welcome[bot]
commented
3 years ago Hello! Thank you for opening your first issue in this repo. Itβs people like you who make these host files better!
Closed piengeng closed 3 years ago
welcome[bot]
commented
3 years ago Hello! Thank you for opening your first issue in this repo. Itβs people like you who make these host files better!
StevenBlack
commented
3 years ago Thank you Henry @piengeng.
Added in commit 7ad72d76.
Closing.
ghost
commented
3 years ago @StevenBlack, how do you verify these actually unwanted sites? Any tests? Just curious to this whole process
Thanks for making my life better
piengeng
commented
3 years ago @bnainar I think there's too much for a single person to verify every single entries, I propose those because of my own testing, and personally added those to my pihole's blacklist and hoping others that uses this list could benefit from it. I sure hope the community could prove me wrong on those urls
StevenBlack
commented
3 years ago Hi Nainar @bnainar,
Mostly I rely on curators who've been regularly maintaining their own lists for a long time.
For ad-hoc additions like those in commit 7ad72d7 I typically check several things.
track.venatusmedia.com (as above) which screams, "block me!".Often it's just instinct π
zchrykng
commented
3 years ago Just ran into legit videos being blocked by videos-fms.jwpsrv.com
Not sure what your process is for reviewing things like this, but it is blocking legit videos in at least one app. I've added it to my white list for now, and maybe it is something I should address with the developers of the app, I assume they are unaware they are sharing a domain with people hosting video ads.
StevenBlack
commented
3 years ago Hi Zachary @zchrykng thank you for your observation.
To clarify, it doesn't matter if legit videos β however that's defined β are blocked. If the domain vehicles their users, or other scam behavior, then it's blocked.
Sometimes sites use scam behavior as a prerequisite for providing service. For example, we all could say "legit website x blocks me because of my ad blocker."
Our purpose is preventing scam behavior.
zchrykng
commented
3 years ago Acknowledged.
I will reach out to the developers of the app that is being impacted.
The videos that are being blocked arenβt ads and the site as a whole still functions, just the cdn they are using for their own videos appears to be black holed by this rule.
If it would be possible to get information about the bad stuff coming from the same domain, I would appreciate it for when I talk to them.
zchrykng
commented
3 years ago Okay, removing this comment for now. Doing some more digging into exactly what is happening with this app. The videos aren't hosted here, so I'm unsure why the domain is being hit.
piengeng
commented
3 years ago @zchrykng jwpsrv.com seems like part of jwplayer.com, if you study jwplayer.com it says "Maximize Ad Revenue". I would normally go for (.|^)jwpsrv.com as some app shows unwarranted videos during an article read, and it's damn annoying.
zchrykng
commented
3 years ago Thank @piengeng, good info. I know they arenβt trying to monetize this, might just be an issue with the configuration or possibly they are using it for analytics.
StevenBlack
commented
3 years ago This is all-good Zachary @zchrykng.
Maybe listing videos-fms.jwpsrv.com is Type I error here... Is that specific domain a vector? I'd love to know.
zchrykng
commented
3 years ago I'm not aware of specific apps that are serving ads using this package. The app I know that was being impacted definitely isn't serving ads this way. I'm not sure how to check the connections that iOS apps are making though. Only way I was able to identify the issue was looking at my pihole logs.
piengeng
commented
3 years ago now i'm interested haha, Zachary, can you share what's the mentioned iOS app? and what sites are your visiting using the app? I don't own apple product, but recent apple's ad on tracking prevention on iOS at https://youtu.be/8w4qPUSG17Y is super interesting, maybe i'll find the same app for android and play around... no promises..
liamengland1
commented
3 years ago The jwpsrv block is too broad. Here it breaks this video. https://videos.space.com/m/is17aq8U/4-000-comets-discovered-by-sun-observatory-here-are-nasas-favorites?list=9wzCTV4g
dnmTX
commented
3 years ago The jwpsrv block is too broad. Here it breaks this video. https://videos.space.com/m/is17aq8U/4-000-comets-discovered-by-sun-observatory-here-are-nasas-favorites?list=9wzCTV4g
Steve @StevenBlack i can confirm that,maybe is for the best to remove it from here.
