Network Connections (Network Traffic)

Meta
1

All the instances where obsidian generates network traffic

  1. When you open one of your notes that embeds online content. For example, an image ![cat](https://upload.wikimedia.org/wikipedia/commons/0/0b/Cat_poster_1.jpg)
  2. Periodically check for updates (can be disabled in the settings)
  3. When you access your Obsidian account in Settings
  4. When you use Obsidian Sync
  5. When you use Obsidian Publish
  6. When you browse/download third-party themes
  7. When you browse/download third-party plugins
  8. If you have third party plugins enabled, there is a check, done once every 12 hours from the time the app starts up, which fetches a file hosted on GitHub we use to issue “plugin deprecations”. This file is used to remotely disable specific versions of plugins that are known to malfunction, cause data loss, or could potentially be vulnerable or malicious.
  9. The dictionary file for each language is downloaded on first use.
  10. The plugins you enable can also generate network traffic

Bonus:

  • DNS requests if a hostname needs to be resolved before establishing a connection (including DNS over HTTPS).
40 Likes
3

Not that I’m not trusting you, but I just want to brute force all supporting evidence for that. How do I check these statements, and how do I know if my checking tool is not compromised?

4

Install a traffic monitor and look for yourself.

1 Like
5

I wanted click-to-load for online content, instead of automatically loading remote resources like images and embeds. So I blocked the Obsidian executable in the firewall.
In the space of 8 minutes it logged 700 firewall events, outbound towards the following IP addresses:

104.18.12.173
104.18.13.173
104.21.68.203
172.67.198.115
2606:4700:3036::6815:44cb
2606:4700:3036::ac43:c673
2606:4700::6812:cad
2606:4700::6812:dad
fe80::1227:f5ff:fe12:8a70

The IPv4 ones are Cloudflare from San Francisco, but I don’t know what it’s about.

I’m not signed in, don’t have automatic updates turned off in settings, and these are my community plugins:

[
  "calendar",
  "obsidian-editor-shortcuts",
  "nldates-obsidian",
  "obsidian-wikipedia"
]
1 Like
6

I’ve been monitoring Obsidian traffic on Linux (v1.8.4 AppImage) for about a week, and haven’t seen anything like this.

Just wanted to add re. this,

that the host is raw.githubusercontent.com (rather than the gist.github.com sometimes used by other applications).

I’ve also seen connections to fonts.googleapis.com. Haven’t installed any theme.

Thanks @WhiteNoise for clarifying the connections.

7

Hi Everyone :slightly_smiling_face:

I’m new in here and this will become my first post :slight_smile:

I know this is an old thread but it hit the head of the nail.
I just started to use Obsidian today… and i was starting to swear as we all do more or less learning new software. LOL :rofl:
Then Obsidian tried to connect to *****45c-5gol. googlevideo .com and i just looked at my firewall message and thinking… what now!!! :astonished: as i haven’t written a single ink in the different notes.

as i Block all google related content as i boycotting Google as a company, no traffic went out.

Do you guys know why this is happening and is it possible to tweak some settings in Obsidian to prevent network connections unless asked for?

I have set updates to manual and i have no account and i will not get one as i dont want to sync or have any cloud solutions what so ever.

I use Debian and installed Obsidian the last version with the Deb package.

I thank you all in advance for any kind of help :slight_smile: :slight_smile: :slight_smile:

8

it should have been Internet Link… not ink lol
It seems not be possible to edit my post, so i add this quote as an edit. :blush:

9

Hi, can you please add an option to disable the phone home requests during application startup? Better yet, remove it altogether, please?

On Linux, using OpenSnitch, I see that every time I start Obsidian it tries to make multiple requests to Github domains (githubusercontent, etc) over the course of about 3 minutes (if blocked, it keeps re-trying).

I do have the option for “Automatic updates” turned off in settings, but this does not stop these requests at startup. We should, at the very least, be informed they are occurring. It took OpenSnitch to identify these surreptitious requests.

Please disable these internet requests, whatever they are doing. For a “privacy focused” application, this is unacceptable. Otherwise, Obsidian seems like a pretty great application so far.

Thanks.

5 Likes
10

I moved your thread here.
See first post.

11

Fair enough.

However, Obsidian is promoted as a “privacy focused” application. Therefore, as such, it would benefit from, and increase trust for users, by having these above points communicated more clearly after installing the application, upon first run.

Also, please allow us to see when these network requests occur, where exactly they are connecting to, and why. And please grant us the option of allowing or denying these specific network requests in the settings. Ask us, please, and be more transparent. That is being “privacy focused”. And allow us to permanently disable each request if the user so chooses.

By the way, I can’t recall if it has been done already or not, but Obsidian should most certainly disable Electron’s initial phone-home request to Google (redirector dot gvt1 dot com) upon first run after installation (check it with OpenSnitch).

1 Like
12

Since I can’t edit my post, I’ll add an update: OpenSnitch just alerted me that another request to this Google-owned domain was being attempted, so it doesn’t only occur on first run after installation. Definitely not “privacy friendly”. Please disable these Electron network requests.

13

Hi there. Interesting there’s been no response to this and it’s been over two weeks It doesn’t seem like the Obsidian devs really care very much about this. Others clearly do (see the likes).

Can you devs please at least remove the Electron/Google tracking (the domain is redirector dot gvt1 dot com). Easily viewable if you run OpenSnitch or other firewall. This is extremely anti-privacy and not covered in your first post in this thread. Signal fixed it, why can’t you guys? (github dot com/signalapp/Signal-Desktop/issues/5767)

Also, I have “automatic updates” turned off, yet every time I start the application, Obsidian attempts to make multiple requests to Github domains (githubusercontent, etc) over the course of about 3 minutes (if blocked, it keeps re-trying). If I’ve turned off automatic updates, not using push/sync, this shouldn’t happen. Yes, it could be third party plugins, but I don’t know. And I’d rather not download your “plugin deprecations” file every 12hrs (item #8 in your list above). Can you please give us an option to change the time (once a week, etc) or disable this check entirely? I should have the option to actually stop these sorts of things in a “privacy focused” application, shouldn’t I?

14

Which complete URL exactly did you detect? Because gvt1.com is (also) used for downloading spelling dictionaries on first use, and this is listed in OP.

Feel free to open a FR for this.

15

All I saw in OpenSnitch was what I listed (redirector dot gvt1 dot com), I’m not sure if that was the entire URL or just the domain. Do you have it?
But did you read how Signal fixed it? They moved the dictionary request to their servers to avoid it pinging Google since they are privacy-focused.

What’s an “FR”? Can you?

16

Feature request.