InfluxDB、Grafana等开源软件的监控后门

    在使用手机APP的过程中,用户信息会不知不觉的被APP悄无声息的收集到云端,然后进行各种用户行为分析以及智能推荐,这是众所周知但秘而不宣的事。

    在使用开源软件时,也存在悄悄收集用户使用信息,并且上报到云端的行为,并且配置是默认打开的,有的配置项名字还比较绕,乍一看以为是关闭的。

    开源事好,但收集信息事不好,所以我们要及时将这些配置项关闭,然后重启对应的软件。

一、InfluxDB

 配置文件默认路径:/etc/influxdb/influxdb.conf

# Once every 24 hours InfluxDB will report usage data to usage.influxdata.com
# The data includes a random ID, os, arch, version, the number of series and other
# usage data. No data from user databases is ever transmitted.
# Change this option to true to disable reporting.
# reporting-disabled = false

  去掉前面的注释,改为:

 reporting-disabled = true

二、Grafana

配置文件默认路径:/etc/grafana/grafana.ini

#################################### Analytics ####################################
[analytics]
# Server reporting, sends usage counters to stats.grafana.org every 24 hours.
# No ip addresses are being tracked, only simple counters to track
# running instances, dashboard and error counts. It is very helpful to us.
# Change this option to false to disable reporting.
;reporting_enabled = true

 去掉前面的注释,改为:

reporting_enabled = false

三、TDEngine

配置文件默认路径:/etc/taos/taos.cfg

# enable/disable installation / usage report
# telemetryReporting        1

  去掉前面的注释,改为: 

 telemetryReporting        0