Home / ubuntu / Questions / 1232782
In Process
Ntakwetet
Asked: 2020-04-30 00:52:51 +0800 CST

How can I prevent a third party software to gather data from my device?

  • 772

For work purposes I have to use a not open source software that collects and sends to the producer MAC address, other device IDs and other hardware datas (from its privacy policy, which is not very exhaustive). Is there a way to:

  1. find out what exact data the app stores, and
  2. spoof them?

I suppose I could just run the app into a virtual machine, but I don't know if it would be sufficient to mask all the data and my PC isn't very powerful, so running a virtual machine is usually a pain.

I work with an Ubuntu Desktop 20.04 device to which I have root acces, so I can do whatever is needed. Open source only solutions would be much appreciated.

Some more informations (update 1)

I forgot to specify some very important informations.

  1. The software requires internet access (it's for videoconference purposes), so just blocking it in the firewall is not an available solution. That's what I already do with other software, but in this case it's just not an option.
  2. I have already tried to ask to producer what data they collect, but the legal time for an answer has already expired and they didn't answer - but that's what I expected, as it looks like they're not subject to the GDPR.
  3. The app is not run on a work machine - it's a software I've been required to use for home working due to coronavirus epidemic.

Virtualisation (update 2)

Some answers suggest to use virtualisation solutions like Firejail, but as far as I understand those softwares allow a "software isolation", where I need a sort of "hardware isolation" (meaning that the app must not have access to data about my hardware). Obviously I might be missing something - if that's the case please explain it.

hardware devices user-data privacy

3 Answers

  1. What you are trying to do is to "sandbox" your application. You can do your researchs again with this keyword

    You may want to check that question

    Several options are presented, the easiest probably is Firejail and the second one docker

    • 0

  2. In my oppinion a turnkey GUI firewall may be the solution available. You may try:

    sudo apt update

    sudo apt install gufw

    Still you can add rules for specific aplicattions, etc.

    • 0

  3. From a technical standpoint, I find this question interesting.

    You have an untrusted application and want to :

    1. know what data it collects about you or your device
    2. prevent that data to be collected

    For 1., the easiest way is to ask the application provider. If you are in the EU, they should tell you what data they collect and to what end (GDPR). Analyzing the application from your side will probably take a lot of efforts (security analysts had quite some work to find out what Windows 10 was doing in this matters ; see this report). You would probably need tools like Wireshark to analyse the network and strace for system calls.

    For 2., a key point is : does your application needs network access. If not, you can simply unplug your computer from network while using the app (assuming it doesn't store data and / or run without your knowledge). The easy way is to use firejail --net=none <yourapp>.

    Using a VM is indeed a good way to hide what hardware you are using ; AFAIK there is no way to know the underlying hardware from a VM. Your public IP address will be available though.

    I don't know much about Sandboxing but looking into Firejail seems to be a good starting point.

    • 0