this post was submitted on 12 Nov 2024
690 points (96.0% liked)

Memes

45719 readers
1253 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
gary_host_laptop@lemmy.ml
sexy_peach@feddit.de
cyclohexane@lemmy.ml
cypherpunks@lemmy.ml
690
SpyingOS (lemmy.ml)
submitted 1 week ago by GravitySpoiled@lemmy.ml to c/memes@lemmy.ml
42 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] undefined@lemmy.hogru.ch 1 points 1 week ago (2 children)

I’m a broken record: block Google (or whomever) with network-based blocking (IP and/or DNS), these guys have third-party tracking in virtually every website and app.

[–] _pi@lemmy.ml 1 points 1 week ago* (last edited 1 week ago) (1 children)

Almost every B2C company I've worked at, I've written or had my devs write proxies for whatever trackers we use. The reality is that every company to whom this data matters to figure out their business model will proxy their trackers. If they don't they need to fire their lead engineers.

It's actually pretty easy to disguise this traffic even to the point where you can use the originating server/cdn to interleave the tracking with the content source.

[–] undefined@lemmy.hogru.ch 1 points 1 week ago (1 children)

Proxy? Is it that hard to figure out how to bundle and serve assets from the same domain? 😂

[–] _pi@lemmy.ml 0 points 1 week ago (1 children)

It's not about serving assets it's about hiding telemetry from adblockers, dns filters, ip lists, etc.

[–] ReversalHatchery@beehaw.org 2 points 1 week ago

businesses are truly developing malware

[–] ReversalHatchery@beehaw.org 1 points 1 week ago (1 children)

as an additional measure, sure. but these blocks are not hard to circumvent, so it's not enough in itself

[–] undefined@lemmy.hogru.ch 1 points 1 week ago (1 children)

They’re not hard to circumvent, sure but then why am I so effectively blocking almost everything not tied to the “real” first-party domains?

[–] ReversalHatchery@beehaw.org 0 points 1 week ago (1 children)

because they don't yet circumvent it. but also, are you completely sure everything is blocked? DoT, DoH traffic and such?

[–] undefined@lemmy.hogru.ch 1 points 1 week ago* (last edited 1 week ago)

Well I MITM myself quite often to confirm it. I’m also smashing together hundreds of blocklists, and I always check the network tab of my browser’s developer tools and very rarely see anything coming from third-party domains.

Sure, sometimes assets are on the actual domain I’m visiting (or its CDN) but most of the time, even tracking scripts there are broken because they still call the blocked scripts.

By the way, it’s hilarious that everyone wants to fight so hard about this yet when someone says “use an adblocker” nobody says anything as if it’s the end-all solution.

I didn’t say “I have a bulletproof, surefire way to fix this.” I said “use network-based blocking.” However effective that is is up to the person implementing it; you have no idea how effective my setup is because you don’t have access to its configuration.