piengeng
commented
3 years ago LE, I've tried whitelisting the two videos*.jwpsrv.com, the video is still blocked, this is some magic trick by jwplayer haha, my guess it's something else... the plot thickens
piengeng
commented
3 years ago i think space.com is trying to monetize videos published by NASA https://www.nasa.gov/feature/goddard/2020/4000th-comet-discovered-by-esa-nasa-solar-observatory using jwplayer's ad solution, nevertheless, i respects Steven's work and his decision. pihole is super great, I'll keep videos-*.jwpsrv.com in my blacklist.
zchrykng
commented
3 years ago now i'm interested haha, Zachary, can you share what's the mentioned iOS app? and what sites are your visiting using the app? I don't own apple product, but recent apple's ad on tracking prevention on iOS at https://youtu.be/8w4qPUSG17Y is super interesting, maybe i'll find the same app for android and play around... no promises..
It is Bible Stories for the Young android version is here
I was in contact with them last night and it appears that a support request to jwplayer changed the url they are hitting, but it is still blocked by another rule. The new url is videos-cloudflare.jwpsrv.com.
dnmTX
commented
3 years ago @piengeng this is the whole link that it's blocked:
https://videos-fms.jwpsrv.com/0_60ac8636_0x9d2d82fe5de3bf5899607ab38f22876288546a7d/content/conversions/xTYS7F8k/videos/is17aq8U-27818552.mp4.m3u8
....whithout it,ain't no video:
EDIT: I can confirm after removing the domain.clearing out the cache,video got stuck playing the first time but after refreshing the page it was all good !!!
piengeng
commented
3 years ago @dnmTX yup you're right, it might be too broad, as jwpsrv is serving both videos ads and videos created by others. @StevenBlack sorry mate, you might have to make the tough decision. sigh, this reminds me of the good old days when pihole could block youtube app's ads.. guess every video platforms will function in this way now.
StevenBlack
commented
3 years ago Thanks everybody, so what's the consensus? What's best? Remove videos-fms.jwpsrv.com?
piengeng
commented
3 years ago think is both videos-fms.jwpsrv.com and videos-cloudflare.jwpsrv.com
my concern for Steven is that later on, people will keep bugging you to remove it, lol, i think since i'm the only one wishing it to be blocked, so be it. My takeaway is this jwpsrv.com will block for life personally lol
ghost
commented
3 years ago @StevenBlack Thanks everybody, so what's the consensus? What's best? Remove videos-fms.jwpsrv.com?
We block domains that do tracking and is adware. If we apply the same logic, we may not be able to see YouTube videos
dnmTX
commented
3 years ago Thanks everybody, so what's the consensus? What's best? Remove videos-fms.jwpsrv.com?
π
P.S. Thanks to @llacb47 for finding a link so can be examined. Steve @StevenBlack i thought you decided not to add anything without context? Stick to it,please π
piengeng
commented
3 years ago after some soul-searching..
I'd like to stand my ground and explain why I think it's best to keep these 2 urls. I think it's a selfish and naive argument, and at the expense of everyone else's internet experience.
