[opensuse] Security/Privacy Minded - 'Unblockable' web trackers emerge.
Worth all being aware of -- courtesy of El Reg. Bad news: 'Unblockable' web trackers emerge. Good news: Firefox with uBlock Origin can stop it. Chrome, not so much https://www.theregister.co.uk/2019/11/21/ublock_origin_firefox_unblockable_t... And the world called Kaczynski crazy....?? -- David C. Rankin, J.D.,P.E. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Fri, 22 Nov 2019 01:21:33 -0600 "David C. Rankin" <drankinatty@suddenlinkmail.com> wrote:
Worth all being aware of -- courtesy of El Reg.
Bad news: 'Unblockable' web trackers emerge. Good news: Firefox with uBlock Origin can stop it. Chrome, not so much
https://www.theregister.co.uk/2019/11/21/ublock_origin_firefox_unblockable_t...
And the world called Kaczynski crazy....??
I don't understand most of what that article says. Does DoH have any effect on this exploit? But I use FF with uBO so I don't care, apparently. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 11/22/2019 06:40 AM, Dave Howorth wrote:
On Fri, 22 Nov 2019 01:21:33 -0600 "David C. Rankin" <drankinatty@suddenlinkmail.com> wrote:
Worth all being aware of -- courtesy of El Reg.
Bad news: 'Unblockable' web trackers emerge. Good news: Firefox with uBlock Origin can stop it. Chrome, not so much
https://www.theregister.co.uk/2019/11/21/ublock_origin_firefox_unblockable_t...
And the world called Kaczynski crazy....??
I don't understand most of what that article says. Does DoH have any effect on this exploit? But I use FF with uBO so I don't care, apparently.
My take away was the bad guys have found a way to continue tracking you site-to-site and to fingerprint your browser (tie those browsing activities to you individually) by using DNS to get around the browser setting [x] Block third-party cookies by having the domain you are visiting delegate subdomains via CNAME to the third-party trackers so the third-party trackers appear as first-party content. (there's more to it than that, but that's what I got as the gist) And yes, using FF with Ublock origin does provide at least some piece of mind. (add to that becoming a digital hermit -- you should be fine :) -- David C. Rankin, J.D.,P.E. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Important point here, *each* website has to agree to delegate to the tracking firm. This is a big ask and any website that agrees to this is acting directly as an arm of the tracker. I'm not particularly concerned with general tracking, but I'd have some serious questions about any website that agreed to this. On 1122, David C. Rankin wrote:
On 11/22/2019 06:40 AM, Dave Howorth wrote:
https://www.theregister.co.uk/2019/11/21/ublock_origin_firefox_unblockable_t... I don't understand most of what that article says. Does DoH have any effect on this exploit? you individually) by using DNS to get around the browser setting
-- __________________________________________________________________________ Josef Fortier Systems Administrator fortier@augsburg.edu Phone: 612-330-1479 __________________________________________________________________________ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
* David C. Rankin <drankinatty@suddenlinkmail.com> [11-22-19 11:03]:
On 11/22/2019 06:40 AM, Dave Howorth wrote:
On Fri, 22 Nov 2019 01:21:33 -0600 "David C. Rankin" <drankinatty@suddenlinkmail.com> wrote:
Worth all being aware of -- courtesy of El Reg.
Bad news: 'Unblockable' web trackers emerge. Good news: Firefox with uBlock Origin can stop it. Chrome, not so much
https://www.theregister.co.uk/2019/11/21/ublock_origin_firefox_unblockable_t...
And the world called Kaczynski crazy....??
I don't understand most of what that article says. Does DoH have any effect on this exploit? But I use FF with uBO so I don't care, apparently.
My take away was the bad guys have found a way to continue tracking you site-to-site and to fingerprint your browser (tie those browsing activities to you individually) by using DNS to get around the browser setting
so if you do not have static ip address, the data mined is questionable. -- (paka)Patrick Shanahan Plainfield, Indiana, USA @ptilopteri http://en.opensuse.org openSUSE Community Member facebook/ptilopteri Photos: http://wahoo.no-ip.org/piwigo paka @ IRCnet freenode -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Patrick Shanahan wrote:
* David C. Rankin <drankinatty@suddenlinkmail.com> [11-22-19 11:03]:
My take away was the bad guys have found a way to continue tracking you site-to-site and to fingerprint your browser (tie those browsing activities to you individually) by using DNS to get around the browser setting
so if you do not have static ip address, the data mined is questionable.
