[SECURITY] nvidia settings phones home

nvidia settings has been frustrating me lately, it is slow to load, forgets my settings, and takes a disproportionate chunk of my cpu time, and makes running games on my optimus laptop a hassle. recently i strace’d it to find out why,
get this,
nvidia settings connects (phones home) to two separate IP address’s (66.152.109.64,198.105.251.69) one in Albany, New York the other in New York City one appears to be a check-in the other trades some information though what i haven’t found out yet, i won’t even speculate as to why. Stupidly, flipping my networking hardware switch to run in “airplane mode” and all of the hassle is gone instant start-up, remembered settings, the driver even loads my monitors correct resolutions instead of having to re-enter them.

even stupider traceroute tells me the tcp connections jump all over the country like some novice script-kiddie is trying to cover his tracks, exactly it doesn’t work
this cannot be intended, its frightening if it is

See the following thread:
https://devtalk.nvidia.com/default/topic/537334/nvidia-settings-timing-out-while-trying-to-connect-to-ip-in-new-york-/?offset=4

thanks, not a feature at all, phew got all pissed for nothing
any idea how to tell X11 to not connect over tcp? -nolisten tcp maybe?

“-nolisten tcp” tells the X server not to listen for incoming connections via TCP. The problem here is the opposite direction: the client trying to make outbound connections over TCP. It looks like you can disable TCP support entirely in libX11 by passing the --disable-tcp-transport and --disable-ipv6 options to the configure script, but that doesn’t seem to actually prevent TCP connections in my testing. I don’t see a way to disable it at runtime… your best bet might be to use iptables / ip6tables or whatever their new-fangled replacement is called to prevent outbound connections on the 6000+ port range.