Favicon.ico

Discussion in 'privacy technology' started by markoman, Jan 22, 2009.

Thread Status:
Not open for further replies.
  1. markoman

    markoman Registered Member

    Joined:
    Aug 28, 2008
    Posts:
    188
    Playing with xerobank and wireshark, I noticed that when connected through xerobank, all traffic is encrypted and routed through their anonymization network... besides the favicon.ico!! I mean that every time I visit a site, for some reasone, the site favicon (if exists) is downloaded without being encrypted, and in this way it leaks all the sites that I visit (since the favicon is usually in http://site.com/favicon.ico).

    How come is that? How can I solve this?

    I tried to disabile favicon from about:config in firefox, but this option only prevents firefox from showing it, not from downloading it.

    Any advice?
     
  2. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    Still having this problem?
     
  3. markoman

    markoman Registered Member

    Joined:
    Aug 28, 2008
    Posts:
    188
    Yes, and I cannot understand why.
    I am having this problem using xerobank on port 443 and through http proxy.

    I have not tested yet on a direct connection, udp, on port 1194.
     
  4. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    I think Kyle may have mentioned this to me as a browser behavior, but you are still VPNed through, just a different port. Let me see what I can dig up.
     
  5. testerazzi

    testerazzi Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    21
    Try:
    browser.chrome.site_icons false
    browser.chrome.image_icons.max_size 0
    browser.chrome.load_toolbar_icons 0
     
  6. markoman

    markoman Registered Member

    Joined:
    Aug 28, 2008
    Posts:
    188
    Testerazzi, even with your adviced configuration, I have the same problem.

    This is not happening when going UDP, but with TCP I see no way to solve it. Any help?
     
  7. markoman

    markoman Registered Member

    Joined:
    Aug 28, 2008
    Posts:
    188
    I think I now understand what is the problem: Google Desktop!
    Disabling the indexing of browser history it stops GETting the favicon.ico...

    What I wonder is why Google Desktop doesn't go through the VPN like everything else...
     
  8. jonw

    jonw Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    83
    Cause thats google for you I seriously don't no if they made it do that on purpose but google is all about getting information about its users.
     
  9. markoman

    markoman Registered Member

    Joined:
    Aug 28, 2008
    Posts:
    188
    Yes I know, and in fact I don't use any Google Apllication (especially Google Desktop) on any machine with sensitive data... but still I don't understand how the heck they make it bypass the VPN. Cause I have some applications I would like to bypass the VPN (not discriminating on IP address) but I don't know how to do it.
     
  10. Klaus_1250

    Klaus_1250 Registered Member

    Joined:
    Jun 24, 2006
    Posts:
    45
    A VPN acts as a virtual network adapter. Applications should use it by default, but they can still use another (e.g. the real network adapter which connects to the Internet).

    Windows doesn't really work nice in such setups; most program don't allow you to choose to which (virtual) network an application binds. They are expected to bind to the one you want and prefer, but that doesn't have to be the case.

    Only way to prevent this is config your firewall to disallow such behavior, edit the network settings of Windows (using custom routing tables or such) or login to your home router and setup special firewall rules (most routers son't support that though).
     
  11. jonw

    jonw Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    83
    Sadly I think the only system that would work the best for a openvpn is linux, it seems like networking was kinda just added into windows cause when ms-dos first came out it was never built to use a public internet,linux was built from the ground up for internet and the firewall is built into the kernal its called ip tables.I see people always thinking that the program firestarter is there firewall in linux no it only controls the ip tables cause there very hard to use and configure.Back to the point though windows is proboly always going to be very hard to secure and use a vpn.The only way they could ever fix this issue is if they completly overhauled networking which microsoft will proboly never do.
     
  12. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
    Google desktop doesn't go through the VPN? I thought that everything was forced through the VPN. Does that mean that Google can collect all of your personal data along with you true IP?
     
  13. Nitewolf

    Nitewolf Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    14
  14. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    We've got a solution for this. It should be ready soon, it makes all your adapters dead to the world except for the tap adapter.
     
  15. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    markoman, and any others having DNS leaks, please contact me directly via email at steve dot topletz at xerobank dot c o m. We want to run some tests to duplicate your issue and test out some solutions.
     
Thread Status:
Not open for further replies.