I think whoever that wish to see ads/videos hosted by videos-*.jwpsrv.com should whitelist these urls instead, this host file is created and maintained to block ads, NOT allow ads, if you wish to support these ads workaround by this company, you should manually do whitelisting. This list has blocked so many other ads companies especially competitors of jwplayer, so, why should this jwplayer deserves a pass? this might raise awareness amongst those that uses this hosts file
if every apps/sites that breaking because we stand our ground. it's wishful thinking, maybe they'll separate out legit vs ads videos, eventually, it might be those kind of social experiment like gamestop/bitcoin. How about we wait for a month or a year? see if there's any more feedbacks from at least some percentage out of 18k starred individuals?
unless some conspiracies like jwplayer pays microsoft/github to remove this repo... because it affects their bottomline.
piengeng
commented
3 years ago you know I'm perfectly fine if jwpsrv.com reach out to Steven and offer him a couple of millions USD or few bitcoins just to remove these 2 urls. maybe also the very first original entry g.jwpsrv.com hehe
zchrykng
commented
3 years ago if every apps/sites that breaking because we stand our ground. it's wishful thinking, maybe they'll separate out legit vs ads videos, eventually, it might be those kind of social experiment like gamestop/bitcoin. How about we wait for a month or a year? see if there's any more feedbacks from at least some percentage out of 18k starred individuals?
My biggest objection to this take is that these are broad enough to be catching services that are doing literally zero advertising.
Concerned that someone less technical than us is going to run into videos they actually want to see being blocked and be unable to diagnose what is going on.
StevenBlack
commented
3 years ago Dan @dnmTX my problem is, I don't use this video service so I can't judge. I also have limited bandwidth to devote to this particular issue. I just want to know the final recommendation, one way or another.
rkuijt
commented
3 years ago Apparently the University I'm affiliated with uses this service to host lectures. Due to the videos-fms.jwpsrv.com entry on the blocklist, these video's fail to load when using a pihole. A workaround would be to add a whitelist entry for this domain but adding this domain to the blocklist is a bit of a sledgehammer approach. Like blocking YouTube because they also serve ads, DNS blocking might not be a suitable approach for domains which served mixed purposes.
Adding this information as an example of a legit use-case impacted by the filter.
liamengland1
commented
3 years ago Yes, I think that it should be removed. I don't agree with @piengeng's reasoning
this host file is created and maintained to block ads, NOT allow ads, if you wish to support these ads workaround by this company, you should manually do whitelisting.
As three different people in this thread have shown, the domain is not exclusively used for ads. It's a CDN for JWPlayer customers.
Another video that's broken: https://www.independent.co.uk/news/world/americas/us-politics/kevin-mccarthy-marjorie-taylor-greene-holocaust-b1853573.html
Another: https://www.mediaite.com/tv/fox-friends-struggles-with-unsubstantiated-facts-and-wuhan-lab-leak-theories-penguins-or-pangolins/
More: https://eckharttolle.com/free-resources/
piengeng
commented
3 years ago @rkuijt you're just the right person for me to ask this, out of curiosity, I'm wondering if jwpsrv.com is owned by jwplayer.com, the university is paying according to https://www.jwplayer.com/tos/ "License Scope" ?
I'm just curious about the definition of adware. reminds me of duck-typing. if an ad company like JW Player create a video platform, licensed their product to promote video engagement some with ads some without, and serves ads based on the licensing model. so the philosophical question from me is, what is the ratio of ads to non-ads videos from single url, would be considered an adware for this video monetization platform?
what i'm trying to say is, logically if it's considered adware, then it should be kept, if not, it should be removed, so maybe i'm trying to switch the discussion to how adware is defined.
liamengland1
commented
3 years ago I'm wondering if jwpsrv.com is owned by jwplayer.com
Yes
https://www.whois.com/whois/jwpsrv.com
Organization: LongTail Ad Solutions, Inc.
https://www.jwplayer.com/privacy/
JW Player (legally known as LongTail Ad Solutions, Inc.)
piengeng
commented
3 years ago LongTail Ad Solutions. Inc. yeah i read it in wikipedia, turns out there's some history related to youtube as well, no wonder the mentions. Anyone propose youtube.com to this list before?
StevenBlack
commented
3 years ago Thanks everyone for all your input. I just merged #1665.
Ultimately Pull Requests speak π
piengeng
commented
3 years ago @StevenBlack yup ultimately the entity with the most to lose, aka, the advertising company, wins, the pull request is from people close to jwplayer.com . cdn serves ads too..
