µBlock, a lean and fast blocker

Probably no FP for e.g. eulerian, a8.net, etc. even if are not dormant, but a question is when a (canonical) tracker is problematic. As I noted, ebis.ne.jp is often on affiliated links, which means if I wanna, say, download a whitepaper I have to allow it temporary. Another domain I suspect FP but don't have an evidence so far is acsweb-3dr1.dnp-cdms.jp on your list. I'm aware of this domain for about 2-3 years, this is seen in payment w/ certain credit card, together w/ online-metrix.net which is included in all major hosts files except for Dan Polloc's and even in Firefox's fingerprinting list (Disconnect). While this is surely for fingerprinting, its objective seems to be XSS prevention by checking session_id. Malwarebytes removed this domain from their blacklist. It seems I can still pay w/ this blocked, but in one case I got an error claiming payment might fail, tho actually it succeeded. I didn't know acsweb-3dr1.dnp-cdms.jp is a CNAME of h-dnp-cdms.online-metrix.net tho. The dnp-cdms.jp is used for 3D secure, and my uBO rules include
* acsweb-3dr1.dnp-cdms.jp * noop
* acsweb-pa.dnp-cdms.jp * noop
and also in My filters
!@@||acsweb-3dr1.dnp-cdms.jp/fp/
w/ comments of FP by EasyPrivacy, but its' commented out so probably I was not 100% sure if it's really FP as, you know, I can't repeat test when it comes to payment.

To give a clear evidence I have to wait until next payment (I rarely buy sth online tho).

 

I meant that I'm not aware of a lot of firewall software able to regularly fetch a list of IP addresses/networks and add them to a list to block. That can be scripted but again that's an additional hassle for the user (well, as it is currently).

Making ad blockers fetch DNS information to decide when to block would also reduce the lists to a few dozen entries and allow IP range blocking at the same time (since CNAME or IP blocking alone won't be enough) so I'm rooting for that.
dnscrypt-proxy already support it, uBlock Origin will too (source: somewhere in here, there's too much noise for me to fetch to relevant comment).

The “almost” is due to two things:

• The only-trackers list (the first one you mentioned) do not include third-party trackers hostnames used by first-party trackers since uBlock Origin (mostly Peter Lowe's list which is there by default) already blocks most of those. The trackers list do not have those removed if you're curious.
• The first list is generated daily using a quasi-daily source of DNS records, while the other ones are generated manually using a monthly source. The latter list include some outdated hostnames that the former don't.

By the way there seems to be some confusion with the multiple lists (variants) I offer. It's mostly due to their misleading names that I can't really change anymore since they're already widely used. I've updated the lists homepage to give clearer information about the difference in content and when you should use them (mostly: with which ad blocker).

You may have noted those are trackers from the company ThreatMetrix. When I suggested adding it to another CNAME blocklist, the maintainer summed up things very well:

I myself am hesitating to keep this on my list, since:

• It's not tracking for marketing or anything fattening the ogre
• As you just taught me, it makes payments partially fail (I have a non-liability clause on the license of the list, but I'd feel bad if the list caused someone to lose money)

On the other hand:

• There's really no proof that they only do what they say they do with our data
• In the events the company get hacked or something:
  • The collected data until then can be used for something else
  • Tracking scripts can be modified to do nasty things. Since they're first-party and as such "are more trusted by the browser" (Cross-Origin Resource Sharing, Same Origin Policy and Content Security Policy) and (again, as you just taught me) they seem to be on payment webpages (what a stupid idea in the first place btw), stealing payment credential probably could be one of those things.

I see why the adoption of this tracker (even just as a third-party) in tracking list is so disparate. What do you guys think?

 

Yes correct, this is what I added to my personal filters, but it still didn't help. And to be honest, I'm also not really sure if extensions are automatically updated in Vivaldi.

 

@okiehsch

I read elsewhere that updating the rules is creating problems for UBO Legacy.
Can you write something more also in these pages?
TH.

 

I notified some palemoon users about those upcoming problems https://github.com/DandelionSprout/adfilt/issues/7#issuecomment-572937742
That means that most filters in the "uBO-filters" list will not work at the moment for users with a legacy browser.

