
    • geoip.ubuntu.com (sporadically called during user session)
    • videasearch.ubuntu.com (Sporadically called during user session, don't know why it's even used let alone by which process. If someone can enlighten me, I'd be happy to learn.)
    By removing "geoclue-ubuntu-geoip" and all geoclue packages, some of these connections aren't made anymore. To learn how to stop all connections, see this thread: http://ubuntuforums.org/showthread.php?t=2000108

    Gosh, I wish I had a second computer to see traffic with Wire-shark.
     
    Last edited: Jan 29, 2016
  6. MisterB

    MisterB Registered Member

    Joined:
    May 31, 2013
    Posts:
    1,267
    Location:
    Southern Rocky Mountains USA
    There were a few packages for libgoa-*. None for libgoogle-* or libkgapi-*. I removed the libgoa packages which were unity lens related and geoip-database with no broken dependencies. I didn't expect any.

    Ntp.ubuntu.com is just the time server and I wouldn't worry about it. Microsoft has its own time server too and you should be able to change to any public time server you want. The other ubuntu subdomains could easily be blocked by a hosts file or in a router but I don't see the need. Daisy.ubuntu.com is just the error reporting to Ubuntu and can be disabled in the system settings. With Geoclue and geoip gone, I don't see that any connections are going to be made to geoip.ubuntu.com. Videasearch sends video searches to Ubuntu. I didn't know about it but a quick search brings up:http://askubuntu.com/questions/155331/how-do-i-disable-online-videos-in-the-unity-dash. Easily disabled as well.
     
  7. Amanda

    Amanda Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,115
    Location:
    Brasil
    Hmm. Interesting. I tried installing Ubuntu 16.06 with that file I linked (apt preferences) but I couldn't install any DE. Here on Debian, libgoa-* is a dependency of MATE, so I can't remove it.

    It's nice to know this.

    Blocking them only via hosts file would still cause a connection to be made at boot. Router seems much more like it, though not many routers have options to block outgoing connections (thankfully my 30USD router does, but it's firmware is proprietary so I ran out of options).
     
  8. Amanda

    Amanda Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,115
    Location:
    Brasil
    Good news: it's pretty easy to create dummy packages for Debian/Ubuntu as well. I'll create scripts to create dummy packages for libgoa-* and such, and upon installation I'll wget them and build these dummies.

    Debian keeps looking promising. Firejail, GRSec Kernel support, no hardcore dependency on geoclue and zeitgeist.... if all goes right I'll switch till Sunday.
     
  9. MisterB

    MisterB Registered Member

    Joined:
    May 31, 2013
    Posts:
    1,267
    Location:
    Southern Rocky Mountains USA
    The stripping down continues. Zeitgeist and the account-plugin- packages have all been removed with Unity still working fine. I had the auto wifi connect not work right on reboot but it worked fine again after I manually connected and I didn't have to edit or delete the connection, just reconnect. It looks like it is best to just remove packages individually and avoid wildcards. I had to leave libzeitgeist-1.0-1 installed for gedit. I could just install another text editor if I wanted to remove that. Memory use is down to around 590mb for the base system and disk use is 44% of a 15gb system partition. Not bad at all.


    I'm working on my router setup at the moment. I have been flashing some old Linksys routers with DD-WRT and Tomato varients. I've pretty much given up on DD-WRT because it is too commercial these days and comes with a preinstalled offer to serve up ads on your public wifi hotspot. I've always liked Tomato better even though it isn't as slick and easy to use. I've found Shibby TomatoUSB to be quite nice and still actively maintained. I have one router with 8mb flash memory and 32mb system memory and I managed to find a Shibby release with both VPN and TOR support that I could flash it with. I've been testing it over the last few nights and found the enabling TOR pushes the router to its limits and I would like to use the USB functions which require a newer router with a USB port. I looked though Shibby's list of compatible routers and found one with 16mb of flash, 64mb of ram, a faster processor and USB port that I could use for NAS storage with a thumb drive. I can buy a used one for 16USD with shipping included. A slightly newer model with gigabit ports and dual band wifi costs $26USD. The Tomato filtering is extremely flexible and can go from just one port on one machine in the network to whole groups of websites.

    http://r3dux.org/2009/12/how-to-blo...sites-from-your-router-using-tomato-firmware/
     
    Last edited: Jan 31, 2016
  10. Amanda

    Amanda Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,115
    Location:
    Brasil
    I was thinking of deleting this thread and creating a new one with less FUD and a tutorial that works for Arch/Parabola/Manjaro/Arch-based-OS and Debian/Ubuntu/Mint/etc.

