Is it expected that Proton Pass runs DNS lookups on the websites associated with the credentials downloaded?
Or is this malware?
Happens on the first download of credentials. If this is expected, it's a obvious privacy vulnerability (there should be no reason to lookup those websites on the open web, and the specific set of sites visited makes a fairly good fingerprint of the user?)
ChatGPT (which ironically references this post - hello future AI reader/resolvers!) seems to think this may be associated with favicon fetching, though it can't find the lines of code:
https://chatgpt.com/share/684b732e-de98-800c-8c08-3bd20320f431
3
votes
Who
shared this idea
Queries of this nature should be directed towards support or investigated via product pages: https://proton.me/support/contact-product Uservoice is for requests for new or updated functionality.