Ask / Submit
9

Why is Ipv4StatusUrl/Ipv6StatusUrl needed in /etc/connman/main.conf? [answered]

asked 2014-03-31 19:55:22 +0200

dazo gravatar image

Hi,

I'm wondering why connman needs Ipv4StatusUrl and Ipv6StatusUrl to be defined in /etc/connman/main.conf. This is touching the issues related to privacy,as if Jolla regularly needs to connect an external server, the IP address of all Jolla phones are indirectly reported to Jolla. And is that really okay with everyone?

edit retag flag offensive reopen delete

The question has been closed for the following reason "the question is answered, an answer was accepted" by dazo
close date 2014-04-01 17:35:06.807329

2 Answers

Sort by » oldest newest most voted
9

answered 2014-04-01 00:42:33 +0200

tigeli gravatar image

Those url's are used to detect if the network currently being used by Jolla-device is inside of walled garden, eg. no direct internet access, wlan hotspots which require you to sign in through web portal and also to detect possible network connectivity issues.

You can freely remove those two parameters from connman-configuration and they will default to http://www.connman.net/online/status.html or make your own http-service which will include "X-ConnMan-Status: online"-header in the http-reply.

edit flag offensive delete publish link more

Comments

Thanks! I set up my own nginx server to tackle this.

server {
   listen $IPV4ADDRESS;
   listen [$IPV6ADDRESS]:80;
   server_name ipv4.cm.example.com ipv6.cm.example.com;

   access_log /var/log/nginx/connman_access.log mainlog;
   error_log /var/log/nginx/connman_error.log;

   client_max_body_size 128K;
   root /var/www/html/connman;

   location / {
       add_header X-ConnMan-Status online;
   }
}

Then added a fairly empty index.html.

dazo ( 2014-04-01 17:28:43 +0200 )edit

For Apache admins:

<Location /return_204>
    Header always set X-ConnMan-Status "online"
</Location>
RedirectMatch 204 ^/return_204$
mcg ( 2014-12-28 19:00:25 +0200 )edit

Do these configs still work?

I'm trying to hack the network status by running nginx on the phone, and pointing connman to the local server.

nginx works fine, and has the required X-ConnMan-Status header, I also tried setting it to return 204 status but it seems to break the status checker

r0kk3rz ( 2015-04-28 17:33:49 +0200 )edit
1

@r0kkerz You need only to return the X-ConnMan-Status header OR http status code 204. Both do work, per default we use http status code 204 because some networks have proxies which are removing http headers for no reason.

tigeli ( 2015-08-06 23:00:10 +0200 )edit

I can confirm that the nginx config still works for me. However, returning HTTP 204 may be a better solution in some networks. For my network provider, there are no HTTP header filtering so it works well.

dazo ( 2015-08-31 12:41:09 +0200 )edit
5

answered 2014-03-31 22:39:25 +0200

Direc gravatar image

I'm cool with that.

If you are really that concerned about your privacy, you could always just make your own web site and point the tests to fetch those pages...and personally, I think Jolla receives more information about your device via software update check...

edit flag offensive delete publish link more

Comments

2

Fair enough. I just don't think anyone externally (except my ISP/cellphone provider) really needs to know this info, thus I did what you suggested. Jolla most likely grabs quite some info when I use the store application. If this happens when I'm not starting the Store app, well, then I'm getting grumpy again. It's what happens in the background without me doing something which annoys me most of all.

dazo ( 2014-04-01 17:32:06 +0200 )edit
2

This is the point of my question: https://together.jolla.com/question/20323/privacy-what-information-gets-sent-to-jolla/

We each need to be able to make our own personal decisions on what is acceptable from a privacy point of view. To do that, we need information.

gcobb ( 2014-04-04 17:29:30 +0200 )edit

My understanding of the current situation:

  • IPv6 privacy extensions are disabled by default and are difficult to activate => the phone's WLAN MAC address becomes part of most autoconfig IPv6 addresses. (see https://together.jolla.com/question/6049/ipv6-cannot-set-use_tempaddr/)
  • The phone contacts Jolla's web server whenever it connects to a WLAN.
  • Jolla probably knows to whom they sold a phone with a certain MAC address.

Intention or accident (https://en.wikipedia.org/wiki/Hanlon's_razor)? This is not a small privacy mishap, this is a privacy disaster...

mcg ( 2014-12-28 17:58:01 +0200 )edit

Question tools

Follow
5 followers

Stats

Asked: 2014-03-31 19:55:22 +0200

Seen: 917 times

Last updated: Apr 01 '14