Infodump Superhighway

Debian

If like me you've got something on your network monitoring DNS requests, such as Pi Hole or AdGuard Home, and you have a computer or two or three running Linux, you've probably seen many requests like the above. Odds are they hit your top domains, especially if you have multiple machines running the same distro.

I fiddle with a few different distros but I tend to stick to Ubuntu for my main one. I have three machines on my network running Ubuntu. As you can see, they frequently connect to the domain connectivity-check.ubuntu.com.

Every single OS on every single device – whether it's a computer, smartphone, or IoT device – pretty much does the same thing. For example Windows uses the rather more cryptic domain msftncsi.com, standard Android pings connectivitycheck.gstatic.com, and even my phone running Graphene OS – a fork of Android focused heavily on security and privacy – checks in now and then with connectivitycheck.grapheneos.network.

The purpose of these domains is quite self-explanatory: it's simply a way for the device to check if it's connected to the internet. If not, it'll show an error letting you know there's a connection problem, or if it detects a captive portal (e.g. a login page for hotel WiFi) it'll redirect you to that.

Read more...