-
Notifications
You must be signed in to change notification settings - Fork 807
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[FR] Remove Chromium's ability to abuse BITS to connect to Google #1114
Comments
I have a different point. If it is a service installed during installation of chromium then it is possible to disable it. It will be more practical than something to trigger the windows firewall, which I doubt whether the installer built by |
What kind of argument is that? It is like saying, "even with ungoogled project Google will still be able to track you and collect all your data might as well stop using Internet".
What it has to do with OS? Where did I say the issue must be addressed only because of some OS? Let me quote:
Chromium abusing loophole of Windows service is one of these cases, it is one of the runtime requests to Google servers and services that was missed and I strongly believe it should be addressed because this is one of the main goals of the project. @wchen342 |
@Kein |
@wchen342
Looks like just WinAPI. Here is list of Jobs in the queue as of now:
|
Please specify the version and source of your ungoogled-chromium installation and more details on what you did to trigger such behavior with a clean browser profile. I cannot reproduce this with 81.0.4044.138-1.1 from the Downloads section. Your screenshots don't seem to show any indicators that chrome.exe is responsible for the outgoing connections to The Chrome Component updater however can be disabled with a flag: Is it possible to view detailed properties of such a BITS job to see what has been transferred? You can visit the page |
Is Chrome Component updating allowed by default in Ungoogled? |
Is your feature request related to a problem? Please describe.
Ungoogled Chrome has no Chrome Web Store sync or update, nor self-update. Nor sync. There is no reason for it to connect to google services using Windows BITS (Background Intelligent Transfer Services).
Describe the solution you'd like
Chrome's ability to use it should be axed
Describe alternatives you've considered
Blocking BITS altogether system-wide/via firewall.
Additional context
![image](https://user-images.githubusercontent.com/623756/88522928-ccee4980-cfff-11ea-8b52-c2dd5fd60253.png)
![image](https://user-images.githubusercontent.com/623756/88523123-18085c80-d000-11ea-9dad-ff9eff05596e.png)
By default, BITS service being run as a shared service through
svchost
container as a part ofnetsvc
group:Here is WFP packet log with BITS default setup through svchost container:
Here is WFP packet log with BITS service isolated in its own container to confirm it is indeed this service that Google sneakingly abuses:
Problem
In windows 10 due to underlying changes how services behave it is no longer impossible to block distinct service via WFP (default firewall or anything that uses WFP) despite the fact such option is present. A proper solution as a part of Ungoogled Chromium would be preferable.
The text was updated successfully, but these errors were encountered: