ClearCloud hiccup > Vimeo half-blocked

Discussion in 'other anti-malware software' started by funkydude, May 28, 2011.

Thread Status:
Not open for further replies.
  1. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,854
    Tried to access vimeo.com with ClearCloud? You probably noticed that the website looks deformed. That's because the CSS (Cascading Style Sheet) is hosted off site on a Vimeo CDN (Content Delivery Network) at a.vimeocdn.com

    I have to wonder, how a major CDN site like this one can manage to be placed on the CC blacklist. (Don't bother to report the False Positive, I already have.)

    I really feel at a disadvantage here, I want a good DNS service that blocks malware, yet it seems despite CC's issues, it's still the best service available. There is obviously a gap in the market here yet other companies are not exploiting it?
     
  2. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    This is why I don't use a DNS service to block malware. It's just too much of a pain with false positives. I much prefer host files, which I can easily edit.
     
  3. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,854
    HOSTS files are only useful for situations where domain names remain constant, malware attacks are anything but that.
     
  4. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Considering that XSS attacks are very often through ads/popups I'd have to disagree. While a host file may not protect you against some newly hijacked site your DNS service likely won't either.

    DNS servers like clear cloud have some advantages over host files but I personally would never waste my time with one -- the advantages are few and very specific. I'm much more interested in getting the fastest DNS server and using other means to protect myself.
     
  5. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,854
    Well HOSTS files have been debated to death on these forums as I'm sure you know :p so I'd rather not get too into it. But this is my opinion you're more than free to disagree with:

    HOSTS files are simply flawed to the core. Firstly, they can only block actual domains, not IP's, which is a very common distributing method for malware according to websites that "list" malware domains.

    Secondly, they can only work on the domain level, they cannot block individual pages which leads me onto...

    ...Third, you cannot whitelist pages, just take a look at http://hg.fanboy.co.nz/file/d1cd578b315f/fanboy-adblocklist-stats.txt for an example of just how many whitelists are needed. Now I know what you will repond with "I've never noticed broken webpages". But if you browse the False Positive forums of adblock lists, you will realize just how badly whitelists are needed when blocking ads.

    About CC being innefective, well their FAQ's disagree.

    Like I stated you're free to disagree with all this but I'm not willing to debate the HOSTS file further :p
     
  6. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    It's not possible to directly create a whitelist for the HOSTS file, but if my memory serves me well, it's possible to use something like Hostsman to create an exclusion list, which is a sort of a whitelist, I'd say.

    DNS won't block IPs either, only domains.

    The HOSTS file has one advantage over, at least CC, which is the fact it allows the user to decide what goes in and gets out of the HOSTS file. If some domain the user wants to access is being blocked, then some DNS services don't even allow a direct way of reporting it, correct? CC does, but the user needs to wait a few hours. The HOSTS file allows a prompt action.

    Disclaimer: Not debating which one is better. Everyone is free to use whatever they want... even go "naked". :p
     
  7. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,854

    Woops, brain fart. I was thinking of TPL's/ABP(which can block IPs) vs HOSTS files for ad blocking and I'm confusing myself whilst spinning off topic from malware blocking :p
     
  8. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    :thumb:
     
  9. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Me either for the most part but I will say...

    Of course you can. I've had to edit my host file once before... it was easy. I simply did "Ctrl + F" deleted the entry and rebooted my router.
     
  10. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Thanks for reporting, I wouldn't have noticed it was ClearCloud blocking vimeocdn.com
    How did you find out?
     
  11. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,854
    I was at a friends house who happened to mention that for some reason Vimeo linked videos weren't displaying on his website in Firefox. He has a mac so I suggested he try Safari to which he told me he already tried and got the same result. Usually in cases of malformed sites your first instinct is "hit refresh" but since it was happening in 2 browsers, obviously that wasn't the solution :p To make things odder, he's windows laptop displayed the videos fine (default DNS settings).

    That pretty much confirmed a CSS delivery issue, I opened up firefox's web console to see the exact URL's being requested and noticed an error when parsing the CSS file, making firefox ignore it completely.

    At this point I had a hunch CC was blocking the domain since it was receiving HTML(the CC block page) instead of CSS. Firing up that domain confirmed my suspicions.
     
Thread Status:
Not open for further replies.