Closed w0rmr1d3r closed 1 month ago
No! Why do many people want to block akamai's CDN? Apple uses akamai to distribute their services, if blocked Apple devices/products will not work properly. Please do not add these domains!
I agree with @bigdargon, you shouldn't block such "deep" CNAMES unless you want to paralyse something.
No problem on closing this issue. Quick question then, why are other similar domains within the lists? Aren't they blocking also Apple services?
Thank you everybody.
Closing.
Hello @StevenBlack & @bigdargon ,
can we go back to the question left unanswered:
why are other similar domains within the lists? Aren't they blocking also Apple services?
Why some get in the list and others don't?
Thank you
Ramon @w0rmr1d3r you're trolling us, right?
Please stop wasting our time. This is borderline open source maintainer abuse. So we're clear: we owe you absolutely nothing.
You're aware that Akamai is an ENOURMOUS cloud services company, right? Why would we not block Akamai? Because we're not stupid.
Reference: Akamai Technologies on Wikipedia.
Now please, go away.
Akamai Technologies blocks Tor users and FBI & NSA uses this firm to collect data from ordinary people on facebook without their consent. Sure as hell it goes into my blocklist, even if it can't go into offical blocklist
@w0rmr1d3r The Apple domains on the blocklist are exactly blocking the domains Apple uses to track and collect user data. The blocklist does not block Akamai CDN domains.
Akamai's CDN domain name may be constantly changing, we are not sure if services Apple (or non-Apple) use the same Akamai CDN domain CNAME.
For example, I have the domain www.apple.com
www.icloud.com
and x1.c.lencr.org
(Let's Encrypt digital certificate authentication domain)
; <<>> DiG 9.16.28 <<>> www.apple.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41150
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.apple.com. IN A
;; ANSWER SECTION:
www.apple.com. 295 IN CNAME www.apple.com.edgekey.net.
www.apple.com.edgekey.net. 772 IN CNAME www.apple.com.edgekey.net.globalredir.akadns.net.
www.apple.com.edgekey.net.globalredir.akadns.net. 1110 IN CNAME e6858.dscx.akamaiedge.net.
e6858.dscx.akamaiedge.net. 14 IN A 42.119.185.88
;; Query time: 0 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Mon Apr 15 23:41:31 SE Asia Standard Time 2024
;; MSG SIZE rcvd: 187
; <<>> DiG 9.16.28 <<>> www.icloud.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15490
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.icloud.com. IN A
;; ANSWER SECTION:
www.icloud.com. 2876 IN CNAME www-cdn.icloud.com.akadns.net.
www-cdn.icloud.com.akadns.net. 57 IN CNAME www.icloud.com-v1.edgekey.net.
www.icloud.com-v1.edgekey.net. 1420 IN CNAME e4478.dscb.akamaiedge.net.
e4478.dscb.akamaiedge.net. 20 IN A 184.29.96.56
;; Query time: 15 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Mon Apr 15 23:41:48 SE Asia Standard Time 2024
;; MSG SIZE rcvd: 173
; <<>> DiG 9.16.28 <<>> x1.c.lencr.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22057
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;x1.c.lencr.org. IN A
;; ANSWER SECTION:
x1.c.lencr.org. 76 IN CNAME crl.root-x1.letsencrypt.org.edgekey.net.
crl.root-x1.letsencrypt.org.edgekey.net. 2913 IN CNAME e8652.dscx.akamaiedge.net.
e8652.dscx.akamaiedge.net. 20 IN A 42.119.185.27
;; Query time: 15 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Mon Apr 15 23:42:05 SE Asia Standard Time 2024
;; MSG SIZE rcvd: 140
All 3 domains have CNAME records with the domain name akamaiedge.net
. So blocking Akamai's CDN domains could unintentionally block other affected Apple (or non-Apple) service domains.
If you believe your thinking is correct, use cloud services (NextDNS/ControlD/Adguard DNS..) or local DNS (Pi-Hole/Adguard Home..) to add domains you want to be blacklisted.
I see there are some domains related to akamaiedge in the hosts file: https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
However, I found out more of those domains that do tracking/ads based on recent browsing and ads being displayed in iOS apps.
These are the domains (they don't appear in the hosts file, already checked):
Hope those can be added.
Thank you :)