    I've tested Arch and Debian, and I must say that although you can install Debian without geoclue, geoclue2, zeitgeist, etc, it is harder to maintain the OS because you need to create many other dummy packages, like libgoa-*, libgdata22, libgdata-common, etc. On Arch, all I need is dummy packages for geoclue, geoclue2, zeitgeist, libqzeitgeist, and libkgapi. Any other package that pose risk to user privacy, like libgoa and such, are already blocked by your-privacy.

    Life is so much simpler now :) See, @zakazak , you won't need to create that fancy firewall of yours. I'll contact the administration here to see if I can re-create this thread - the new one will be much more comprehensive, will have the dummy packages for Arch, Debian Jessie and Debian sid, and will be more informative.
     
  11. inka

    inka Registered Member

    Joined:
    Oct 21, 2009
    Posts:
    426
    Multiple means exist to check dependencies. Which of those are available in your distro? Idunno.
    You could install apt-rdepends package and read its manpage
    or read the manpage for (probably already preinstalled in LuBuNtU) dpkg-query
    or (does LuBuNtU ship synaptic?) launch synaptic package manager, right-click each of the geoclue* entries and "view dependants"

    please don't do that. BTW, I reread post#1 and post#10 and would say that your tone was quite fair.
    You have fairly expressed skepticism/worry; any responses accusing FUD are unwarranted.

    Your observations, and your retelling of those observations, are your own. DON'T be surprised if someone else claims they can't reproduce -- there are soooo many variable factors involved. For instance, the LuBuNtU user participating in this thread may not even have same apt -related preferences as his/her fellow users. If the reporter's "treat recommended packages as dependencies" preference is set true... but my same pref is set false, we'll likely not observe the same result / effect when removing a given package.

    Yeah, I saw that you're now discussing this in a separate thread.
    First of all, "packages" don't execute, let alone access the network. A package is essentially an archive file.
    Second, as you've probably discovered, across the entirety of the linuxverse... no viable per-application GUI firewall app exists.
    Conventional "firewalls" really don't consider which exact application (processname, pid); their per port, or per port range rules, fall short of the goal.


    some search keywords relevant for NON-gui approaches to achieving per-process network restriction
    linux kernel namespaces
    unshare (terminal command)
    lxc (without docker. Yah, good luck)
    firejail
    virtenv
     
    Last edited: Jan 31, 2016
  12. inka

    inka Registered Member

    Joined:
    Oct 21, 2009
    Posts:
    426
    I didn't notice what distro you're using.
    For a debian-derived distro, in synaptic package manager you can choose, in toolbar}}preferences "show package details".
    Focusing a package in top pane will display details (see "installed files" nav tab) in lower pane.
    The full path to each file extracted from, installed for, the package is displayed.
    Instead of fully removing a package (like, when xyz other packages "depend" on it), consider just chmod -x ing
    the executable file(s) involved... and see whether or not its reputedly "dependant" applications become crippled.
    Note: if you do this, need to "pin" the package to prevent upgrades to it (else the executable or its permissions may get restored)

    FWIW, instead of expending energy to "remediate" leaky preinstalled apps,
    I go out of my way to avoid any distro which preinstalls zeitgeist (or 'synergy', or akonadi).

    Again, depends on whether "treat suggested packages as dependencies" is marked
    (which, confusingly, may be UNchecked within synaptic yet yet still applied due to a declaration within apt preferences config file).
    Rules based on wildcarded package names sounds? Ouch, IMO that seems like "inviting headaches".
     
