Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mention the possibility of geotracking someone based on their IP address #698

Open
camoz opened this issue Nov 18, 2021 · 2 comments
Open

Mention the possibility of geotracking someone based on their IP address #698

camoz opened this issue Nov 18, 2021 · 2 comments

Comments

@camoz
Copy link
Contributor

camoz commented Nov 18, 2021

Knowing someone's IP address, one can infer information about someone's geolocation using public services like https://whatismyipaddress.com. You can usually determine exactly in what city the IP address is based.
As I understand it (I'm not sure about this one), public discovery servers basically provide a public service for mapping device IDs to IP addresses. No prior pairing is required (again, I'm not sure about this one).

That would mean that if some device uses public discovery servers (which are currently configured + enabled by default), anyone who knows that device's device ID is able to track the device's geolocation. In case the device is a laptop or phone, and is often carried by the same person when travelling (which is probably a common scenario for many syncthing users), this means that one can create a (more or less detailed) location profile for that person, anonymously and from anywhere in the world.

If this is true, it is probably not a good idea to post one's device ID publicly in the internet (at least not using a real name or a pseudonym), as it would compromise privacy to a certain degree and can also affect security in some sense.

Thus, if this is true, I would suggest to reflect this somewhere in the docs, specifically in:

Currently, the FAQ (see link above) says "The IDs are not sensitive." While they are in no way as sensitive as e.g. a private encryption key, I'd still say their are (or at least can be for some individuals) sensitive information.

What do you think about this?
@acolomb
Copy link
Member

acolomb commented Nov 20, 2021

I agree that such a notice should be in the documentation. Either (or even several) of the places you mentioned would be appropriate to add it, since they all already talk about IP addresses being published on the discovery servers, just not that this might have such real-world consequences.

A single additional sentence would probably suffice. PR welcome I'd say :-)

@camoz
Copy link
Contributor Author

camoz commented Nov 28, 2021

Thanks, will keep it on my list and will try to send a PR soon!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@camoz @acolomb