Downloading components updates directly from Google through Window's BITS

[Uj947nXmRqV2nRaWshKtHzTvckUUpD]

On Version 1.20.103 Chromium: 88.0.4324.152 (Official Build) (64-bit)

BITS is downloading components updates (chrome://components) directly from google. Is this the right approach? How to disable this update check?

[Uj947nXmRqV2nRaWshKtHzTvckUUpD]

Also port 80 is being used

[Uj947nXmRqV2nRaWshKtHzTvckUUpD]

Aren't here some privacy/security concerns?

[bsclifton]

@fusionneur all of the items downloading from brave://components should be proxied - you are reporting that you see this go directly to Google?

Which components? It should always be going to our update servers and then (for non-Brave components) be proxied

[Uj947nXmRqV2nRaWshKtHzTvckUUpD]

Eg. BITS trying to connect to 142.250.186.176 (google domain)

nslookup 142.250.186.176 176.186.250.142.in-addr.arpa name = fra24s08-in-f16.1e100.net.

if allowing connection, component is updated (eg Hyphenation)

[Uj947nXmRqV2nRaWshKtHzTvckUUpD]

below a list of the endpoints svchost is connecting to:

172.217.22.196 - www.google.com (+port 80!) 82.76.79.81 - r6.sn-gqn-vu2e.gvt1.com (+port 80!) 142.250.185.80, 142.250.186.176 - storage.googleapis.com 216.58.212.142 - play.google.com (+port 80!)

Besides 443, port 80 is also used!

[Uj947nXmRqV2nRaWshKtHzTvckUUpD]

Just a headsup that the browser continues to search for component updates through svchost/bits daily (including on port 80). I would suggest to increase the priority since the privacy is affected

[bsclifton]

@fusionneur do you have more information about your OS? What build are you using? (ex: if Linux, are you using community supported Arch Linux version? or official Brave version? or Official Brave Snap if on Ubuntu?)

More info should help us narrow this down. Unofficial builds will not use the proxy and will go directly out cc: @jumde

[Uj947nXmRqV2nRaWshKtHzTvckUUpD]

@fusionneur do you have more information about your OS? What build are you using? (ex: if Linux, are you using community supported Arch Linux version? or official Brave version? or Official Brave Snap if on Ubuntu?)

More info should help us narrow this down. Unofficial builds will not use the proxy and will go directly out cc: @jumde

Version 1.21.77 Chromium: 89.0.4389.90 (Official Build) (64-bit) Windows 10 (it is specified in the title, BITS is only in Windows)

[ShivanKaul]

Hey @fusionneur, we're taking a look at this. From an initial dekko it seems like if background downloads are enabled on Windows, a BITS downloader is used; we should proxy whichever URLs are being used by BackgroundDownloader: https://source.chromium.org/chromium/chromium/src/+/main:components/update_client/crx_downloader_factory.cc;l=39;drc=2507e0d8b56f6c1b1fb53280d9453a93cee69cfa

[Uj947nXmRqV2nRaWshKtHzTvckUUpD]

Why there's no update on a P2 after so much time.. We're sick of letting Google invading our beloved browser

[Uj947nXmRqV2nRaWshKtHzTvckUUpD]

Leakage is still plaguing on Version 1.32.106 Chromium: 96.0.4664.45 (Official Build) (64-bit)

[Uj947nXmRqV2nRaWshKtHzTvckUUpD]

Still on Version 1.32.115 Chromium: 96.0.4664.93 (Official Build) (64-bit)... bump?

[ShivanKaul]

@fusionneur do you still see the behaviour if you disable BITS or set it to Manual instead of Automatic system-wide? @bsclifton I don't have a Windows build handy but a simple short-term fix might just be to disable the use of BITS for the Brave component updater, since anecdotally it doesn't look like there is a user-perceivable difference? ConfiguratorImpl::EnabledBackgroundDownloader() in browser/component_updater/brave_component_updater_configurator.cc

[Uj947nXmRqV2nRaWshKtHzTvckUUpD]

wouldn't disabling BITS, disable windows updates as well ?

[ShivanKaul]

Yes, not recommending you do that permanently (though you could set it to manually prompt).

[Uj947nXmRqV2nRaWshKtHzTvckUUpD]

i set it on manual for the following next days to see which is going to be the behavior. in any case this is just a workaround, and brave should proxy these requests on its own without relying on bits

[Uj947nXmRqV2nRaWshKtHzTvckUUpD]

Coincidence happen to have some windows updates right now. I disabled bits, and they were still downloaded through windows update service. So I suppose the workaround could be valid. I will keep an eye on brave to see what will happen with the components. Running now on windows 11 21H2 22000.318

[Uj947nXmRqV2nRaWshKtHzTvckUUpD]

Windows automatically sets BITS to auto after a while (or after a reboot.. not 100% sure). Maybe the workaround would be a little startup script to set BITS to manual

[Uj947nXmRqV2nRaWshKtHzTvckUUpD]

Update: Unfortunatelly BITS set on manual/disabled result in components not being updated at all (Status - Update error) as seen under brave://components/

Eg.:

These components should update without relying on BITS.

[Uj947nXmRqV2nRaWshKtHzTvckUUpD]

How comes a P2 stays untouched for a year... really makes me wonder

[ShivanKaul]

@fusionneur there's a bunch of Brave specific components that are shipped to the browser from our servers. I'm confused how you're getting those (e.g. Brave Local Data Updater) if you're going directly to Google servers.

[Uj947nXmRqV2nRaWshKtHzTvckUUpD]

some of the components (those starting with "Brave" i think) are downloading from brave specific server (brave-core-ext.s3.brave.com) and some others from google servers (through bits) as my firewall shows. Did i get your question right?

