Suspicious actions happening when web browsing
 

I've recently had some unusual things happening with my web browsing.
Yesterday I received a message from my HTTPS Everywhere addon asking 'permission' to access all the sites I visit.
I thought that was an unusual request - so I disabled the addon.

Today, I updated Ubuntu 16.04 and 3 openSSH packages were downloaded.
After that, the internet went offline. But I didn't switch off internet access.

After a reboot I went onto Wikipedia.
The site said I had a message from them - but I'm not registered with the site.
When I pressed the link to see the message it said I had made a change to a page but I didn't provide a source to justify the change.
The page is about some boy band in the UK which I've never heard of.

The OS I have is a lightweight version of Ubuntu and doesn't have all the protection features.

1. Is there a way I can make sure my OS isn't accessed remotely?

2. Has anyone else received openSSH packages recently from Ubuntu?

3. Why has Wikipedia mixed me up with some other guy when I don't even have an account with them?
Does the edited Wikipedia page indicate anything?

4.Is that message from HTTPS Everywhere normal?

Offhand, I'd say that none of this is normal.

Do you have the firewall enabled?

I'm guessing you're using Firefox. Do you have NoScript or something like it enabled?

Have you emptied your browser cache and cleared the browser history and cookies?

Both openssh-client and ssh-askpass-gnome were updated on my system from the Ubuntu repos on 4 March. The latter may have affected HTTPS Everywhere. My reaction on seeing what you experienced would have been to reboot my system and check again.

Does anyone else share your internet router? On the other hand, your ISP might have given you a rotated IP address that had previously been used by someone else editing Wikipedia.

Good to know others find this unusual too.
I don't think the lightweight OS had a firewall.

Certainly use NoScript.
Only recently have I found you can delete cookies on Firefox browser!
But I now use this feature regularly. Not sure how effective it is though.

Yes, I have just seen some ssh apps being upgraded on Debian on my second PC.

Yes, and switch router off and on again at the mains to get a new dynamic IP.
At the end of the day, I think it's best just to get a paid VPN from a 'non-Five Eyes' provider.

That's an interesting point.
However, I prefer suspicion and paranoia to gentle innocence.

Even so, I think the problem has been resolved temporarily.
I found a way to upgrade Ubuntu (dist-upgrade) to the latest version.
This would mean I can upgrade from the pre-installed lightweight Ubuntu to the full fat version.
Unfortunately, this doesn't work with the RK3399 single board computer as I now get the Black Screen of Facepalm on boot.

I now need to refer to the OEM to find a way to flash the lightweight Ubuntu OS back onto the SBC.
This may be problematic as my Mandarin is not so great.

I'm more a fan of Occam's razor. ;)

I don't know anything about Lightweight OS, but, if it uses the Linux kernel, is should have firewall capability built in; it's called "iptables."

https://wiki.debian.org/Firewalls

I recommend GUFW as a GUI front-end for configuring iptables; UFW is a nice command line front-end.