SageBrushes
commented
3 years ago @StevenBlack yup ultimately the entity with the most to lose, aka, the advertising company, wins, the pull request is from people close to jwplayer.com . cdn serves ads too..
Hey @piengeng, I think there is a fundamental misunderstanding of JW Player here. While some JW customers use the platform for serving ads, or monitoring their videos - the JW service provided via those domains are mostly for serving video content. Would you want to block all AWS domains? Probably not.
As it turns out, the majority of end-users who were affected by the addition of the two domains were students trying to watch education video content.
If you have any other concerns, please feel free to reach out to me - happy to have a conversation offline to address any concerns you have.
piengeng
commented
3 years ago @SageBrushes If jwplayer customer is paying jwplayer, isn't it a better if you separate out CDN, with the resources and money, jwplayer cannot separate the CDN between university usage and your commercial usage? Are you kidding me, I'm not sure why you want to give such an excuse. I find it hard to believe of what you're saying, and having big corporation to decides how community adblocker works, and never contribute in discussion and directly say it's a bug and cheeky pull request stunt.
I pray that you compensate fairly to the owner of this project.
SageBrushes
commented
3 years ago @piengeng what may seem like a simple feature request may actually be a fundamental change in a platform architecture. As you progress in your career you will be on the other side of this type of feature request conversation and laugh at his thread.
piengeng
commented
3 years ago @SageBrushes well put, the most perfect ad platform that cannot be changed.
rkuijt
commented
3 years ago @piengeng I can't provide any insights regarding contractual agreements between the university and JW Player. But even if I could, such information would probably be prohibited for public disclosure.
Regardless, I'll happily provide a bit of context which might help to put your discontent into perspective. According to some reputable sources [1], [2] it seems that Malware is defined as software with a malicious intent. E.g. software which is installed unknowingly and/or without consent and displays ads to the user. Like injecting advertisements in a browser.
From this perspective, software like freeware or websites which operate on ads do not fall into the adware category. For example, YouTube shows advertisements in video's, that doesn't make it adware.
Then there's JW Player. As far as I have distilled from their website they provide businesses the service to manage content through their CDN. Allowing organizations to focus on their primary business instead of having to maintain a media player and distribution platform. In addition, they seem to offer a feature so their customers can monetize their own content by displaying ads. Someone posted a link to a news website which is a perfectly valid use-case example. The news website serves their media but monetizes the content by displaying advertisements as the video plays. Kinda like YouTube does, but in this case, the news platform has full control over the advertisements (and probably keep a larger margin of profits).
Unfortunately blocking these services through DNS is not the solution as it renders the whole service unusable. The purpose of lists like this one is to allow blocking domains which purely serve advertisements or are related to malicious practices. Services with legitimate purposes which serve advertisements from the same domain unfortunately circumvent this type of filtering.
There are other solutions like DOM filtering or dynamic content analysis which try to identify ads by other means and might be better suited for this kind of advertisement blocking.
Hopefully this provides you some perspective π I'll refrain from further discussion on this topic here as the details are irrelevant to the actual Github issue.
[1] https://www.kaspersky.com/resource-center/threats/adware [2] https://www.malwarebytes.com/adware/
3xploiton3
commented
2 years ago please whitelist invol.co source: https://www.youtube.com/watch?v=xpuEQog7Xr4
0.0.0.0 xvtelink.com # ads with redirects 0.0.0.0 invol.co # tracking 0.0.0.0 36c4.net # redirect to go.trafficrouter.io 0.0.0.0 go.trafficrouter.io 0.0.0.0 track.venatusmedia.com # tracking 0.0.0.0 amptrack.dailymail.co.uk # tracking 0.0.0.0 mailmetromedia.amp.permutive.com #ad 0.0.0.0 videos-cloudflare.jwpsrv.com # video ads 0.0.0.0 videos-fms.jwpsrv.com # video ads