info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Tracking Protection's blocklists
149 views
Skip to first unread message
Georg Koppen
Jun 5, 2015, 7:44:07 AM6/5/15
to dev-p...@lists.mozilla.org
Hi,
recently, I was reading
http://ieee-security.org/TC/SPW2015/W2SP/papers/W2SP_2015_submission_32.pdf
lately and stumbled over:
"We use a subset of approximately 1500 domains from Disconnect's
privacy-oriented blocklist[...]."
I have two main questions with respect to this quote:
1) How is the subset determined? Where can I find the code (if there is
any) which is doing that?
2) How does Disconnect exactly determine which domains should be on this
blocklist in the first place? Where is the code or the rules governing
this process?
Reading
https://disconnect.me/help#does-disconnect-block-all-ads-is-it-an-adblocker
(which is the only relevant thing I found on Disconnect's webpage i this
regard) is actually pretty scary (as it is rather vague):
"Rather than block all advertisements, we only block the
privacy-invasive ads that invisibly track you and may be responsible for
distributing malware (malvertising) and other security threats."
(Yes, there is the additional exemption mentioned that tracking sites
won't land on the blocklist if they comply with DNT in a meaningful way.)
Georg
recently, I was reading
http://ieee-security.org/TC/SPW2015/W2SP/papers/W2SP_2015_submission_32.pdf
lately and stumbled over:
"We use a subset of approximately 1500 domains from Disconnect's
privacy-oriented blocklist[...]."
I have two main questions with respect to this quote:
1) How is the subset determined? Where can I find the code (if there is
any) which is doing that?
2) How does Disconnect exactly determine which domains should be on this
blocklist in the first place? Where is the code or the rules governing
this process?
Reading
https://disconnect.me/help#does-disconnect-block-all-ads-is-it-an-adblocker
(which is the only relevant thing I found on Disconnect's webpage i this
regard) is actually pretty scary (as it is rather vague):
"Rather than block all advertisements, we only block the
privacy-invasive ads that invisibly track you and may be responsible for
distributing malware (malvertising) and other security threats."
(Yes, there is the additional exemption mentioned that tracking sites
won't land on the blocklist if they comply with DNT in a meaningful way.)
Georg
Francois Marier
Jun 6, 2015, 6:49:38 AM6/6/15
to
On 05/06/15 23:43, Georg Koppen wrote:
> 1) How is the subset determined? Where can I find the code (if there is
> any) which is doing that?
We take the upstream list (currently Disconnect):
> 1) How is the subset determined? Where can I find the code (if there is
> any) which is doing that?
https://services.disconnect.me/disconnect-plaintext.json
(without the "Content" and "Legacy" categories) then we convert it to
the binary format that we need using this script:
https://github.com/mozilla-services/shavar-list-creation
after removing these entries (for compatibility reasons):
https://github.com/mozilla-services/shavar-list-exceptions
(only the ones which aren't commented-out).
> 2) How does Disconnect exactly determine which domains should be on this
> blocklist in the first place? Where is the code or the rules governing
> this process?
but I believe it was done manually. Other than their FAQ, I don't think
they have published anything else about their process.
Francois
ca...@disconnect.me
Jun 8, 2015, 1:21:14 PM6/8/15
to
Hi all,
Disconnecter here. This information about our list now appears on our FAQ, here. https://disconnect.me/help#where-can-i-find-disconnects-tracker-protection-list-and-how-is-this-list-created
We've been in the process of streamlining our FAQ / info on our site and in the process neglected to include the requested information, which we've made public in the past.
Regards,
Casey
Disconnecter here. This information about our list now appears on our FAQ, here. https://disconnect.me/help#where-can-i-find-disconnects-tracker-protection-list-and-how-is-this-list-created
We've been in the process of streamlining our FAQ / info on our site and in the process neglected to include the requested information, which we've made public in the past.
Regards,
Casey
0 new messages