No, there's no influence on the value of the tracked data. Trackers are detected by blockers via their name/domain. And blocked, if you want. So if you go to some.interesting.site, and thei try to include tracker code from evil.tracker.com, that is easily blocked. But if some.interestung.site *does* want the tracking, they put an entry in their own DNS server, e.g., cms.interesting.site, that relays to evil.tracker.com. The blocker thinks it belongs to interesting.site, and allows it. So the result is the same as if the blocker had not been active. It looks like FF has some hook that allows checking where the IP address that the DNS query delivers actually points to some host of interesting.site. Such code can detect this trick, but can as well fail on valid crossdirects for companies that have several domains. We'll have to see if the FF solution works without flaws, and when other browsers catch up on this. With Chrome of course the main question is whether 'be evil' Google *wants* to catch up. Recent activity suggests rather not :( -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
* Peter Suetterlin <pit@astro.su.se> [11-22-19 14:22]:
Patrick Shanahan wrote:
* David C. Rankin <drankinatty@suddenlinkmail.com> [11-22-19 11:03]:
My take away was the bad guys have found a way to continue tracking you site-to-site and to fingerprint your browser (tie those browsing activities to you individually) by using DNS to get around the browser setting
so if you do not have static ip address, the data mined is questionable.
No, there's no influence on the value of the tracked data.
Trackers are detected by blockers via their name/domain. And blocked, if you want.
So if you go to some.interesting.site, and thei try to include tracker code from evil.tracker.com, that is easily blocked.
But if some.interestung.site *does* want the tracking, they put an entry in their own DNS server, e.g., cms.interesting.site, that relays to evil.tracker.com. The blocker thinks it belongs to interesting.site, and allows it. So the result is the same as if the blocker had not been active.
It looks like FF has some hook that allows checking where the IP address that the DNS query delivers actually points to some host of interesting.site. Such code can detect this trick, but can as well fail on valid crossdirects for companies that have several domains. We'll have to see if the FF solution works without flaws, and when other browsers catch up on this. With Chrome of course the main question is whether 'be evil' Google *wants* to catch up. Recent activity suggests rather not :(
so still if my ip addr changes, ie: not static, the data will not relate to my previous address and thus not relate to me. -- (paka)Patrick Shanahan Plainfield, Indiana, USA @ptilopteri http://en.opensuse.org openSUSE Community Member facebook/ptilopteri Photos: http://wahoo.no-ip.org/piwigo paka @ IRCnet freenode -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Fri, 22 Nov 2019 15:11:15 -0500 Patrick Shanahan <paka@opensuse.org> wrote:
* Peter Suetterlin <pit@astro.su.se> [11-22-19 14:22]:
Patrick Shanahan wrote:
* David C. Rankin <drankinatty@suddenlinkmail.com> [11-22-19 11:03]:
My take away was the bad guys have found a way to continue tracking you site-to-site and to fingerprint your browser (tie those browsing activities to you individually) by using DNS to get around the browser setting
so if you do not have static ip address, the data mined is questionable.
No, there's no influence on the value of the tracked data.
Trackers are detected by blockers via their name/domain. And blocked, if you want.
So if you go to some.interesting.site, and thei try to include tracker code from evil.tracker.com, that is easily blocked.
But if some.interestung.site *does* want the tracking, they put an entry in their own DNS server, e.g., cms.interesting.site, that relays to evil.tracker.com. The blocker thinks it belongs to interesting.site, and allows it. So the result is the same as if the blocker had not been active.
It looks like FF has some hook that allows checking where the IP address that the DNS query delivers actually points to some host of interesting.site. Such code can detect this trick, but can as well fail on valid crossdirects for companies that have several domains. We'll have to see if the FF solution works without flaws, and when other browsers catch up on this. With Chrome of course the main question is whether 'be evil' Google *wants* to catch up. Recent activity suggests rather not :(
so still if my ip addr changes, ie: not static, the data will not relate to my previous address and thus not relate to me.
