Discussion
Loading...

Post

  • About
  • Code of conduct
  • Privacy
  • Users
  • Instances
  • About Bonfire
jbz
@jbz@indieweb.social  ·  activity timestamp 2 months ago
#StarDict Plugins in #Debian 13 Raise #Privacy Concerns • Linuxiac

「 Once triggered, StarDict sends the selected text in plaintext over HTTP to third-party servers in China, namely dict.youdao.com and dict.cn. And to make matters worse, these requests are made over unencrypted HTTP, making the data visible to anyone monitoring the network—whether on a local LAN or through a compromised router 」

https://linuxiac.com/stardict-plugins-in-debian-13-raise-privacy-concerns/

  • Copy link
  • Flag this post
  • Block
Diane
@alienghic@timeloop.cafe replied  ·  activity timestamp 2 months ago

@jbz

So, it's not implausible that you might want to contact chinese websites for an online chinese dictionary.

But it really should be patched to be doing it over https, as far as I can tell all the sites stardict youdaodict plugin is trying to talk to do have TLS certificates.

  • Copy link
  • Flag this comment
  • Block
John Livingston
@John_Livingston@mamot.fr replied  ·  activity timestamp 2 months ago
@jbz
Is stardict installed by default on a desktop Trixie?
  • Copy link
  • Flag this comment
  • Block
jbz
@jbz@indieweb.social replied  ·  activity timestamp 2 months ago
@John_Livingston I don't think so.
  • Copy link
  • Flag this comment
  • Block
Log in

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances
Bonfire social · 1.0.0-rc.3.1 no JS en
Automatic federation enabled
  • Explore
  • About
  • Members
  • Code of Conduct
Home
Login