If gorhill accepts https://github.com/gorhill/uBlock/pull/3765 99.9% of the "uBO-filters" list will work again as expected.
Only one specific and very rare filter won't work.
https://github.com/DandelionSprout/adfilt/issues/7#issuecomment-573474026

 

PeerBlock can do that tho it has not been updated quite a while. Anyway uBO on Firefox, AdGuard Pro, or DNSCrypt-proxy users don't need to worry too much. Who are left are those Chromium and Mac/iOS users w/out perimeter blocking which are clearly majority. As you have telemetry data about those CNAME tracker, I'm inclined to propose to create a dedicated list for Safari contents blocker which has ridiculous 50k rules restriction, by including most popular CNAME tracker only.

I guess what you meant was subdomain blocking rather than regex as Peter' Low's doesn't utilize regex. Subdomain blocking means a rule

Code:

0.0.0.0 example.com

which is interpreted as

Code:

||example.com^

by uBO blocks all subdomains such as

Code:

a1.example.com
a2.example.com
...

Maybe keep blocking them until an issue is confirmed? I'm also wanna hear others' opinion about it.

@Rasheed187
You can see your uBO version on About this project tab of uBO. The current latest stable build for Chromium is v1.24.2. But my rule should work w/ even old versions (or anything which support ABP syntax, really). The fact that didn't work may mean another extension is interfering, or other. Maybe you can test if the issue appears on fresh uBO on fresh Firefox profile w/ everything default.

 

I found on mobile version of uBO uBlock Annoyances filter was moved to Annoyances section while on PC still in Built-in section. uBlock Experimental filter dissappeared too. Is this normal and by design?

 

This will happen on all versions of uBO over time. https://github.com/gorhill/uBlock/commit/0ae1e9b1fea8c1197ae09afef93b082ea1f8062b

 

Got it, thanks for clarifying.

[EDIT] Ha, I missed this closed issue.

 

You might want to have a look at this project. Some routines and sources used therein might also be useful for your purposes.

That said, I have the feeling that we're getting increasingly off-topic here. It's certainly worth an own thread!

 

@okiehsch

I installed the new uBlock Origin build "Legacy" v1.16.4.14.
I purged all caches.
I have the rules indicated with the red arrows out of the scheme:

Tips?

 

uBlockO legacy v1.16.4.14 Released (January 14, 2020)

 

That is expected after you purge all caches because of https://github.com/gorhill/uBlock/commit/0ae1e9b1fea8c1197ae09afef93b082ea1f8062b

Purging all caches will manually update the "assets.json" file. The file will auto update every 13 days, so every user will see the same behaviour over the next week or two.

 

TH.

 

Yes, it's a bit weird, might be some conflict. BTW, another thing that I can't figure out is why uBlock breaks techcrunch.com, it removes the sidebar. No such problem with ABP. I didn't find any block rules related to techcrunch.com in my filter list. The problem is that Tech Crunch uses an anti-adblocker, so it's able to spot ABP.

https://techcrunch.com/2020/01/15/m...or-subscription-products-to-generate-revenue/

 

Did you check with the logger?

 

I have never used the logger before, but I've just opened it and nothing shows up?

 

You have to hit the circle refresh button at top left to see for it to respond.

 

@Rasheed187 I really hope you to stop the habit of just putting a link and expect others will experience the same as you. The side bar is present here on both Firefox and Brave w/ both default and my custom settings.
View attachment 265474
Take a look at a template for issue report on uAssets: https://github.com/uBlockOrigin/uAssets/issues/6834
Even reports fulfills this are not always reproducible.
[EDIT] Somehow the image attached seems not to be viewable.

Yes, the logger need to be opened before you load a page, otherwise clear cache and reload. Also choose a proper tab w/ the upper-right window. The logger and picker will be your primary tools once you started a journey to take control of the web back; fixing issues caused by filter lists, blocking thousands of trackers passed through them, removing annoying popups, copy protection, anti adblock, etc. Only problem is there seems to be no good introduction of filter syntax in English, tho they can be used w/out knowing the syntax in theory. I mean these official guides were overwhelming when I started this journey so I instead relied on articles written in mother tongue which focuses only on very basics.

 

Hi,
Does New Edge need uBlock Origin Extra (same as Chrome)?

 

it does (along with ubo chrome).

 

Okay....same as Chrome. Thanks

 

no problem.

 

sidebar is blocked by umatrix if installed.

opus.analytics.yahoo.com

anyhow yahoo and included pages suck

 

I'm using µBO beta 1.24.3b8 in Medium mode and nothing's broken.

@142395 your advice is reliable and worth heeding.