this post was submitted on 04 Oct 2023
79 points (98.8% liked)
Firefox
17811 readers
12 users here now
A place to discuss the news and latest developments on the open-source browser Firefox
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
A. PiHole has the added benefit of blocking some known blacklisted domains and even if it doesn't block it, you'll see the DNS resolution requests by device in your network. It might be hard to know which requests are coming from the add-on if the hostname or timing is not obvious though.
B. Using a local sniffer like Wireshark you can list everything that goes through a network interface in real time. Since it's a really long list, I'd isolate the app first by running it in a container and only sniff that container's interface instead. And since you're using containers, you can also run Wireshark itself in one. This is an example of Firefox in Docker - though I've never used it.
C. If open source and you have the knowledge, check the source code for mentions of request protocols "http", "tcp", or keywords like "timeout", "payload", "track", and "telemetry". It's common for projects to use libraries that collect and submit logs, often for legitimate purposes, like sentry, new relic, and datadog.
Thanks! I haven't yet tried to use wireshark with a container, tho'll keep that in mind, but I did check the code on Github (my coding knowledge is small, but not nonexistent, and it was easier once I had an idea of what to look for). The addon I was interested but wary of at the moment was Redirector, but from what I've seen so far it seems legit (I didn't find any occurence of most of these keywords, or anything that seemed suspicious with the occurences of http).