Regular ping checks should be opt-in and by default disabled (about 500 unique IPs hit per hour) #39
Comments
|
I see a potentially related issue where the resolution appears to be "rebuild the app from source with these lines commented out". #13 I still hope to work with the team on this to find a better alternative than telling customers they should rebuild the app. I am happy to build the app a few times if needed to help contribute to the project, but if I need to rebuild the app every time there is an update, there may be easier solutions elsewhere. Looking forward to collab!
FWIW this also happens when the user has explicitly selected a server, like in my case |
|
Additional datapoint: The one person who I recently recommended PIA to, upon finding out about this behavior, has asked how to uninstall the application. I told them for now it is adequate to disable the 'launch at system boot', and exit the program unless they are actively using the VPN. I remain hopeful that the team will take this as seriously as myself and other customers. |
|
Piling on. Unhappy about this behavior. Would entirely prefer that this be limited by opt-in, region, or some other option. |
|
Thanks for your feedback. I’ll leave this ticket open as I agree it’s something our product manager should re-evaluate. We may add a toggle for it in the future. |
Hi yofreke, |
|
Hi guys! We actually have this on the roadmap for 2024, the plan is to batch the pings for each region, rather than pinging everything at once - this will not only limit the number of icmp requests we make, but also result in more accurate results. This work will likely happen mid 2024 (due to quite a full roadmap) - is this sufficient? If not, i could try to put in a small change much earlier alowing latency measurement to be disabled - but i may have to couple that together with a warning message indicating latencies will not be up to date. Let me know what you guys think, thanks! (EDIT: @DavyBeeX i believe the app that @yofreke is using is Little Snitch) |
Spent several days tracking down the source of these ICMP packets thinking I had a compromised machine and I'm shocked to see PiA is the cause. As a general rule for developers everywhere, polling of any sort - pinging, API polling, local file checks, anything, should by default be done very conservatively. Batching by region is great, but at this point I think everyone would just prefer a way to shut off the spam entirely.
This sounds great, even without the warning honestly. Outbound ICMP spam every 1m while I have no intention on making a server selection for the next 18 hours has extremely questionable usefulness. Especially when, if I connect and see the ping is bad, I can just pick a new server myself based on locality. The ping results are the generally the same every time. Mentality should be the opposite here imo. Pings off and cached close to connection time by default (on server selection screen load, on actual connection, etc.). Then, if the pingspam "feature" is turned on a warning displayed that your firewall is going to be absolutely bashed like it owes PiA money just to give a more frequent confirmation of what you probably already know - the closest servers ping the lowest. |
|
Thanks for this. I agree with a lot of it. We are rethinking our entire approach to latency checks currently. I already added a toggle in settings to disable pings, it will go out in the next release. |
|
That's fantastic to hear and I look forward to the changes! Removing a feature that broadcasts our IP address all over the world, that we're ostensibly looking to obfuscate, helps to put the private back into PIA. |
|
The most recent beta allows you to opt out of latency checks. Check it out in the settings>general tab. Let me know how you all get on |
|
Had a minute to check on this with the beta, looks like it is working great. No outbound blocks being reported when latency checks are disabled. |
Is your feature request related to a problem? Please describe.
I noticed while doing some network monitoring, that the PIA client on OSX will run latency ping checks about once per minute, and to some large number of servers each time. I found a reddit thread that confirms this suspicion. A user there found the relevant code and the latencyRefreshInterval that is set to one minute.
This check happens when the VPN is enabled, and when the VPN is disabled. If I am correct, that means my un-obscured IP address is being sent to some 100ish countries, once per minute, the entire time the daemon is running? That seems like a huge tradeoff, considering the information is only useful to display in some UI most people never see?
Based on the name of the app including "Private", I am to assume sending a very recognizable (and fingerprint-able) batch of requests, once per minute, to every continent in the world, is bordering on a bug. I submitted this request as a feature request, but honestly am not sure why a company that is privacy focussed would think this is a good idea? If the only goal is to generate a list of servers that are most easily accessed by the device, I can think of several more privacy-focused ways of accomplishing this, none of which require a connection to Mongolia or Kazakstan once per minute (picking a couple at random, the list is long).
Describe the solution you'd like
This should not happen by default, on an application designed to enhance user privacy.
I am happy to discuss alternatives in more depth, and am happy to contribute to the FOSS project if the team agrees this is a feature that is worth having? The change to the desktop app to provide a configuration option to disable this feature should be minimal. The changes required to implement a new solution will be slightly more complex, but still quite minimal. For example, a few small things that would make me much happier:
Describe alternatives you've considered
As someone who has supported PIA for years, all of these options are sad:
Additional context
The text was updated successfully, but these errors were encountered: