An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Previous Thread
Next Thread
Print Thread
Page 1 of 2 1 2
Internet privacy bonanza?
#23680 10/06/12 09:23 AM
Joined: Aug 2009
Likes: 15
OP Online

Joined: Aug 2009
Likes: 15
I use Cookie as my cookie "manager," and the v 3.0.6 update I just d/l'ed introduced a "bug" that may in fact be a bonanza for us and a major plus and selling point for it: Little Snitch has begun popping up multiple connection requests from WebProcess for every Web site I visit.

At first glance, this seems like a major nuisance, because sites are requesting that many, 5, 10, even more, connection requests be dealt with before leaving me in peace, but I've realized that most of the requests are to connect with the sites that plant the unwanted tracking caches we find in Safari > Prefs > Privacy > Cookies and other website data > Details, so maaaybe not.

What seems to have happened is that C has somehow contrived to enable LS to block tracking caches from reporting back to the sites that planted them.

True, this comes at the cost of having to enable the connections I want, but I can set "Forever" rules on both the wanted and unwanted connections and apparently breathe easier in the knowledge that a major tracking avenue has been shut down.

(Little Snitch, itself, introduced what was apparently the same "bug" a coupl'a years ago, but it was resolved long ago. I guess its flip-side went unnoticed)

Cookie's developer is approaching this as a bug at the moment, but I'm wondering whether he has in fact stumbled on gold?

All comment will be very much appreciated. smile

Edit: I just reinstalled Cookie, and the aberrant behavior has not recurred, but I'm still interested in everybody's thoughts on it.

Thanks.

Last edited by artie505; 10/06/12 09:33 AM.

The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Internet privacy bonanza?
artie505 #23707 10/07/12 08:34 PM
Joined: Aug 2009
Likes: 15
OP Online

Joined: Aug 2009
Likes: 15
Update: It's (miraculously?) back!

Little Snitch started popping up requests for WebProcess connections from pages that had already been loaded and reloaded right smack dab in the middle of a browsing session, and since I was aware of what was going on I paid attention and saw requests for connections to tracking site after tracking site pop up and presumably be denied forever. cool

I may never restart my deuced Mac(hina) again. grin

Update: And just like that, it's gone again (5:40 PM), but not before I took good advantage of it. smile  (I may have screwed up by quitting Safari, in which case I can maybe count on it to recur.)

Update 2: Took a walk, and it's back again... Beyond bizarre!!! confused

Update 3: And gone again about 5 minutes later. (Last post 'til I've got some sort of handle on this bizarre issue.)

Edit: Screenshot of my denied "Forever" connections.

Last edited by artie505; 10/07/12 10:07 PM.

The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Internet privacy bonanza?
artie505 #23734 10/09/12 07:44 PM
Joined: Aug 2009
Offline

Joined: Aug 2009
those deny's don't say what process is trying to make the connection, but it's via port 80 or 443 so it's probably web based. If you've told it to allow all traffic on those two ports it may shut up.

I've also ran into issues with LS where it keeps bugging me after I deny or allow, and it's caused by the process differing from the previous instance. That was due to a crazy bit of software that would copy off and then spawn a daemon when it needed to be used. When done it would delete it. so LS kept seeing them as new apps. There wasn't any easy way to deal with that unfortunately.


I work for the Department of Redundancy Department
Re: Internet privacy bonanza?
Virtual1 #23738 10/09/12 10:47 PM
Joined: Aug 2009
Likes: 15
OP Online

Joined: Aug 2009
Likes: 15
Originally Posted By: Virtual1
those deny's don't say what process is trying to make the connection, but it's via port 80 or 443 so it's probably web based. If you've told it to allow all traffic on those two ports it may shut up.

I mentioned in my original post that the guilty process was WebProcess, and the tooltip in my screenshot further identifies it.

But you've got it backwards, I don't want Little Snitch to shut up!

If you look carefully you'll see that all the denied connections are to tracking Web sites, and I'm perfectly happy with having to deal with each of them once to keep them from spying on me forever.


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Internet privacy bonanza?
artie505 #23749 10/10/12 07:40 PM
Joined: Aug 2009
Likes: 1
Offline

Joined: Aug 2009
Likes: 1
If you like the idea of tracking Web sites being forever inaccessible, there's an even better way than firewalling them. Drop them into your Hosts file on your computer.

The Hosts file, which is built into every Unix-based system, is a special text file. When the computer attempts to connect to a Web site, it consults the Hosts file before it does a name server lookup. If it sees the name of the server in the Hosts file, it uses what it sees there and doesn't look up the site on the name servers. (It's usually used as a means to assign computers on a LAN names and be able to look them up by name.)

If you edit your Hosts file to assign a name to the IP address 127.0.0.1, it will forever be unreachable by that computer. So for example if you add the line

127.0.0.1 doubleclick.com

to your computer's Hosts file, doubleclick.com will disappear into a black hole.

There's a Web site with a huge list of ad and tracking servers already pre-built into an OS X hosts file at

http://pgl.yoyo.org/adservers/


Photo gallery, all about me, and more: www.xeromag.com/franklin.html
Re: Internet privacy bonanza?
tacit #23752 10/12/12 06:42 AM
Joined: Aug 2009
Likes: 15
OP Online

Joined: Aug 2009
Likes: 15
Thanks...great!

I was aware of "Hosts," having used it to facilitate access to MFIF, but the thought of adding zillions of tracking sites to it, one at a time, made it a no-go. Your linked site, on the other hand, provides a huge list to be added in one quick shot, and is a most appealing avenue (which I'll probably travel once my Little Snitch issue has been resolved).

I took a quick look at the list and found that some items LS has highlighted are missing, but most is better than the none that now rules, and I can always add to it. (I don't see your "huge list of ad and tracking servers already pre-built into an OS X hosts file."

This seems to be an important missing link in the quest to attempt to nullify the "if you don't want to be tracked, stay off the Internet" mantra.

Edit: If I'm understanding you, LS, working in much the same, if not the same, manner, augments "Hosts?"

Last edited by artie505; 10/12/12 08:40 AM. Reason: ...and add link

The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Internet privacy bonanza?
artie505 #23776 10/15/12 04:25 PM
Joined: Aug 2009
Offline

Joined: Aug 2009
there are places you can go to download a prestocked HOSTS file so you don't have to manage them yourself. I played with that a bit, but a few client apps like adblock are much more self-maintaining and effective.


I work for the Department of Redundancy Department
Re: Internet privacy bonanza?
Virtual1 #23879 10/22/12 03:23 AM
Joined: Aug 2009
Likes: 15
OP Online

Joined: Aug 2009
Likes: 15
Originally Posted By: Virtual1
there are places you can go to download a prestocked HOSTS file so you don't have to manage them yourself. I played with that a bit, but a few client apps like adblock are much more self-maintaining and effective.

Got any links to share?

Thanks.


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Internet privacy bonanza?
artie505 #23913 10/24/12 05:03 PM
Joined: Aug 2009
Offline

Joined: Aug 2009
Originally Posted By: artie505
Originally Posted By: Virtual1
there are places you can go to download a prestocked HOSTS file so you don't have to manage them yourself. I played with that a bit, but a few client apps like adblock are much more self-maintaining and effective.

Got any links to share?

Thanks.


AdBlock for Safari

Click To Plugin (/Flash) for Safari

Those and other popular Safari plugins are available here at Apple


I work for the Department of Redundancy Department
Re: Internet privacy bonanza?
Virtual1 #23933 10/26/12 06:23 AM
Joined: Aug 2009
Likes: 15
OP Online

Joined: Aug 2009
Likes: 15
Thanks for the links, but I think we're on different wavelengths.

