From 28a5d72a182b606312c592fb7fbb6abf2332bbfd Mon Sep 17 00:00:00 2001 From: Simon Tatham Date: Sun, 3 Nov 2024 14:20:39 +0000 Subject: [PATCH] privacy.but: pedantically mention DNS lookups. Literally speaking, it's not true that PuTTY only connects to the server you told it to. It typically has to connect to a DNS server first to find out where that server _is_. (If you've provided a hostname, and if that hostname isn't in /etc/hosts or equivalent.) Of course, if you're concerned about people _in your organisation's network_ finding out where you've been connecting to, you have bigger problems, because whether you did a DNS lookup or not they can certainly see your IP-layer headers. But that really is outside the scope of this document. I only mention DNS out of pedantry, because not doing so made "does not connect to any other site" technically inaccurate. (Perhaps even: only inaccurate if the DNS lookup happens over TCP :-) --- doc/privacy.but | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/doc/privacy.but b/doc/privacy.but index 6b559fe9..0f488bf6 100644 --- a/doc/privacy.but +++ b/doc/privacy.but @@ -144,7 +144,9 @@ configuration instructs it to. No PuTTY tool will \q{phone home} to any site under the control of us (the development team), or to any other site apart from the -destination host or proxy host in its configuration. +destination host or proxy host in its configuration, and any DNS +server that is needed to look up the IP addresses corresponding to +those host names. No information about your network sessions, and no information from the computer you run PuTTY on, is collected or recorded by the PuTTY