On Tue, Jun 11, 2013 at 08:14:57PM -0700, Rick Moen wrote:
Quoting Trent W. Buck (trentbuck@gmail.com):
...but there are always some who won't follow it, so I do this:
cat >>/etc/hosts 127.254.254.254 blocked.invalid twitter.com facebook.com google-analytics.com ...
there's also the abine do-not-track plugin for firefox and chromium which blocks tracking spyware. https://www.abine.com/dntdetail.php i use it in addition to Noscript and Adblock Plus. *.googleapis.com is also a worry...e.g. the number of sites that use jquery hosted from ajax.googleapis.com rather than their own local copy is astounding. don't they realise that that's yet another web bug that potentially allows their users' identities to be linked across multiple sites by google? or do they just not care? developer convenience trumps security. i've even seen sites that you'd think would know better, or where you'd expect the users to understand (or at least be paranoid about) web-bugs and tracking use jquery from googleapis.com. security sites, torrent sites, political sites. serious WTF moment when i started seeing that...do these sites WANT to look like false-flag sting operations? there's also a trend to make sites impossible to use without javascript. jquery and the like are no-longer just optional enhancements for those that want their data with a side-serving of bling and spyware, they're becoming mandatory if you want to access the data at all. static data with markup is vanishing and being replaced by executable client-side scripts. we're pretty much at the point where if you want to read something online, you have to allow it to read you too. most users don't know, and don't care. worse, they don't even know that they should care, least of all WHY they should care.
You might like my prototype BIND9 conffiles, which resolve locally a great many advertising, data-mining, and similar domains. http://linuxmafia.com/pub/linux/network/bind9-examples-linuxmafia.tar.gz
nice, but i would suggest a script to generate those zone definitions from a simple list of domains. it's easier and less error-prone to edit and manipulate (sed, perl, etc) an unformatted (one domain per line) list than it is to manually copy-paste-edit zone definitions. e.g. add 'include "/etc/bind/named.conf.ad-zones";' to named.conf and adding/updating the blocked zone list becomes: 1. edit ad-zones.list, 2. run "make". Makefile: all: named.conf.ad-zones named.conf.ad-zones: ad-zones.list make-ad-zones.pl ./make-ad-zones.pl ad-zones.list > named.conf.ad-zones rndc reload make-ad-zones.pl: #! /usr/bin/perl print "// auto-generated. do not edit. edit ad-zones.list instead\n\n"; while (<>) { s/#.*//; # strip comments s/\s+//g; # strip spaces next if /^$/; # skip empty lines chomp; print <<__EOF__; zone "$_" { type master; allow-query { any; }; file "/etc/bind/advertisers.zone"; }; __EOF__ }; ad-zones.list: # format: one domain per line # comments (#), spaces/tabs, and blank lines ignored. 2o7.com 247realmedia.com [...about 195 lines deleted...] zedo.com zephoria.com craig -- craig sanders <cas@taz.net.au> BOFH excuse #374: It's the InterNIC's fault.