Closed johnozbay closed 4 years ago
That is a very nice find! Those are real tricky to find because of how they behave, they originate from the Akamaru mobile list.
Items have been whitelisted (this is the first case that would actually require me to implement a more advanced syntax for the whitelist. I wrote that on my to-do list).
Thanks!
[edit] added a containment for dynamic whitelisting these, permanent solution is still to-do..
Thanks a million for this! Deeply appreciate all the help! 🙏🏻
Hi there! 👋🏻
First off, thank you so much for all your efforts in making the internet a better place!
Looks like the
hostnames.txt
file has :s-usc1c-nss-223.firebaseio.com
ands-usc1c-nss-249.firebaseio.com
.These domains are general domains used by all Firebase platform customers. Firebase dynamically moves platform customers between subdomains to handle scaling. Here's an official explanation from a Firebase staff member on their forums (source) :
Q:
Staff Answer:
I believe my service/app Cryptee, an open-source on-device encrypted, privacy advocating, productivity tools service, which relies on Firebase (for things like websockets as a part of our real-time productivity tools, as well as fallback for censorship circumvention), got moved onto the
s-usc1c-nss-249.firebaseio.com
server to handle the load. And now users of these hosts lists are having issues accessing our platform.Having this domain blocked also means, other Firebase clients are (or will be) impacted by this as well, some of which include : NYTimes Interactive, HackerNews API, occasionally Mozilla Firefox itself and companies like NPR News, Lyft, Shazam, and more according to some quick search on the internet.
I can at least speak on behalf of my platform, Cryptee, where we don't have any ads, tracking, or anything alike.
If possible, it would be great if you could remove
s-usc1c-nss-223.firebaseio.com
ands-usc1c-nss-249.firebaseio.com
from the list as soon as possible. (and for future, if you have an editorial whitelist of domains, all domains following the samenss-###
pattern would be a great pattern to add there)Finally, if you know which specific service/company is using this domain for serving malicious content / ads, I'd be more than happy to take the lead and reach out to Firebase team to have it taken down altogether, so that others who use the cloud platform for good purposes can continue to do so.
Many thanks ✌🏻
In case if others stop by this issue in the future, we had this exact same issue here as well : https://github.com/StevenBlack/hosts/issues/1249 & https://github.com/StevenBlack/hosts/issues/1132