Blocking Ads and Trackers

At the skankworks.net we take active measures to prevent advertising and tracking on our personal computers. All web access passes through a Squid caching proxy into which we have hooked the Squirm program to filter out-going requests. initially this seemed like it would be an impossible project, adding the domains of abusive advertisers and information gatherers could easily turn into an endless affair. Nevertheless, these companies and individuals, in spite of what they may think of themselves, have absolutely no right to use other people’s processing and storage power for their own ends. It’s little short of theft.

When we browse the web we use squirm to analyse where the web requests are actually going. Those that are genuinely going to the website we are visiting we allow out. Those requests that are generated in the background by websites which silently redirect our browsers to third-parties we filter. Any request that goes to an abusive corporate server or data-gatherer that intends to download executable scripts that gather personal data, we block. Permanantly. To speed up browsing we don’t drop the request and leave it to timeout, we redirect to an internal “dummy” web-server (10.118.3.100). This returns a small, cacheable, single-packet image that is displayed in our browsers to indicate an exclusion was activated.

Here then, are the regular expressions used at the skankworks to reclaim our bandwidth and keep abusive trackers off our network:

Updated 21 June 2015
Added tradedoubler.com and redintelligence.net – eliminates a huge number of IP address / geo-location based adverts.


regex ^http://.*\.motionhits\.com/.* http://10.118.3.100/erro
regex ^http://.*\.tradedoubler\.com/.* http://10.118.3.100/erro
regex ^.*\.ssl\.gstatic\.com/.* http://10.118.3.100/erro
regex ^http://.*\.google-analytics\.com/.* http://10.118.3.100/erro
regex ^http://.*\.ssl\.google-analytics\.com/.* http://10.118.3.100/erro
regex ^https://.*\.ssl\.google-analytics\.com/.* http://10.118.3.100/erro
regex ^https://.*\.google-analytics\.com/.* http://10.118.3.100/erro
regex ^http://.*\.doubleclick\.net/.* http://10.118.3.100/erro
regex ^.*\.googleadservices\.com/.* http://10.118.3.100/erro
regex ^http://.*\.telemetryverification\.net/.* http://10.118.3.100/erro
regex ^http://.*\.intergi\.com/.* http://10.118.3.100/erro
regex ^http://.*\.buysellads\.com/.* http://10.118.3.100/erro
regex ^http://.*\.geo\.kontagent\.net/.* http://10.118.3.100/erro
regex ^.*\.ssl\.gstatic\.com/.* http://10.118.3.100/erro
regex ^http://.*\.doubleclick\.net/.* http://10.118.3.100/erro
regex ^http://.*\.googleadservices\.com/.* http://10.118.3.100/erro
regex ^http://.*\.google-analytics\.com/.* http://10.118.3.100/erro
regex ^https://.*\.google-analytics\.com/.* http://10.118.3.100/erro
regex ^http://.*\.accounts\.google\.com/.* ://10.118.3.100/erro
regex ^http://.*\.googleusercontent\.com/.* http://10.118.3.100/erro
regex ^https://.*\.googleapis\.com/.* http://10.118.3.100/erro
regex ^http://.*\.googletagmanager\.com/.* http://10.118.3.100/erro
regex ^http://.*\.googletagservices\.com/.* http://10.118.3.100/erro
regex ^https://.*\.googlesyndication\.com/.* http://10.118.3.100/erro
regex ^http://.*\.revsci\.net/.* http://10.118.3.100/erro
regex ^http://.*\.scorecardresearch\.com/.* http://10.118.3.100/erro
regex ^http://.*\.effectivemeasure\.net/.* http://10.118.3.100/erro
regex ^http://.*\.googlesyndication\.com/.* http://10.118.3.100/erro
regex ^http://.*\.adtech\.de/.* http://10.118.3.100/erro
regex ^http://ad\.search\.ch/.* http://10.118.3.100/erro
regex ^http://.*\.adition\.com/.* http://10.118.3.100/erro
regex ^http://.*\.facebook\.com/.* http://10.118.3.100/erro
regex ^http://.*\.ookia\.com/.* http://10.118.3.100/erro
regex ^http://.*\.technoratimedia\.com/.* http://10.118.3.100/erro
regex ^http://.adserving\.cpxinteractive\.com/.* http://10.118.3.100/erro
regex ^http://.optimost\.com/.* http://10.118.3.100/erro
regex ^http://.*\.adtechus\.com/.* http://10.118.3.100/erro
regex ^http://d\.thelocal\.com/.* http://10.118.3.100/erro
regex ^http://ajax\.googleapis\.com/.* http://10.118.3.100/erro
regex ^http://.*\.adtiger\.de/.* http://10.118.3.100/erro
regex ^http://.*\.adnxs\.com/.* http://10.118.3.100/erro
regex ^http://.*\.adform\.net/.* http://10.118.3.100/erro
regex ^http://.*\.oggifinogi\.com/.* http://10.118.3.100/erro
regex ^http://.*\.adap\.tv/.* http://10.118.3.100/erro
regex ^http://.*\.betrad\.com/.* http://10.118.3.100/erro
regex ^http://.*\.scorecardresearch\.com/.* http://10.118.3.100/erro
regex ^http://.*\.quantserve\.com/.* http://10.118.3.100/erro
regex ^http://.*\.yieldmanager\.com/.* http://10.118.3.100/erro
regex ^http://.*\.advertising\.com/.* http://10.118.3.100/erro
regex ^http://.*\.ad-srv\.net/.* http://10.118.3.100/erro
regex ^http://.*\.facebook\.net/.* http://10.118.3.100/erro
regex ^http://.*\.crwdcntrl\.net/.* http://10.118.3.100/erro
regex ^http://.*\.adzerk\.net/.* http://10.118.3.100/erro
regex ^http://.*\.donottrackplus\.com/.* http://10.118.3.100/erro
regex ^http://.*\.northworks\.de/.* http://10.118.3.100/erro
regex ^http://.*\.adspirit\.de/.* http://10.118.3.100/erro
regex ^http://.*\.serving-sys\.com/.* http://10.118.3.100/erro
regex ^http://.*\.mediaplex\.com/.* http://10.118.3.100/erro
regex ^http://.*\.cxsense\.com/.* ://10.118.3.100/erro
regex ^http://.*\.linksynergy\.com/.* http://10.118.3.100/erro
regex ^http://.*\.adshuffle\.com/.* http://10.118.3.100/erro
regex ^http://.*\.shareasale\.com/.* http://10.118.3.100/erro

