NotHereToPlayGames Posted February 2, 2022 Author Share Posted February 2, 2022 My approach is going to be different than @Sampei.Nihira 's approach. Sampei.Nihira is using UBO lists and I do not use UBO (or uMatrix) "lists". My approach, once I can physically SEE proof of CNAME trickery, is to use Proxomitron lists/filters to prevent the trickery. Link to comment Share on other sites More sharing options...
NotHereToPlayGames Posted February 2, 2022 Author Share Posted February 2, 2022 28 minutes ago, XPerceniol said: https://adguard.com/en/blog/cname-tracking.html https://blog.apnic.net/2020/08/04/characterizing-cname-cloaking-based-tracking/ Please note how OLD those articles are. We shouldn't think that the sky is falling and our computers aren't "secure" based on OLD articles stating THEORIES. That's why I want to see a real-life example and screencaps "blocking" the CNAME trickery and "not blocking" the CNAME trickery. Hulu and KISSmetrics were SUED over ETag "respawning" in 2011/2012 - so while ETag "respawning" is a THEORETICAL vulnerability, nobody does them anymore so why jump through hoops over THEORETICALS ??? Like I say, I want to see a "before and after" screencap to truly assess the "issue". 1 Link to comment Share on other sites More sharing options...
D.Draker Posted February 2, 2022 Share Posted February 2, 2022 The solution Dixel published about the key-logger and uBlock (and then quickly deleted it after your reply) isn't working anymore . It worked , yeah . But not anymore after I updated the ublock . Don't get me wrong , I had to because of the new twitter CEO of Indian origin. Could you please offer us a simple solution to block the logger with ublock ? Thank you ! Link to comment Share on other sites More sharing options...
Dixel Posted February 2, 2022 Share Posted February 2, 2022 The solution works fine for me in 1.28 . Don't know about the later ones , but I wouldn't be surprised if they changed something again. 1 Link to comment Share on other sites More sharing options...
NotHereToPlayGames Posted February 2, 2022 Author Share Posted February 2, 2022 (edited) I can confirm that the "keylog" is being uploaded to MSFN servers. Why would we expect otherwise, I suppose. How? Because with Proxomitron I can "fake" my cookie by logging in, copying cookie contents, then logging out. Then I can use those cookie contents "in the future", a day, a week, a month, and see what the keylogger contained "yesterday" when accessing MSFN "today". The good news is that Proxomitron disables the keylogger by killing this "timer" (no uBlock required, just Proxomitron's default config in Advanced Mode) - Edited February 2, 2022 by NotHereToPlayGames Link to comment Share on other sites More sharing options...
D.Draker Posted February 2, 2022 Share Posted February 2, 2022 What I meant is that I'm looking for an easy solution with newer uBlock versions . While I respect the proxymitron. As of now , I had to revert to an older uBlock . Link to comment Share on other sites More sharing options...
NotHereToPlayGames Posted February 2, 2022 Author Share Posted February 2, 2022 Proxomitron is not going to be for everyone. My biggest thing is this, you can create uBlock rules to kill the keylogger on MSFN but that rule will do nothing for the 9,999 other sites that you visit where 1,234 of them are logging your keystrokes - you blocked the logger on 1 out of 1,234. But by killing the keylogger using Proxomitron instead, I have safeguarded myself on 1,000 of the 1,234 websites instead of just 1. Sure, there's still 234 out there still logging my keystrokes, but I've never visited them before and likely won't visit them in the future. And if I do visit one of them, I edit Proxomitron to include it also and now I'm up to 1,001. Drastic times call for drastic measures. Sure, it's only MSFN's keylogger "today", but will you catch the next web site that's logging your keys? 16 minutes ago, D.Draker said: I had to revert to an older uBlock . Kinda doesn't surprise me. I've often opted to keep "older" extensions and disable any-and-all "automatic updates". Link to comment Share on other sites More sharing options...
D.Draker Posted February 2, 2022 Share Posted February 2, 2022 https://helpx.adobe.com.adobe.reactor.dataElementCookiesMigrated Do you know what is this ? thanks , it's in the log file. Link to comment Share on other sites More sharing options...
NotHereToPlayGames Posted February 2, 2022 Author Share Posted February 2, 2022 What log file? Are you referring to MSFN.org? I'm not seeing any adobe.com links in my log here at MSFN.org - only cdnjs.cloudfare.com and www.googletagmanager.com which are both being blocked. 1 Link to comment Share on other sites More sharing options...
D.Draker Posted February 2, 2022 Share Posted February 2, 2022 Yep , right there . I just added it to the ublock and it's gone for now. Could they be serving different content . I mean , my IP is obviously different . Link to comment Share on other sites More sharing options...
NotHereToPlayGames Posted February 2, 2022 Author Share Posted February 2, 2022 Always a possibility. I've never seen anything but cdnjs.cloudfare.com and www.googletagmanager.com and I've always blocked both of them. Link to comment Share on other sites More sharing options...
NotHereToPlayGames Posted February 2, 2022 Author Share Posted February 2, 2022 Could also be an extention managing your cookies or passwords - do you have any extension for cookies or passwords? Link to comment Share on other sites More sharing options...
D.Draker Posted February 2, 2022 Share Posted February 2, 2022 No , I don't . But now I get this : https://helpx.adobe.com isStoragePolyfillNeeded The bloody polyfill !!! Link to comment Share on other sites More sharing options...
NotHereToPlayGames Posted February 2, 2022 Author Share Posted February 2, 2022 Ha! One more reason for me to stick with v11 for as long as I can. I wonder if v13 build 2206 does that polyfill crap? Or if it is only v13 build 2212 and higher and v13.5? Link to comment Share on other sites More sharing options...
NotHereToPlayGames Posted February 2, 2022 Author Share Posted February 2, 2022 I'm not getting the adobe.com stuff in v13.5 here so it must be related to ISP / IP. Link to comment Share on other sites More sharing options...
Recommended Posts