From fc3a0b7a89f800fbef5c3c709131b090d8d9b0d1 Mon Sep 17 00:00:00 2001
From: Petter Reinholdtsen <pere@hungry.com>
Date: Sun, 11 Jun 2023 08:18:57 +0200
Subject: [PATCH] New post on opensnitch.

---
 blog/data/2023-06-11-opensnitch-debian.txt | 41 ++++++++++++++++++++++
 1 file changed, 41 insertions(+)
 create mode 100644 blog/data/2023-06-11-opensnitch-debian.txt

diff --git a/blog/data/2023-06-11-opensnitch-debian.txt b/blog/data/2023-06-11-opensnitch-debian.txt
new file mode 100644
index 0000000000..9475246b96
--- /dev/null
+++ b/blog/data/2023-06-11-opensnitch-debian.txt
@@ -0,0 +1,41 @@
+Title: What did I learn from OpenSnitch this summer?
+Tags: english, debian, opensnitch
+Date: 2023-06-11 08:30
+
+<p>With yesterdays
+<a href="https://www.debian.org/News/2023/20230610">release of Debian
+12 Bookworm</a>, I am happy to know the
+<a href="https://tracker.debian.org/pkg/opensnitch">the interactive
+application firewall OpenSnitch</a> is available for a wider audience.
+I have been running it for a few weeks now, and have been surprised
+about some of the programs connecting to the Internet.  Some programs
+are obviously calling out from my machine, like the NTP network based
+clock adjusting system and Tor to reach other Tor clients, but others
+were more dubious.  For example, the KDE Window manager try to look up
+the host name in DNS, for no apparent reason, but if this lookup is
+blocked the KDE desktop get periodically stuck when I use it.  Another
+surprise was how much Firefox call home directly to mozilla.com,
+mozilla.net and googleapis.com, to mention a few, when I visit other
+web pages.  This direct connection happen even if I told Firefox to
+always use a proxy, and the proxy setting is ignored for this traffic.
+Other surprising connections come from audacity and dirmngr (I do not
+use Gnome).  It took some trial and error to get a good default set of
+permissions.  Without it, I would get popups asking for permissions at
+any time, also the most inconvenient ones where I am in the middle of
+a time sensitive gaming session.</p>
+
+<p>I suspect some application developers should rethink when then need
+to use network connections or DNS lookups, and recommend testing
+OpenSnitch (only <tt>apt install opensnitch</tt> away in Debian
+Bookworm) to locate and report any surprising Internet connections on
+your desktop machine.</p>
+
+<p>At the moment the upstream developer and Debian package maintainer
+is working on making the system more reliable in Debian, by enabling
+the eBPF kernel module to track processes and connections instead of
+depending in content in /proc/.  This should enter unstable fairly
+soon.</p>
+
+<p>As usual, if you use Bitcoin and want to show your support of my
+activities, please send Bitcoin donations to my address
+<b><a href="bitcoin:15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b</a></b>.</p>
-- 
2.47.2