    Last edited: Jan 31, 2016
  13. Amanda

    Amanda Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,115
    Location:
    Brasil
    I want to create a thread with the tone of post #10 only. Post #1 is, I admit, quite sensationalist.

    Yes, but I understand that I must consider all variables before saying "you're probably being spied on".

    This is a very interesting idea.
    I did install Debian with dummy pacakges for geoclue and such, and everything worked fine.

    But some distros, like Arch, can be more easy to manage. Arch doesn't install geoclue or zeitgeist by default, but it does have a strong dependency chain with these packages. For Arch, it's easier to just create dummy packages for these geo-aware pacakges and then install the rest of the system without sharing location.

    For example, here's my PKGBUILD for geoclue2 dummy:

    Code:
    # Maintainer: Amarildo
    pkgname=geoclue2
    pkgver=2.4.1
    pkgrel=1
    arch=(i686 x86_64)
    pkgdesc=Dummy
    url=('http://geoclue.freedesktop.org/')
    license=(LGPL)
    depends=()
    optdepends=()
    makedepends=()
    replaces=()
    conflicts=('geoclue2')
    provides=('geoclue2')
    
    build() {
       echo "Nothing to build"
    }
    
    package() {
       echo "Nothing to package"
    }
    
    After building and installing this package (which takes 5 seconds), Arch will think I have geoclue2 installed, and so I can install MATE/KDE without having to worry.
     
  14. MisterB

    MisterB Registered Member

    Joined:
    May 31, 2013
    Posts:
    1,267
    Location:
    Southern Rocky Mountains USA
    Ubuntu 14.04 LTS. Mentioned a few posts back.


    I actually like Unity and Ubuntu, especially for this particular setup. Compared to removing Windows bloat, this is nothing. With an SSD, an image backup of the Ubuntu partition takes a mere 40 seconds and restoration about 1 minute so restoring it if one of the removals breaks it too much is trivial. I've been doing the stripping down on a very casual basis and will continue a bit more as I go through the manifest. I removed Zeitgeist and Geoclue both due to privacy concerns and just to get rid of bloat. Not that the system was all that bloated to begin with but I really want a lean functional Linux host for running multiple VMs and the less the host is tied up with unnecessary processes, the better.

    I second not removing this thread, just start a new one with what has come out of it. I'm thinking about starting one about specifically about spoofing geolocation in general with vpns, smartdns, vms etc. I'm testing different configurations of these nightly which is one of the reasons I've been trying different router firmwares. For my home setup, I prefer to do as much at the router level as possible which means the computers aren't burdened with running VPN clients and I can switch to smartdns just by switching to a different wifi subnet.

    I actually do the equivalent of the chmod suggestion with Windows when I want to disable something and nothing else works. For example, all I have to do is change two ACLs and the forced updates of Windows 10 are completely disabled and I can reenable them every few months to install updates.
     
  15. zakazak

    zakazak Registered Member

    Joined:
    Sep 20, 2010
    Posts:
    529
    And again, dummy packages or othetlr randok bogus is a less optimal solution thatn just leaving the package installed (and working as a dependency for other packages) but blocking all of their network activity.

    Btw on arch I found another one: geocode-glib
     
  16. Amanda

    Amanda Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,115
    Location:
    Brasil
    Less optimal? Less optimal than creating a whole new Firewall just for these packages? No way.

    I tested Arch for an entire week without these packages and there was absolutely no problems at all. You wanna know why? Because of two things:

    • If geoclue and Co work as advertised, each program will ASK you if you want to share your location. If you say yes, the program (e.g. Firefox) will get geoclue's information via D-bus. However, we know that you and me will NOT say "yes" to such requests, we will say "NO", and thus Firefox would NOT get in touch with geoclue service (which doesn't exist with the dummy package) in the first place. So nothing bad would happen;
    • If geoclue can be bypassed, then the app wouldn't ask for permission to use location. Even if that's the case, which I couldn't find any evidence for such, nothing bad would happen again, because programs aren't tied to geoclue to begin with. The most serious thing I can imagine happening is, e.g., if you configured your clock to use your location, it would say something like "couldn't get location and thus you must set time manually". So just because they have geoclue as a dependency it doesn't mean they're using geoclue or that geoclue is actually sharing your location without your permission;
    So you can do it the hard way (building webkitgtk without geoclue, which takes 5 hours to compile), create a whole new Firewall (which can take years), or create the dummy packages, which takes 2 seconds.