This configuration has 158,900 hits in it’s local logs. That’s a hundred and fifty thousand unwanted page requests generated by abusive corporations blocked. What’s shocking about that figure, is that this is taken from the browsing habits of just one user over a year. On an average day, browsing the web, there are at least 446 unannounced attempts by corporations to surreptitiously collect private information.

The top ten worst offenders for this user are:

Graph of Blocked Tracking Requests

The exploit that these tracking companies use was once called ‘cross-site scripting’ and considered ‘hacking’. When a corporation does it though, it’s considered entrepreneurial and innovative. The available ad-blockers, in our opinion, are ineffective since they are defending only against the in-browser frontal attack. We go behind the lines and hit at all those things going on behind the browser that we’re not supposed to see.

The cost to setup the hardware to run this is less than $25, and it will pay for itself within months. Your browsing will not hang waiting for over-loaded tracking servers to keep up with you, neither will it lock up and prevent you seeing any content until the adverts have been displayed. It won’t stop all ads, of course. That would be impossible. But it knocks out about 80% of them.

Further, these requests will never be made and those who are trying to gather your data and/or spy on you will not even know you are there.

[update]
After a year of operation I have pleasantly discovered that the blocking of just a few domains will remove the majority of advertisements and tracking, and will dramatically speed up your browsing. You pay for your internet bandwidth out of your own pocket, so why would you want to allow others to use it for their own gain, while degrading your own performance? If others want to use your internet bandwidth to make money tell them they either have to pay you for it, or kick them off.

If you would like to know how you can use this to speed up and secure your own browsing please use the links below to send a question. You may freely download the attached blocklist for use in your own configurations.

[update 26-Nov-2015] Current Blocklist

You can use the following site to verify which hidden spies any webpage is sending you to. just paste in a web page address and it will show you every data-gather it is silently allowing to run scripts on your PC without your consent:

http://www.webpagetest.org/

Bitcoin accepted at 15XmhHshBvj3ANvLKEEnBxdj3gA8Dz35uN


Links
Facebook spying on private email – lawsuit

This entry was posted in General IT and tagged , , . Bookmark the permalink.