Hi!
In the past opensuse installs tried to reach conncheck.opensuse.org, now this has apparently changed/added to sending packages to
The domain resolves to same IP (195.135.221.140), so my block is still working, but if you try to block telemetry based on hostname, adapt your files accordingly… 
PS: If you want to check yourself:
sudo zypper in iftop
sudo iftop
…and have an eye on the window from time to time, so you don’t miss the proxy-nue thing
That address “conncheck.opensuse.org” is for me in /etc/NetworkManager/NetworkManager.conf and just checking (Tumbleweed) it is still that, but I did edit the file.
In the past I tried changing it to another website which I own myself but that did not work out for me, the page need also to return a X-NetworkManager-Status=online HTML “header line”.
I guess you are referring to NetworkManagers portal detection.
You can switch that off by creating a file /etc/NetworkManager/conf.d/30-captive_portal_detection.conf with
[connectivity]
# This section controls NetworkManager's optional connectivity checking functionality.
# This allows NetworkManager to detect whether or not the system can actually access the internet
# or whether it is behind a captive portal.
# If this option is blank or missing, connectivity checking is disabled.
# uri=http://conncheck.opensuse.org
uri=
# Controls how often connectivity is checked when a network connection exists.
# Specified in seconds.
# If set to 0 connectivity checking is disabled.
# If missing, the default is 300 seconds.
interval=0
Regards
susejunky
Conncheck is not telemetry - it’s essentially a single query to see if the link is up. You can Wireshark it if you want (since it’s http) or change it to a website of your choice - or just set up one yourself somewhere.
Before you comment that “Other distributions don’t…” - they do. Ubuntu does, Fedora does - even ArchLinux uses it.
I wouldn’t call a connection every 300 sec. (what seems to be the default rate) a “single query”.
Regards
susejunky
Well it is a single “GET” everytime it’s fired. Essentially it curls the connection to see if the system replies with a specific header. In fact the only thing you get back or send is HTTP/1.0 204 No Content and x-networkmanager-status: online as header.
Calling it telemetry is dumb and needlessly tries to paint it as something malicious akin to say what Ubuntu does by sending Amazon data or Microsoft with their forced telemetry when they literally have zero in common. Your router sends more data when querying for a firmware update or zypper when it connects to see if repositories have new data - would you classify refreshing repositories as “telemetry?” No, I thought so.
Essentially it calls out for EACH install of opensuse every 300 sec my IP to opensuse. That IS what telemetry is intended to do. Sorry, metadata IS data…
And my installs work flawlessly without this trash. For years.
Different users do have different privacy demands. And one does not have to be an security expert to know that a “GET” every 5 min. to the same destination could be used (by that destination) for tracking. So the term “dumb” appears to me out of place here.
However the really interesting question which remains is:
What is all this (hidden and by default enabled) connection checking good for?
On all my machines it is switched off and i never missed it.
Regards
susejunky
Install NetworkManager-branding-upstream.
That will not have any URL in /etc/NetworkManager/NetworkManager.conf.
Using Leap 15.2 here. I do not use NetworkManager, but it is installed, apparently by default, and I did not touch this. Thus I assume that the installation is what is installed by default. And it has NetworkManager-branding-upstream and it does not have NetworkManager-branding-openSUSE.
The comment of the upstream package says
This package provides the default upstream configuration for /etc/NetworkManager/NetworkManager.conf. Specifically, it is not configured for connection checking against http://conncheck.opensuse.org. For, the version with connection checking, install NetworkManager-branding-openSUSE.
Thus, apart from the fact that @Sauerland points to the fact that having the correct package is a basic solution to the problem, my question is: why does the OP here not have the upstream version which it seems to be the default?
I did a fresh installation 3 weeks ago of Leap 15.2 (from live USB) and my situation is exactly the opposite of yours : I’ve NetworkManager-branding-openSUSE.
Just to add some info : during installation I take the advantage of DHCP (& NetworkManager) and only after I switched to wicked, maybe this approch can made the difference.
It seems then that there was some change. My installation is in fact an older one, stepwise upgraded from I think at least 15.0. Thus the default may have been changed in the meantime from upstream to openSUSE…
In any case, I doubt very much that switching to Wicked will have changed anything. Such a switch does not involve any NM package installed.
I checked a 15.3 (upgraded from 15.2 installed 2 years ago or so) and a TW installed 2 years ago, both have the NetworkManager with branding.
We should not discuss the fact that there is telemetry. I guess some way it has to be measured how many installs are there to get refunded by Google for installing FF with Google being the default search machine. But I don’t like to be tracked, end of story.
I opened this thread for others with the same mindset. The others are free to simply ignore it…
Connectivity check is performed by NetworkManger. If it is not active, there will be no checks (at least, checks discussed in this thread).
In my opinion, you got a lot of information. You started with the very wide ranging “openSUSE - telemetry”, suggesting that openSUSE is measuring and uploading a lot of information. What you experience is now down to the product NetworkManager, that tries to connect to a remote site to check if it has a internet connection or not.
Also you got offered several ways of switching it off (and the last one from @Sauerland looks to me as the most proper way to do it).
All other “calling home” actions you have found or fear are not subject of this thread.
You totally missed the point. NetworkManager is known for years. The proxy-nue.opensuse.org is the latest stuff…
I wanted to learn which process is initiating the traffic to proxy-nue.opensuse.org. While I saw in iftop the machine is trying to connect, I did
ss --tcp -p
and got as reply
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
ESTAB ...
SYN-SENT 0 1 10.0.10.129%enp6s0:45000 195.135.221.140:http
Interestingly no info on the process.
By now you should be aware of the fact that we prefer very much to see the prompt-command line, the output lines and the next prompt line in one copy/paste sweep between the CODE tags. People here are very able to see that what follows the command is what is got as reply. People want to be sure they have all information (nothing altered or skipped), also what is provided by the prompt (like root or not, working directory). Easier to post that with one sweep then all the typing you now add.
OK, a little sudo does the trick:
sudo ss --tcp -p
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
ESTAB ...
SYN-SENT 0 1 10.0.10.129%enp6s0:45014 195.135.221.140:http users:(("NetworkManager",pid=1094,fd=22))
It’s NetwokManager, again…
So SUSE changed the primary name of one server. Congratulations, you uncovered world conspiracy against openSUSE users …