search

jimmejardine / qiqqa-open-source

The open-sourced version of the award-winning Qiqqa research management tool for Windows
GNU General Public License v3.0
366 stars 60 forks source link

Network connections #351

Open mahfiaz opened 2 years ago

mahfiaz commented 2 years ago

On starting up Qiqqa v83.0.7656.6401 it tried to connect to IP 140.82.121.3, which is registered to tarpit.io

I don't believe it's home nor that calling home is necessary. It was on first start over a long time, subsequent starts don't try to connect to the internet.

GerHobbelt commented 2 years ago

This is highly irregular. Qiqqa does not include phone-home code. hence the suspects are the commercial libraries currently still used by qiqqa.

tough question: could you find out which part of qiqqa does this?

did you install from a version downloaded at the github site (ger hobbelt clone)?

On Thu, Aug 19, 2021, 14:38 mahfiaz @.***> wrote:

On starting up Qiqqa v83.0.7656.6401 it tried to connect to IP 140.82.121.3, which is registered to tarpit.io

I don't believe it's home nor that calling home is necessary. It was on first start over a long time, subsequent starts don't try to connect to the internet.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/jimmejardine/qiqqa-open-source/issues/351, or unsubscribe https://github.com/notifications/unsubscribe-auth/AADCIHQTBCMVNNYDZMQYLVTT5T3KLANCNFSM5COEHZHQ .

mahfiaz commented 2 years ago

When uninstalling the same Qiqqa version, it nags for a reason with a dialog box and opens the following page with non-default browser Edge: http://www.pdfhighlights.com/?utm_source=qiqqa&utm_medium=uninstall&utm_campaign=uninstall

mahfiaz commented 2 years ago

The nagger on uninstaller is located here:

Qiqqa.Build/Packaging/setup.iss:295:      ShellExec('open', 'http://www.qiqqa.com/UninstallFeedback', '', '', SW_SHOWNORMAL, ewNoWait, ErrorCode);
Qiqqa.Build/Packaging/setup.iss:299:      ShellExec('open', 'http://www.pdfhighlights.com/?utm_source=qiqqa&utm_medium=uninstall&utm_campaign=uninstall', '', '', SW_SHOWNORMAL, ewNoWait, ErrorCode);`

My mistake earlier. I had unblocked qiqqa in firewall and so didn't get the whole information.

After restarting qiqqa when loading home screen, it always tries to connect in about 10 seconds to:

140.82.121.3 port 443 (fra.github.com)
or
140.82.121.4 port 443 (fra.github.com)

Before and after doing this, qiqqa.exe deals with xulrunner (as reported by procmon.exe).

On first start today, in about a minute after opening the home screen, sitting idle, it in addition tried to create the following connections:

104.236.80.27 port 8080
89.200.143.138 port 80 (qiqqamail.com)
77.73.4.39 port 80 (qiqqa.com)

On first start after first install it opens the old webpage, which is unnecessary:

Qiqqa/Common/Configuration/WebsiteAccess.cs:220: return GetWebsiteUrl() + "/Home/Welcome";

mahfiaz commented 2 years ago

MITM-ing the connection showed the request goes to https://github.com/jimmejardine/qiqqa-open-source/releases/Content/Client/ClientVersion.xml and the response is "Not Found".

It is called from here: Qiqqa/Common/Configuration/WebsiteAccess.cs:284: return GetDownloadWebsiteUrl() + "/Content/Client/ClientVersion.xml";

And unnecessarily the connection is of type "Connection: Keep-Alive".

GerHobbelt commented 2 years ago

Aha. That's the old 'is there a new software release available already' check code, which was roughly patched to point at github instead of qiqqa.com (as that one is phased out).

No calling-home code therefor, and untracked.

Has to be redone into a proper check for updates on github, but that publishing process hasn't been further automated and worked on yet.

Thanks for reporting and the subsequent investigation -- which saves me time looking into this. 👍