[ShivanKaul]

Yeah. I see.

[stephendonner]

Verified PASSED using

Brave	1.36.88 Chromium: 98.0.4758.87 (Official Build) dev (64-bit)
Revision	e4cd00f135fb4d8edc64c8aa6ecbe7cc79ebb3b2-refs/branch-heads/4758@{#1002}
OS	Windows 10 Version 21H2 (Build 19044.1466)

Steps:

1. installed 1.36.64
2. opened Powershell and ran the following: While(1) { Clear-Host; Get-BitsTransfer; Start-Sleep -s 3; }
3. launched Brave
4. opened brave://components
5. waited ~8 minutes (taking note of the state of Powershell's output)
6. confirmed I saw an entry for the Chrome Component Updater

7. quit Brave
8. uninstalled 1.36.64
9. installed 1.36.88
10. launched Brave
11. repeated steps 2-5

Confirmed I never saw Chrome Component Updater at any time while brave://components was downloading updates:

Verified PASSED using

Brave	1.36.88 Chromium: 98.0.4758.87 (Official Build) dev (64-bit)
Revision	e4cd00f135fb4d8edc64c8aa6ecbe7cc79ebb3b2-refs/branch-heads/4758@{#1002}
OS	Windows 11 Version 21H2 (Build 22000.493)

Steps:

Installed 1.36.64 opened Powershell and ran the following: While(1) { Clear-Host; Get-BitsTransfer; Start-Sleep -s 3; } launched Brave opened brave://components waited ~8 minutes (taking note of the state of Powershell's output) Verified an entry for the Chrome Component Updater

Close Brave browser uninstalled 1.36.64 installed 1.36.88 launched Brave repeated steps 2-5

Verified No entry for Chrome Component Updater at any time while brave://components was downloading updates

[bridiver]

I'm really struggling to see how that could be happening or why it would be any different with the bits downloader. The standard downloader and the windows bits downloader both implement the same interface and BeginDownload gets called on it with the same url. Nothing is hardcoded in the background downloader except the job name const wchar_t kJobName[] = L"Chrome Component Updater"; If it's using the wrong url for the background downloader then it would also be using the wrong url for the regular downloader unless windows caches the url by job name or something weird like that.

scoped_refptr<CrxDownloader> CrxDownloaderFactoryChromium::MakeCrxDownloader(
    bool background_download_enabled) const {
  scoped_refptr<CrxDownloader> url_fetcher_downloader =
      base::MakeRefCounted<UrlFetcherDownloader>(nullptr,
                                                 network_fetcher_factory_);
#if BUILDFLAG(IS_WIN)
  // If background downloads are allowed, then apply the BITS service
  // background downloader first.
  if (background_download_enabled) {
    return base::MakeRefCounted<BackgroundDownloader>(url_fetcher_downloader);
  }
#endif

  return url_fetcher_downloader;
}

[bridiver]

Apparently we are redirecting to our updater in the network stack to handle widevine which has to go to google per the licensing agreement which explains why it doesn't use the correct url when it downloads through the OS

[Uj947nXmRqV2nRaWshKtHzTvckUUpD]

Latest version again creates BITS jobs attempting to connect to google servers (redirector.gvt1.com, dl.google.com, www.google.com, edgedl.me.gvt1.com on port 80 !) as intercepted by my firewall (blocked it):

PS C:\Users\user> Get-BitsTransfer

JobId DisplayName TransferType JobState OwnerAccount

63ae5a1b-9462-4a8a-8dd6-1a427d7ab5ce Chrome Component Updater Download TransientError PC\user

Version 1.45.127 Chromium: 107.0.5304.110 (Official Build) (64-bit)

[mkarolin]

@fusionneur, unfortunately I was unable to reproduce with 1.45.127. Was this with a new profile or an existing one? Do you have any extensions installed? Also, do you have Chrome installed by any chance? cc: @brave/qa-team to see if you can reproduce.

[Uj947nXmRqV2nRaWshKtHzTvckUUpD]

existing profile, no chrome installed. multiple extensions installed ( but none related) . couldn't find any component pending to install under brave://components. what's really strange is that after removing bits job, and immediately restarting bits service, no job appears anymore (with Get-BitsTransfer).. can't figure out what happened..

[Uj947nXmRqV2nRaWshKtHzTvckUUpD]

again it tries to download components:

PS C:\Users\> Get-BitsTransfer

JobId DisplayName TransferType JobState OwnerAccount

---

f01a410f-2209-4721-8a60-89bfee6ca9b9 Chrome Component Updater Download TransientError "hostname" \ "user"

Brave is up to date Version 1.52.122 Chromium: 114.0.5735.110 (Official Build) (64-bit)

All components already up to date under brave://components and i can even trigger manual update just fine.

for now i suspended the job to stop attempting connections: Get-BitsTransfer | Suspend-BitsTransfer ! later edit: removing/suspending the jobs does not help. the jobs are recreated soon under new id

LATER EDIT: i found under eventvwr.msc > applications and services logs > microsoft > windows > bits-client > operational that the job is actually triggered by spotify

The BITS service created a new job. Transfer job: Chrome Component Updater Job ID: {f01a410f-2209-4721-8a60-89bfee6ca9b9} Owner: HOST\owner Process Path: path\to\Spotify.exe Process ID: 16624

[mkarolin]

Thanks for digging into it @fusionneur.

It might be worth for us to patch https://source.chromium.org/chromium/chromium/src/+/main:components/update_client/background_downloader_win.cc;l=113 to be "Brave Component Updater", so it would be easily distinguishable from various Chromium embedders.