search

nextdns / metadata

This repository contains the data behind our Security, Privacy and Parental Control features.
https://nextdns.io
631 stars 138 forks source link

Blocklist suggestion: CNAME-cloaked trackers #601

Closed kdeldycke closed 3 years ago

kdeldycke commented 3 years ago

Most complete auto-updating repository of actively used hidden trackers. The list is to be updated on a regular basis to add new hidden trackers as they’re detected.

Source repository: https://github.com/AdguardTeam/cname-trackers

mojo333 commented 3 years ago

Definitely one to add to NextDNS. 6000+ entries compared to the 20+ entries in the NextDNS version https://github.com/nextdns/cname-cloaking-blocklist

crssi commented 3 years ago

I don't think this is applicable/valuable here. The list in OP is used for Chrome, Chromium and Safari, which are not able to reveal CNAMEs. But NextDNS does not suffer of this limitation and it can reveal CNAMEs.

But... let see what @romaincointepas have to say.

Cheers

romaincointepas commented 3 years ago

This is already handled by https://github.com/nextdns/cname-cloaking-blocklist, and appears as a specific and separate feature in NextDNS.

The reason they advertise the 6000+ is that I'm assuming their system is not able to block at the CNAME level, so they do something less ideal of scraping the web to try to list all QNAMEs pointing to those few CNAMEs, and try to keep this list as complete and up-to-date as they can.

Yuki2718 commented 3 years ago

IDK where they advertised the 6,000 number but AGDNS has been blocking at the cname level. As clearly stated in README, the whole point in this project is to help those unprotected user regardless what blocker they use. In fact EasyList author was contacted soon after the creation of repo despite AG products don't use EasyPrivacy by default. Please read first and don't fall into which-is-better discussion.

Yuki2718 commented 3 years ago

BTW looking at the your list, you may possibly be interested in adding these entities: https://github.com/AdguardTeam/cname-trackers/issues/1

romaincointepas commented 3 years ago

Closing as NextDNS is able to block at the CNAME-level, which is much more efficient and comprehensive than keeping a huge list of QNAMEs for just a few CNAMEs.

If anyone feel like we should be supporting additionnal CNAMES, please open an issue at https://github.com/nextdns/cname-cloaking-blocklist.