My Turris Omnia (OS 3.10.7) is querying the domain project.turris.cz. Looking at the website attached to this domain (https://project.turris.cz/en/) it’s the endpoint for the Data Collection project which I am not part of (nor have ever been).
A quick grep across my system indicates it’s probably
/usr/bin/nuci-helper-autocollect which is being run on an hourly basis by something and also run daily by
/etc/cron.d/autocollect. Assuming the underlying
nuci-helper-autocollect script is only cause, the reason is the script is phoning home before checking if I have agreed to data collection:
[...] # Get today's registration code CODE=$(curl -k -m $TIMEOUT "$CHALLENGE_URL" | atsha204cmd challenge-response | head -c 16) # Ask for the status of the contract RESULT=$(curl -s -S -L -H "Accept: plain/text" --cacert "$CA_FILE" --cert-status -m "$TIMEOUT" "$CONTRACT_URL$CODE" | sed -ne 's/^result: *\(..*\)/\1/p') if [ "$RESULT" = "valid" ] ; then if uci -d' ' get updater.pkglists.lists | grep -q -F i_agree_datacollect ; then [...]
So, the script is seemingly
curl'ing out in two different ways (
project.turris.cz) before it checks if I’ve agreed to data collection. This script should check if the user has opted in first before phoning home, otherwise the point of opt-in is somewhat moot (even if the data is non-identifiable).
How can I report a bug about this issue? I tried finding where this file exists in GitLab but the search is somewhat ineffective and you can’t seemingly search source code across repos (example). There’s a secondary issue here as well where request to
https://api.turris.cz/is made insecurely (eg this domain has a self-signed HTTPS cert), but I’ll report that as well.
In time meantime, whilst this is getting addressed, what is running this script every hour? I’ve obviously removed the
cron.d entry and removed the script itself, but should I be expecting they’ll come back with a future update? Beyond black-holing the domains (which I probably can’t for
api.turris.cz), can I prevent the router making these requests?
Fwiw, I see there’s similar topics of this nature (eg Why does router phone home?) but they don’t mention specifically mention
project.turris.cz. However, this domain does resolve to the same IP as
repo.turris.cz, so the behaviour the OP is noticing could be to
proxy.turris.cz either instead of or as well as