    Here's a simple script I created for Arch. It creates, builds, and installs packages for: geoclue, geoclue2, libkgapi (if you use KDE), zeitgeist, gvfs (if you DO NOT use MATE/GNOME or some of these packages), qt5-location, and libkactivities4 (personal choice).

    http://paste.opensuse.org/view/raw/16727529

    Rename it to "something.sh" and give it execute permissions.

    See? I'm giving something ready to you, that proved to work fine here. You don't have to create a new Firewall, just test this cript and see if it works. If somewhere down the road you encounter problems, just removed the dummy packages and install the real ones, and then block their service from running (with chmod, in the folder /usr/share/dbus-1/services/ or /usr/share/dbus-1/system-services/). It's not that hard, and you don't have to be stuburn about this. Just do things like if you were giving advice to other people and you'll that you don't actually need to be so paranoid about this. There are other alternatives that don't consume years and actually work.

    But do you have it installed? If you do, you must decide wether or not you want to keep using the packages that depend on geocode-glib. Or, you know, do it the easy way and create a dummy package for it.
     
    Last edited: Feb 1, 2016
  17. inka

    inka Registered Member

    Joined:
    Oct 21, 2009
    Posts:
    426
    yeah, we heard ya the first time. YOU WANT A PONY !
     
  18. zakazak

    zakazak Registered Member

    Joined:
    Sep 20, 2010
    Posts:
    529
    No, I want to make sure that a "fancy complicated firewall rule" is less "fancy and complicated" than creating a script which removes an original package to create a dummy package which will then replace it and in the end might even break something.
     
  19. Amanda

    Amanda Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,115
    Location:
    Brasil
    My script is 130 lines long, half of that is comments and not code. SUSE Firewall is +2000 and it's only rules for iptables. Go ahead and explain to me how your firewall (that you're gonna build from the ground) is less fancy/complicated than a script I already made. All you have to do is execute it.

    There's nothing fancy in dummy packages. You didn't even read the scrip or the PKGBUILD's, and you're yet again debating something out of the reach of your knowledge.
     
  20. zakazak

    zakazak Registered Member

    Joined:
    Sep 20, 2010
    Posts:
    529
    Read my comment again.
    Firewall rule vs your script
    1 line vs 130 lines
     
  21. Amanda

    Amanda Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,115
    Location:
    Brasil
    We've been over this. There is probably NO FIREWALL already made the way you want. Like I've said many times, you either have to find such Firewall or create your own. So unless you actually find it, you WILL have to create a Firewall from the ground up.
     
  22. zakazak

    zakazak Registered Member

    Joined:
    Sep 20, 2010
    Posts:
    529
    Yep we have been over this. Still read my comment again. 1 fw rule would be easier than your dummy script :D
     
  23. Amanda

    Amanda Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,115
    Location:
    Brasil
    Then show me such rule.

    Or, you know, do it with one command like I've said already:
    But blocking their service is not very different from installing the dummy packages.
     
    Last edited: Feb 2, 2016
  24. inka

    inka Registered Member

    Joined:
    Oct 21, 2009
    Posts:
    426
    zakzakzak, I share your frustration.
    closest fit to a per-application firewall (I've searched repeatedly since 2012) is
    leopard flower personal firewall
    https://github.com/themighty1/lpfw

    I testdrove a prior version (and posted about it here, at wilders) and it "mostly worked", but required ubuntu-ish library dependencies.
    The dev (a kid, in croatia, IIRC) had hosted the code at sourceforge, but deleted the online files(?)... and his drive crashed (no backup?)
    and what's available from github is a new version, written from scratch. I have not attempted to build the new version.
     
  25. zakazak

    zakazak Registered Member

    Joined:
    Sep 20, 2010
    Posts:
    529
    Wow, thanks for that post. I have already given up on per-app firewall for linux though :(

    Thanks again !
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.