Re: KDE phoning home

To: debian-kde@lists.debian.org
Subject: Re: KDE phoning home
From: Martin Steigerwald <martin@lichtvoll.de>
Date: Thu, 04 Sep 2025 15:33:01 +0200
Message-id: <[🔎] 3658186.iIbC2pHGDl@lichtvoll.de>
In-reply-to: <[🔎] 109c3bb$20b2r$1@tuscan4.grantura.co.uk>
References: <[🔎] 109c3bb$20b2r$1@tuscan4.grantura.co.uk>

Hi.

Thanks for your findings.

Rob Brewer - 04.09.25, 15:14:19 CEST:
> Over the last few days my desktop has been attempting to connect to
> 77.235.60.43 port 443 (about 350 attempts a day) which have been dropped
> at my firewall as the IP is included in AS60781 (Leaseweb) which has
> been listed in a local blacklist as a source of spam.
> 
> A google search on this address would appear to show that this address
> is crash-reports.kde.org although this cannot be confirmed with whois.

% host crash-reports.kde.org
crash-reports.kde.org is an alias for phasia.kde.org.
phasia.kde.org has address 77.235.60.43
phasia.kde.org mail is handled by 10 letterbox.kde.org.

% geoiplookup 77.235.60.43
GeoIP Country Edition: NL, Netherlands

> Investigating my logs would seem to show that the connection attempts
> seem to be associated with drkonqi-sentry-postman.service - Submitting
> pending crash events, although I am not aware of any crash events
> occurring on this computer over the last few days.

Not using Systemd here, so cannot really comment on that. Grepping the 
process list during a running Plasma session for "konqi" or "sentry" does 
not reveal any processes.

But it should be possible to disable or mask the service? It might be a 
user session related service and disabling or masking it might need a 
special syntax. With "systemctl status" you should be able to find out the 
location of that service file. Would be interesting to see what binary it 
launches ("Exec=") and what package it is from ("dpkg -S").

As far as I am aware the KDE policy on sending data is opt-in, not opt-
out. Yes, as confirmed by their privacy policy¹:

"Where this functionality exists, it will always operate on an opt-in 
basis and be disabled by default, with the ability to change your 
preferences at any time."

So I think it might be good to report this upstream as I doubt that Debian 
Qt/KDE team adapted the specific setup of that Systemd service. Or 
possibly do both: A Debian bug report and an upstream one.

So or so I would not assume any bad intention here. From all I have seen 
so far, the KDE project people are quite serious about privacy protection.

[1] https://kde.org/privacypolicy-apps/

Best,
-- 
Martin

Reply to:

Follow-Ups:
- Re: KDE phoning home
  - From: Andrey Rakhmatullin <wrar@debian.org>
- Re: KDE phoning home
  - From: Rob Brewer <debian.kde1@grantura.co.uk>

References:
- KDE phoning home
  - From: Rob Brewer <debian.kde1@grantura.co.uk>

Prev by Date: KDE phoning home
Next by Date: Re: KDE phoning home
Previous by thread: KDE phoning home
Next by thread: Re: KDE phoning home
Index(es):
- Date
- Thread