Marius Bakke writes: > Ludovic Courtès writes: > >> I think we should make sure that our package does not call home in any >> way. That’s what I expect from a security- and privacy-conscious >> distro. > > Currently, it calls home at first launch, prompting for a login. But > I've verified that it does not send any unsolicited requests for > subsequent startups, as long as the user does not change the > command-line flags. I tried picking two other Debian patches[0][1] to see if it helped with the annoying splash screen and decided to verify whether the browser still "calls home" from a clean profile. The last time I checked was many versions ago. After dismissing the sign-in dialog, the "New Tab Page" loads a regular Google search bar, and "pre-fills" two of the "most commonly used" slots with Chrome URLs, (still) downloading a bunch of data in the process. Not great, but maybe we could live with that if it was just for the first run (it wasn't; had to change search engine to prevent the New Tab Page from calling the mothership). To my great surprise, while watching tcpdump from a different window, it also called home *when I switched windows*. Every time the Chromium window was activated, some data was sent to Google servers. Going into settings and toggling the "Use a prediction service to help complete searches and URLs typed in the address bar" option (to off) disabled that behaviour. Not very confidence-instilling. I'm going to try to incorporate the "Inox Patchset"[2], which is a set of patches that attempts to remove all such misfeatures from Chromium. They seem to have managed to stay on top of recent Chromium development, unlike two other prominent privacy-focused "forks", so I'm optimistic. But it might take some weeks before the next update. Stay tuned.. [0] [1] [2]