2 minutes reading time (343 words)

URGENT - New Uncloaking API available now.....

computer-2038627_1280

New Art of Trackers in the wild - via CNAME-Cloaking 

The fight against privacy goes into the next round. 

 We have just found the following information regarding a new development in tracker detection that ties in really well with our current releases of the Privacy Cookbook.

A new webext API `dns` is available on Firefox 60+ only.

The new API enables the 'uncloaking' of the real
hostname being used in network requests.

Four advanced settings have been created to control the
uncloaking of actual hostnames:

cnameAliasList: a space-separated list of hostnames.
Default value: unset => empty list.
Special value: * => all hostnames.
A space-separated list of hostnames => this tells uBO
to "uncloak" the hostnames in the list will.

cnameIgnoreList: a space-separated list of hostnames.
Default value: unset => empty list.
Special value: * => all hostnames.
A space-separated list of hostnames => this tells uBO
to NOT re-run the network request through uBO's
filtering engine with the CNAME hostname. This is
useful to exclude commonly used actual hostnames
from being re-run through uBO's filtering engine, so
as to avoid pointless overhead.

cnameIgnore1stParty: boolean.
Default value: true.
Whether uBO should ignore to re-run a network request
through the filtering engine when the CNAME hostname
is 1st-party to the alias hostname.

cnameMaxTTL: number of minutes.
Default value: 120.
This tells uBO to clear its CNAME cache after the
specified time. For efficiency purpose, uBO will
cache alias=>CNAME associations for reuse so as
to reduce calls to `browser.dns.resolve`. All the
associations will be cleared after the specified time
to ensure the map does not grow too large and too
ensure uBO uses up to date CNAME information.


This facility is disabled by default at present but these instructions will allow advanced users to make immediate use of it.

With NextDNS you are protected but with the information and API from this article you're moving it up a level.

Base information derived from uBO's github post plus the following article:

https://medium.com/nextdns/cname-cloaking-the-dangerous-disguise-of-third-party-trackers-195205dc522a

............posted in the interests of the privacy loving public at large!


 

Comments (0)

Rated 0 out of 5 based on 0 voters
There are no comments posted here yet

Leave your comments

  1. Posting comment as a guest. Sign up or login to your account.
Rate this post:
Attachments (0 / 3)
Share Your Location