Nextcloud Owncloud Calling Home

I did a deeper firewall test on my fresh installed OpenWRT Router and activated a „Ads Blacklist“ after this my owncloud Share Login loops!

Result:

  • Seems that some IP’s of the „Update Check Tool“ Servers, which is installed inside the PHP-Kit is blacklisted.
  • So it seems the Code calls home!  With this option its possible to count and collect IPs of Setups! Perhaps checkout unpatched Versions!
  • I didn’t check deeper, but the behavior was clear without viewing the codes.

After publish this Info via Twitter:

 

nextcloud owncloud calling home

REMARKS:

  • No Company / Developer works for „free“
  • After Setup of PHP-Kits do a IP Firewall Traffic checkout
  • If you don’t need the PHP Kit reachable via Internet block the IP Device at your Router from Internet Access!
  • Prefer Standard Tools like SFTP/SCP with Key Auth to transfer Files, less unsecure cause only one application active!!
  • PHP Kits Logins can often be scanned by Search Indexes by „Search by Title“ of the Login Webinterface!!

For me i decided to purge the package and use System Standard Tool „SFTP with SSH Key Auth“ and on my Phone a Totalcommander with SFTP Plugin!

 

 

Android: Get back Privacy and Security

If you use a Android Smartphone (other Mobile-OS same) you should take a minute to get back your privacy and security!

This points helps to prevent, but there is no warranty for 100% protection!

  • First every Smartphone offers a Factory Reset, search it on Settings and DO it! This prevent you from Firmware Spam by the Reseller! (Samsung, HTC..)
  • Boot the Phone without inserting a SIM card, create a fake account to get Updates and Software over a PUBLIC WIFI Network (Coffee Shop, Freifunk)
  • Install wanted Apps, then go to Settings now to accounts, PURGE the fake account.
  • Disable / Purge Apps on the Settings, of Apps that you never will use.
  • Check on Settings which App is running by timer, if not needed disable it.
  • Check Webbackup Apps and disable or prevent them from calling home, (Default builtin Android Firewall)
  • DON’T setup your REAL Email Account which is used for Home Banking or Online Shopping, CAUSE the OS is open like a Swiss Cheese with holes! (Less Updates by Manufacterer) or to PROTECT your phone from being hijacked by a E-Mail Virus
  • Encrypt the Phone, and SET Screenlock with Password longer than 8 Digits, same on SIM Unlock Code!
  • Backup the Smartphone by USB Cable Monthly to a full encrypted PC!
  • If you are not a newbie, look for Browsers like icecat-apk on the Open Source F-Droid Shop which are more secure
  • Try Tor Browser later! For more Security!
  • DON’T Enter words, names, numbers who are CONFIDENTIAL! Cause Smartphones are like papers on a public table without real protection!
  • Try to use the „Quick Switches“ of the „Screen Pull Down Menu“ of the Home Screen where Data, Autosync and Flightmode can be used.
  • If you use Messenger Apps check their Settings to disable Download of „Video, Images, Files“ this can be a Backdoor too!
  • Disable „Video Autoplay“ on Apps like G+ or Facebook.
  • Use every App with a own fake Account.
  • NEVER leave your Phone on a public table, cause the USB Port is always open and AUTO Connect every plugged in Cable!
  • Put a black Strip on the Camera lens if you don’t need them! especially the Front Camera!
  • Call your Phone Provider, to disable the transmission of MMS/SMS! This prevent Messages with bad links.
android account removal
android account removal