SoylentNews is people
SoylentNews
AdGuard on Thursday published a list of more than 6,000 CNAME-based trackers so they can be incorporated into content-blocking filters.
CNAME tracking is a way to configure DNS records to erase the distinction between code and assets from a publisher's (first-party) domain and tracking scripts on that site that call a server on an advertiser's (third-party) domain. Such domain cloaking â obscuring who controls a domain â undoes privacy defenses, like the blocking of third-party cookies, by making third-party assets look like they're associated with the first-party domain.
[...] The most commonly detected CNAME trackers, according to the researchers, come from the following companies, in order of prevalence: Pardot, Adobe Experience Cloud, Act-On Software, Oracle Eloqua, Eulerian, Webtrekk, Ingenious Technologies, TraceDock, LiveIntent, AT Internet, Criteo, Keyade, and Wizaly.
[...] "In order to prevent it you'll need to use a content blocker that can access DNS queries," Andrey Meshkov, CEO of AdGuard, told The Register.
"The whole problem is that the majority of users don't use them and just stick to Chrome or Safari browsers with extensions. These users can only 'react' to the problem, they can only start blocking a new disguised tracker as soon as we detect it on AdGuard DNS and update the list."
Meshkov acknowledged that this is not a proactive approach, but it works within the existing system for applying filtering lists to content blockers.
[Ed Note: I use and can recommend Pi-hole for your home network. That doesn't help though when you're on the road unless you VPN back to your home network first. - Fnord]
(Score: 0) by Anonymous Coward on Friday March 05 2021, @11:09PM (2 children)
If there's some chicanery related to advertising, Google's behind it.
(Score: 2) by julian on Saturday March 06 2021, @02:32AM
This particular technique requires the website owner to collude with Google. They are essentially self-hosting Goog's tracking tech so your browser interacts with the tracking code/cookies as if it were the first-party website that you ostensibly trusted
(Score: 2) by darkfeline on Saturday March 06 2021, @04:23AM
I wasn't aware that Google owned Adobe and Oracle.
Join the SDF Public Access UNIX System today!
(Score: 2, Informative) by Anonymous Coward on Friday March 05 2021, @11:20PM (1 child)
In uBlock Origin, (and/or a hosts file, depending on whether or not you use DoH) add StevenBlack's hosts file [github.com] to the Custom area.
He also offers a "List of all hosts file variants" where different types of shit can be added just by using one hosts file!
It's great stuff! The default SBH file has over 60k entries.
(Score: 0) by Anonymous Coward on Saturday March 06 2021, @02:27PM
CNAME lookup was implemented in uBlock Origin 1.25.0 on Firefox, but Chrome does not have a dns API. Also the most recent uMatrix release 1.4.1b6 has support for CNAME lookup on Firefox.
https://github.com/gorhill/uBlock/releases/tag/1.25.0 [github.com]
https://github.com/gorhill/uMatrix/releases/tag/1.4.1b6 [github.com]
(Score: 3, Funny) by FatPhil on Saturday March 06 2021, @12:01AM (2 children)
I can't imagine any way that might be worked around.
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 0) by Anonymous Coward on Saturday March 06 2021, @01:23AM
That depends on whether P = NP or not.
(Score: 2) by Mojibake Tengu on Saturday March 06 2021, @02:44AM
Though I am pretty sure any web tracking scheme belongs under 0.
The edge of ċ¤Şç cannot be defined, for it is beyond every aspect of design
(Score: 2) by black6host on Saturday March 06 2021, @04:46AM (2 children)
From the per-requisite section of the documentation:
Anyone know if this behavior can be changed easily? I've already got my pi set up with a static IP and I am running it headless. I really don't want to change any of that...
(Score: 0) by Anonymous Coward on Saturday March 06 2021, @01:59PM (1 child)
It will prompt you to keep current settings or change them during install.
If you're just getting started my pro-tip is that you will also have to masquerade all dns traffic through the pihole. You'll be amazed at how much shit uses hard-coded DNS servers to get around DNS ad blocking.
(Score: 0) by Anonymous Coward on Sunday March 07 2021, @11:00AM
I just block it at my firewall. You don't play nice, I don't play nice.
(Score: 1) by echostorm on Saturday March 06 2021, @08:08PM
If you aren't setting up a pihole, you can get adguard family from stacksocial for 30 bucks and it works on up to 9 devices at a time for life. been pretty happy with it for about a year now. They also have a pihole type offering but I mean if you are going to go that route, just use the free one imo.