this post was submitted on 03 Nov 2024
248 points (95.6% liked)
Open Source
31723 readers
137 users here now
All about open source! Feel free to ask questions, and share news, and interesting stuff!
Useful Links
- Open Source Initiative
- Free Software Foundation
- Electronic Frontier Foundation
- Software Freedom Conservancy
- It's FOSS
- Android FOSS Apps Megathread
Rules
- Posts must be relevant to the open source ideology
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
- !libre_culture@lemmy.ml
- !libre_software@lemmy.ml
- !libre_hardware@lemmy.ml
- !linux@lemmy.ml
- !technology@lemmy.ml
Community icon from opensource.org, but we are not affiliated with them.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Nope. They initially added some data scraping parts, and apparently still use some form of telemetry without proper disclosure.
What telemetry is enabled? Is there a way to disable it?
This hasn't been proven in any way. Original op in link states it could be discovery for email domains.
See https://lemmy.world/comment/13252949 I haven't tested it myself though
What they're saying there is that when trying to auto detect the server configurations, there are unexpected connections to cloudfare IPs, which didn't usually happen with K9. Who posted the concern associated this to telemetry, but the answers are pointing a different direction. But at this point it just guesses, :(
I guess some more formal traffic inspection needs to happen to understand if truly there's unexpected traffic, where it is directed to, and hopefully infer somehow its purpose. The guesses about what's happening suggest it's just about the auto connection, but again, just guesses.
I explored the configurations, and I didn't find anything about telemetry, and so neither how to disable it. K9 does not have an about:config advanced configuration like desktop Thunderbird does, so if there's truly telemetry or some other sort of information leakage, then after proving it, perhaps developers realize they can do better. But so far nothing really proving telemetry or information leakage.
The ONLY connection I want my mail client to make, is the one to my configured mail server.
EVERY other connection it makes is to be seen as malicious.
Are there any updates on this?
Not sure what updates you are expecting to happen.
I'm not aware of any effort trying to identify the traffic going in and out on Thunderbird under android. The guesses from the one reporting about what happens when configuring a new email account is of no use since it's easily associated to Thunderbird looking for ways to easy automation on new accounts settings.
Unless there's a throughout analysis of the traffic, I'm not aware of anything to be expected. You can try reaching the one reporting his concern, and ask if he has looked into how to report an actual issue/bug to Thunderbird, or if someone else has done it
Classic Mozilla.