Readit NewsI have Proxyman and Wireshark. IIRC I used Proxyman also when writing my blog post.
In any case, Little Snitch is not lying and inventing packets. I don't know why you aren't seeing anything, but as I said, it's a race condition, so that can happen, and in any case, I would say that it's a better way to analyze this by adding Little Snitch to your setup.
I quickly downloaded the kagi extension for testing and there I can see the leaking - the Qwant extension still does not leak. Maybe you could also test the Qwant extension?
I just tested with Little Snitch and saw leakage to Google.
It's a race condition, so you might not always see it.
I don't know your setup but in my opinion something like proxyman / mitmproxy or even Wireshark would be the better way to analyse this.
I tested quite often and never saw the leak with Qwant.
All the Safari search engine extensions work the same: https://lapcatsoftware.com/articles/2025/2/2.html
Interesting, something must have changed then - the qwant search extension definitely does not leak the search to the default search engine - I checked myself with Proxyman.
Will this still send your information to Google because the redirect sometimes happens after the search has already been sent? I’m curious because I use a similar Kagi extension and I feel like it’s definitely sending my information to DuckDuckGo which sucks. I wish apple would allow more search options.
Depends on how the extension works probably. Had the issue with some extension but the Qwant extension for example doesn't leak - you can check yourself when capturing the http(s) traffic with something like proxyman.
Cool idea, wanted to try it out but it's not available in my country. Any reason for this? :)
whatsthatabout commented on Reverse Engineering Bambu Connect wiki.rossmanngroup.com/wi... · Posted by u/pabs3
What I don't get...BambuSlicer is open source. And, not only is it open source, it's a fork of PrussaSlicer, so Bambu doesn't have the ability to re-license it.
It's licensed under the Affero GPL which is very strict about the licensing of derived works. That license requires Bambu to include the source code to any additions they make, including all of the logic, keys, etc. that they're baking into any binary distributions. If they don't, they're violating the copyright rights of Prussa and many others.
So, either Bambu has to open source all of this, which defeats the purpose (given that it's already leaked, that's gonna happen anyway) or they have to route everything through a separate program for their own slicer.
BambuConnect is not part of BambuStudio - That's intentional, so BambuLab does not need to share/open-source it.
The current implementation (the Bambu network plugin thingy) isn't a part of it either, it's downloaded by the client when BambuStudio is opened.
Seeing Wuppertal on the start-page of hackernews wasn't something on my bingo card lol
Why do you need to have a lot of permissions for the extension?
This extension would be able to read and alter web pages and see your browsing history on this website. This could include sensitive information, including passwords, phone numbers and credit cards.
You can change this later in the Websites section of Safari Settings.
Hi, I added a part to the GitHub repo explaining this, basically its this:
- The extension requires permission to "Access all websites" solely to detect video players and enable Picture-in-Picture functionality across different websites
- No data is collected, stored, or shared with third parties
- All functionality operates locally on your device
I did: https://news.ycombinator.com/item?id=43175181
There's really no magic or mystery here. The extension is simply using this API: <https://developer.apple.com/documentation/safariservices/sfs...>