I'm already running both AdBlock and both ClickTos, but unless I'm mistaken, neither of them blocks the tracking caches shown in Safari > Prefs > Privacy > Cookies... > Details.

I think Ghostery tries to do what I'm looking for, but as far as I can tell its blocking of tracking cookies is subverted by the deployment of tracking caches.

tacit's linked hosts list seems to be the best (only?) option.


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Internet privacy bonanza?
tacit #24676 01/04/13 06:37 AM
Joined: Aug 2009
Likes: 15
OP Online

Joined: Aug 2009
Likes: 15
Thanks for the suggestion, but I'm not understanding something.

By way of example, even after I add 127.0.0.1 trankynam.com to my hosts file I can access the (XtraFinder) Website to check for updates, and it still plants a cookie when I do.

I assume I'm confusing functionalities, but how? Is it that hosts file's only functionality is that it prevents the cookie from corresponding with the Website?

Thanks.


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Internet privacy bonanza?
artie505 #24699 01/06/13 08:11 AM
Joined: Aug 2009
Likes: 1
Offline

Joined: Aug 2009
Likes: 1
If you put a Web site in the Hosts file and assign it the IP address 127.0.0.1, it for all intents and purposes vanishes as far as your computer is concerned. Your computer should not be able to find or communicate with that site at all.


Photo gallery, all about me, and more: www.xeromag.com/franklin.html
Re: Internet privacy bonanza?
tacit #24702 01/06/13 09:45 AM
Joined: Aug 2009
Likes: 15
OP Online

Joined: Aug 2009
Likes: 15
I just edited /private/etc/hosts to add FTM

Code:
##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting.  Do not change this entry.
##
127.0.0.1	localhost
255.255.255.255	broadcasthost
::1             localhost 
fe80::1%lo0	localhost
127.0.0.1 finetunedmac.com
127.0.0.1 addtoany.com
c. 1,300 further entries

and I was not blocked from FTM, which leaves me wondering whether any of what I did to that file is working as it's supposed to work.

Did I do something wrong...edit the wrong file, not restart, something else?

Thanks.

Edit: I tried restarting, but with no joy.

Last edited by artie505; 01/06/13 10:05 AM.

The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Internet privacy bonanza?
artie505 #24704 01/06/13 12:15 PM
Joined: Aug 2009
Likes: 3
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 3

Maybe try flushing the DNS cache? See OS X: How to reset the DNS cache.



dkmarsh—member, FineTunedMac Co-op Board of Directors
Re: Internet privacy bonanza?
dkmarsh #24709 01/07/13 06:05 AM
Joined: Aug 2009
Likes: 15
OP Online

Joined: Aug 2009
Likes: 15
Thanks for a good idea, but no joy. frown

(On a lark I uninstalled DNSCrypt, also no joy.)


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Internet privacy bonanza?
dkmarsh #24710 01/07/13 08:04 AM
Joined: Aug 2009
Likes: 15
OP Online

Joined: Aug 2009
Likes: 15
A Goole search found this, which led me to this, but neither the PERL command nor saving the file in BBEdit brought joy.

Edit: I couldn't figure out how to open the file in VIM.

Last edited by artie505; 01/07/13 08:04 AM.

The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Internet privacy bonanza?
dkmarsh #24711 01/07/13 10:25 AM
Joined: Aug 2009
Likes: 15
OP Online

Joined: Aug 2009
Likes: 15
Got it... Found it here (down towards the bottom)!

Quote:
William Kucharski
Re: /etc/hosts file not being used in Snow Leopard
Sep 30, 2009 3:10 AM (in response to Tex-Twil)
I'm not sure how you're typing "facebook.com", but if I add this line to /etc/hosts:

<pre>127.0.0.1 facebook.com</pre>

then do a:

dscacheutil -flushcache

I can no longer reach facebook.com, getting an error stating Safari cannot contact facebook.com.

However, the problem is that after doing that you can still access www.facebook.com.