I rather think that you're missing the point. The data has nothing to do with your IP address. It is a cookie planted on your machine by one site that can be retrieved by software [apparently] on other sites that identifies you. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 22/11/2019 21.11, Patrick Shanahan wrote: ...
so still if my ip addr changes, ie: not static, the data will not relate to my previous address and thus not relate to me.
The IP is just one data point, they have others that track you. Like the unique advert ID the browser has. If you login to google once, some cookies may keep your identity. Ditto facebook, amazon... Amazon finds out the google searches you do and can send you emails about "based on your searches, perhaps you'd like to look at these:" - -- Cheers / Saludos, Carlos E. R. (from 15.1 x86_64 at Telcontar) -----BEGIN PGP SIGNATURE----- iF0EARECAB0WIQQZEb51mJKK1KpcU/W1MxgcbY1H1QUCXdhEgwAKCRC1MxgcbY1H 1fJeAJ90QQiSeEmyj2rp3Czatgk3MjAyoQCbBiD9fXqhuTly4tjsMpTLzNshKmY= =AZ/A -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Fri, 22 Nov 2019 21:26:44 +0100 "Carlos E. R." <robin.listas@telefonica.net> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 22/11/2019 21.11, Patrick Shanahan wrote: ...
so still if my ip addr changes, ie: not static, the data will not relate to my previous address and thus not relate to me.
The IP is just one data point, they have others that track you. Like the unique advert ID the browser has.
If you login to google once, some cookies may keep your identity. Ditto facebook, amazon... Amazon finds out the google searches you do and can send you emails about "based on your searches, perhaps you'd like to look at these:"
I don't have a google account because I don't (no longer) trust them. But how do amazon follow my google searches? A link would be fine. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 22/11/2019 22.53, Dave Howorth wrote:
On Fri, 22 Nov 2019 21:26:44 +0100 "Carlos E. R." <robin.listas@telefonica.net> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 22/11/2019 21.11, Patrick Shanahan wrote: ...
so still if my ip addr changes, ie: not static, the data will not relate to my previous address and thus not relate to me.
The IP is just one data point, they have others that track you. Like the unique advert ID the browser has.
If you login to google once, some cookies may keep your identity. Ditto facebook, amazon... Amazon finds out the google searches you do and can send you emails about "based on your searches, perhaps you'd like to look at these:"
I don't have a google account because I don't (no longer) trust them. But how do amazon follow my google searches? A link would be fine.
I don't have one, just that I noticed they do by the effects. I guess they have scripts loaded on the pages you open that tell them, maybe from adverts. It stopped when I prohibited FF from accepting any amazon cookie; then to open Amazon I use a different FF profile, where cookies are accepted. Similarly, to login to google I use yet another profile. - -- Cheers / Saludos, Carlos E. R. (from 15.1 x86_64 at Telcontar) -----BEGIN PGP SIGNATURE----- iF0EARECAB0WIQQZEb51mJKK1KpcU/W1MxgcbY1H1QUCXdiNiAAKCRC1MxgcbY1H 1W+yAJ4sOv8wpnrxTKJCvJ8fWulILTQxqACcCkvf0fXh1xu1n7L4NfbiOjsNP/I= =Etbc -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 11/22/19 7:38 PM, Carlos E. R. wrote:
If you login to google once, some cookies may keep your identity. Ditto facebook, amazon... Amazon finds out the google searches you do and can send you emails about "based on your searches, perhaps you'd like to look at these:"
I don't have a google account because I don't (no longer) trust them. But how do amazon follow my google searches? A link would be fine.
I don't have one, just that I noticed they do by the effects. I guess they have scripts loaded on the pages you open that tell them, maybe from adverts.
It stopped when I prohibited FF from accepting any amazon cookie; then to open Amazon I use a different FF profile, where cookies are accepted. Similarly, to login to google I use yet another profile.
- -- Cheers / Saludos,
Carlos E. R.
That's a reason I use duckduckgo as my searcher -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (7)
-
Carlos E. R. -
Dave Howorth -
David C. Rankin -
Josef Fortier -
Patrick Shanahan -
Peter Suetterlin -
Stevens