Describe the bug
It's not really a bug, but a behavior I've detected that I don't think is appropriate, especially for a password manager.
Simply by opening AuthPass for the first time, I detected that DNS and TCP connections are made to the domain stats.herby.top, whose IP address is 185.151.30.181.
When accessing the above domain via a browser, a login page supposedly from the Matomo application (aimed at web analytics) is displayed. When I accessed the herby.top address in the browser, I noticed that it was a personal page of the AuthPass developer.
My question is that I couldn't find any mention in the forum, in the documentation, in the privacy policy or in the terms and conditions about possible data collection directed to the aforementioned address when using AuthPass.
To Reproduce
Steps to reproduce the behavior:
- Open AuthPass app on Linux
- Waits 10 seconds
- Verify traffic on Wireshark and logs\notifications on OpenSnitch firewall
Expected behavior
Make it clear what data is collected and where it is going OR disable any and all data collection that is not associated with the use of AuthPass Cloud, for example.
Screenshots
Desktop (please complete the following information):
- Debian 12 Bookworm
- AuthPass (extracted from tar.gz file in releases page) Version 1.9.11_2007
Describe the bug
It's not really a bug, but a behavior I've detected that I don't think is appropriate, especially for a password manager.
Simply by opening AuthPass for the first time, I detected that DNS and TCP connections are made to the domain stats.herby.top, whose IP address is 185.151.30.181.
When accessing the above domain via a browser, a login page supposedly from the Matomo application (aimed at web analytics) is displayed. When I accessed the herby.top address in the browser, I noticed that it was a personal page of the AuthPass developer.
My question is that I couldn't find any mention in the forum, in the documentation, in the privacy policy or in the terms and conditions about possible data collection directed to the aforementioned address when using AuthPass.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Make it clear what data is collected and where it is going OR disable any and all data collection that is not associated with the use of AuthPass Cloud, for example.
Screenshots
Desktop (please complete the following information):