I'm also assuming you have "Configure IPv6" set to "off" in your network interface's "Advanced-TCP/IP" tab.

Quad 2.5 GHz G5, 5 GB | 15" 2.6 GHz MBP Penryn, 4 GB | 1 TB Dual-Band TC, Mac OS X (10.6.1)

(Emphasis added)

I added finetunedmac.com to my hosts file, not www.finetunedmac.com.

Unfortunately, though, the answer creates a nightmare situation...

Not a single one of the 2,693 entries in either tacit's linked list or my own list of additions is preceded by www, so "n" Websites that I've assumed are blocked are not blocked at all. (I've tried a few of 2,693, but I'm not about to try them all; my own list has only got about 30 entries, so I will check them.)

And further, I've found that some items are "redirects" and adding the "sign-posts" to the hosts file is wasted effort.

Fooey!!! frown

(I'm going to advise the creator of the list of what I've found and see if he's got any ideas.)

Last edited by artie505; 01/07/13 11:31 AM. Reason: Fix link

The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Internet privacy bonanza?
artie505 #24712 01/07/13 11:32 AM
Joined: Aug 2009
Likes: 3
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 3

Quote:
Not a single one of the 2,693 entries in either tacit's linked list or my own list of additions is preceded by www...

Actually, a handful are, towards the bottom of the list, but regardless of that, it should be a simple matter to create a second list, with a text editor, by using find and replace.

For example, I used TextWrangler's Search menu -> Find… command, entered \r in the Find: text field and \rwww. in the Replace: text field, then clicked Replace All. This tells TextWrangler to replace every hard return with a hard return followed by www. (which means the very first entry needs the www. added manually, since no hard return precedes it).

The handful of entries which already include www. can be edited manually as well.



dkmarsh—member, FineTunedMac Co-op Board of Directors
Re: Internet privacy bonanza?
artie505 #24713 01/07/13 11:34 AM
Joined: Aug 2009
Likes: 15
OP Online

Joined: Aug 2009
Likes: 15
Originally Posted By: artie
Have you got any suggestions?

Originally Posted By: Peter Lowe
Yes - don't use it as a hosts file, use it as a block list for one of
the other formats. eg, with a nameserver.

and

Originally Posted By: Peter Lowe
There's lots of information on my page about different options for using
the list. It's not really intended as a hosts file; I don't have the
time or patience to maintain a proper hosts file, sorry. There are other
lists out there that do a better job of that.

The statement "# Ad server list for use with hosts files to block ads" at the top of the list is unfortunately worded, so I'll have to do some research and figure out how to make it work.


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Internet privacy bonanza?
dkmarsh #24714 01/07/13 11:43 AM
Joined: Aug 2009
Likes: 15
OP Online

Joined: Aug 2009
Likes: 15
Excellent!

A quick test suggests that a domain that doesn't need "www" will resolve to a URL without it and be blocked, but I'll test a bit more before following through.

Many thanks for the instructions.


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Internet privacy bonanza?
dkmarsh #24715 01/07/13 12:17 PM
Joined: Aug 2009
Likes: 15
OP Online

Joined: Aug 2009
Likes: 15
By the way, I forgot to mention that I think the linked list has Mac, rather than UNIX, line breaks, which, presumably, also affects its ability to function as hoped for.

I think that because the file size changed considerably when I saved it with UNIX line breaks in BBEdit.


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Internet privacy bonanza?
dkmarsh #24720 01/08/13 09:27 AM
Joined: Aug 2009
Likes: 15
OP Online

Joined: Aug 2009
Likes: 15
Originally Posted By: dkmarsh
[...] it should be a simple matter to create a second list, with a text editor, by using find and replace.

For example, I used TextWrangler's Search menu -> Find… command, entered \r in the Find: text field and \rwww. in the Replace: text field, then clicked Replace All. This tells TextWrangler to replace every hard return with a hard return followed by www. (which means the very first entry needs the www. added manually, since no hard return precedes it).

