On the Internet!How does AdGuard scan the entire network to find hidden trackers

On the Internet! How does AdGuard scan the entire network to find hidden trackers

Since the content interception is very common, most of the tracking tools becomes some chicken ribs. However, the trend of improving and more using tracking tools in the market will have not reversible. Some of the way to collect user data, some of them are “don’t hoped”, and in turn, “That”.

CNAME is one of the fine. The CNAME record is also known as a standard name. This is a DNS recording method. It maps a domain name (alias) to another domain name (specification name) instead of maping the domain name directly to the IP address. This is the basic feature of millions of websites used to create special subdomains for different services (including, emails, search, etc.). For seamless transfer, the subdomain name and the primary domain are trusted as extent.

The so-called abuse of the basic principles of the above-mentioned basic principles have caused many other problems in addition to the worrying data collection.

When using the CNAME record, the external trace server can disguise the website sub-domain name trusted by the browser, so that the browser will track the cookie as “first party” cookie. Worse, vice versa. It turns out that cookies sent to the main domain can be shared to the disguised tracker. The third party accepts various data, including username, contact information, even used to identify sessions and log in to the website authentication cookie.

Based on the recent, the authors are Yana Dimova, Gunes Acar, Wouter Joosen, Tom Van Goethemat and Lukasz Olejnik, which can be detected on 95% of the tracking website to detect cookie leaks. This paper emphasizes that CNAME invisible tracking of spoofing basic network security can lead to privacy and other network security.

The browser cannot protect users from CNAME invisible tracking. However, the content interceptor is ok. UBO for AdGuard, AdGuard DNS and Mozilla Firefox can be able to intercept this type of “invisible tracker”. However, due to the limitations of Chrome, Chromium, and Safari, ordinary extension cannot dynamically resolve the host name and remove the tracker. The extended filter list is still limited. In addition, it is difficult to imagine that someone will go to view the entire network to detect CNAME-based invisible trackers and write a “perfect” filter list.

However, AdGuard has conducted this network scan. Thanks to us and a series of indiscriminate and browser-intercepted tools, we can efficiently search “Hunter” (track tracker), record and intercept them. Now we write a complete list of the CNAME invisible tracker that is known. This list is to be used as an AdGuard anti-tracking protection filter. There is currently the most complete automatic updated 6000+ project. This list will be updated regularly to closely follow the new tracking technology and add them to the list.

On Github, we have released this list, so other content interceptors are also available. We are very happy to see this effort has been returned, which has added our list.

Does this mean that the CNAME invisible tracking problem is completely solved? Unfortunately, it is still not. We plan to update the list at any time, but the number of invisible trackers will continue to increase. As a result, the number of intercept rules will continue to increase. The problem is that the number of Safari and Chrome restricts the number of interception rules in an attempt to fully control content, and are arranged in Manifest V3). Therefore, we can see that 50,000 rules of Safari are only enough to protect themselves from advertising, trackers, and other network threats. One day will be one day, this rule will look very stretched, so that users cannot protect online threats. More importantly, this day is far more than you think!