Recently there was news about a data leak issue in Debian Testing (tomorrow’s Debian 13 release):
In the StarDict package offered in the Debian Testing repository, which implements an interface for dictionary lookup, a privacy issue was identified: with the default configuration, the application sends selected text automatically placed in the clipboard (x11 PRIMARY selection) to external servers. It is enough to select a piece of text in any application, and it is immediately sent unencrypted over HTTP to the Chinese online dictionary servers dict.youdao. com and dict. cn.
🖐️Hey!
Subscribe to our Telegram channel @r4ven_me📱, so you don’t miss new posts on the website 😉. If you have questions or just want to chat about the topic, feel free to join the Raven chat at @r4ven_me_chat🧐.
It is worth noting that:
The problem appears only when working in environments based on the X11 protocol; when using Wayland, clipboard isolation is applied by default.
Since Debian is the base for many derivative distributions, such as Linux Mint, Ubuntu, Kali, and others, the problem described above may have a certain scale😶🌫️ And apparently this behavior is not identified as a vulnerability:
The Debian maintainer of the StarDict package replied that such behavior is normal. By default, StarDict enables automatic lookup of selected text in dictionaries and activates both local and external dictionaries. The dict.youdao. com and dict. cn servers provide English-Chinese dictionaries connected through plugins, enabled by default when installing the stardict-plugin package, which is a recommended dependency for the stardict-gtk package. Those who are not satisfied with this behavior are advised to disable network dictionaries or the automatic lookup function on selection in the settings.
Notably, in 2009 similar behavior in StarDict was recognized as a vulnerability (CVE-2009-2260), and access to network dictionaries was disabled by default. Now this functionality has returned again.
Why am I saying this…🧐 It is no news that many GUI/CLI applications access the network when they should and when they should not. Such are the realities; Linux is no exception here😀 Therefore, protecting privacy🛡 largely falls on your shoulders🏋️
Such leaks can be prevented with an application firewall that interactively allows/denies☠️ (temporarily or permanently) their network connections👨💻
Some time ago, I wrote an article about similar software for Linux: OpenSnitch - manual control of Linux application network activity
My usage experience: while working at the computer, frequently used applications access the network - I allow the needed ones🟢, block the unwanted ones🔴 (or allow them temporarily) After some time of active OS use, such notifications become minimal, because I create permanent rules for IP addresses/networks/executable files/commands📱
For Windows, there is also a similar excellent open source utility: https://github.com/henrypp/simplewall
I used it when I was sitting on Windows📱, and there it is even more relevant😉, because even the calculator goes online😳 By the way, if you use it to forbid some system utilities from accessing the network, automatic updates will not work😉
Thank you for reading👍 Have a good day!
P.S. If network problems occur, do not forget that your firewall is active😏
👨💻Ну и…
Don’t forget about our Telegram channel 📱 and chat 💬 All the best ✌️
That should be it. If not, check the logs 🙂