I made the change, but with an important difference: Your instructions placed www. at the beginning of each line when they should really precede the URLs, so I replaced \r and \rwww. with .1(space) and .1(space)www. in TW's "Find/Replace" window.

Despite the fact that I've saved my hosts file with UNIX line breaks I'm not sure whether I've got I've got UNIX or Mac breaks, because a BBEdit search for \n returns results for \r, but my file appears to be working, so...

What's confusing me now is that items that cannot be accessed from Safari's address bar by their URLs do appear in Safari > Prefs > Privacy > Cookies... > Details, so I'm not certain whether Safari is actually blocking their information collection.

And finally, it looks like this experiment has turned into a nightmare, because there are items on the list whose URLs should not include www., and they cease to be blocked after www. is added to them.

I guess I'll investigate Peter Lowe's Website and figure out how to use his list without appending it to my hosts file.

Aaargh!

Brainstorm: I think I've come up with a solution to the www./no www. issue. I simply added the list to my hosts file twice, one with and once without, and that seems to be working.


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Internet privacy bonanza?
artie505 #24721 01/08/13 11:58 AM
Joined: Aug 2009
Likes: 3
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 3

Quote:
I made the change, but with an important difference: Your instructions placed www. at the beginning of each line when they should really precede the URLs, so I replaced \r and \rwww. with .1(space) and .1(space)www. in TW's "Find/Replace" window.

Not sure I understand the distinction. In my original TextWrangler document—a copy and paste from this page—each line began with a URL, so placing www. at the beginning of each line did precede each URL with www.

As for your brainstorm: sorry I wasn't more explicit; my unstated assumption was that you'd combine the two into a single list.



dkmarsh—member, FineTunedMac Co-op Board of Directors
Re: Internet privacy bonanza?
dkmarsh #24722 01/08/13 12:20 PM
Joined: Aug 2009
Likes: 15
OP Online

Joined: Aug 2009
Likes: 15
We were working with different lists.

Yours doesn't incorporate the 127.0.0.1 that must precede each entry in the hosts file (as does tacit's linked list).

I originally misled myself into thinking that adding www. to an item would block its URL both with and without www., so appending both the www. and non-www. lists to my hosts file didn't appear to be necessary.

Peter Lowe's Web site suggests better ways to make use of the list than appending it to a hosts file, but they're beyond me, so I'll muddle along as best as I can.

In the meantime I'm still wondering whether those tracking caches are actually blocked from reporting back to the entity that placed them, otherwise this entire exercise will have been meaningless other than for its educational aspects.

Edit: The list without the 127.0.0.1 entries may work with a Nameserver, but that's one of the things I couldn't follow.

Last edited by artie505; 01/08/13 12:26 PM.

The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Internet privacy bonanza?
artie505 #24723 01/08/13 01:47 PM
Joined: Aug 2009
Likes: 3
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 3

Quote:
We were working with different lists.

Got it.

Quote:
...I'm still wondering whether those tracking caches are actually blocked from reporting back to the entity that placed them...

If I'm reconstructing the sequence of events correctly, your flushing of the DNS cache preceded your discovery of the distinction between www.-prepended and non-www.-prepended URLs in the hosts file, so unless you've flushed the DNS cache again, it might be premature to assess the success or failure of the venture.



dkmarsh—member, FineTunedMac Co-op Board of Directors
Page 1 of 2 1 2

Moderated by  alternaut, dianne, MacManiac 

Link Copied to Clipboard
Powered by UBB.threads™ PHP Forum Software 7.7.4
(Release build 20200307)
Responsive Width:

PHP: 7.4.33 Page Time: 0.044s Queries: 65 (0.032s) Memory: 0.7193 MB (Peak: 0.9075 MB) Data Comp: Zlib Server Time: 2024-03-29 10:09:59 UTC
Valid HTML 5 and Valid CSS