Add CNAME-cloaked trackers to uBlock Origin filter list

This list is a good addition to your uBO filter lists — AdguardTeam/cname-trackers

I believe this would be good because it addresses a common, yet none-too-much discussed, problem of trackers using CNAME to disguise their tracker domains. To avoid repeating what is already on the site, and because paraphrasing wouldn’t be an effective method of explaining, you can check out the GitHub here:

I feel that adding this to the import list is a good use of filters to avoid tracking that otherwise goes unnoticed and unmitigated by 95% of the community.

From Trackers and scripts Firefox blocks in Enhanced Tracking Protection | Firefox Help

By default, Firefox blocks the cookies that track your browsing activity across multiple websites. This includes cross-site tracking cookies set by ad, social media, and analytics companies. Other cookies, such as those that remember your login credentials or items in your shopping cart, are still permitted by default.

^ Above, you see that they do not address the CNAME-cloaked trackers.

How do I add this list to uBlock origin? is there a guide?

  1. Click uBO extension
  2. Click “Filter lists”
  3. Expand “Import” box
  4. Paste: https://github.com/AdguardTeam/cname-trackers/blob/855908ed4f388f91aabe271cf4dba05e04e72efa/data/combined_disguised_trackers_justdomains.txt into the box.
  5. Apply changes
3 Likes

In uBlock there is an option to uncloak CNAMES, do we actually need one more filter list?

“For all browsers, uBlock Origin blocks CNAME cloaking-based tracking on around 70% of websites. Adblock and Adblock Plus provide insufficient protection abilities for all browsers.” — Source

This isn’t 100% effective. It works on maybe 80-90%, and, tbh, even Dan Pollock’s list doesn’t block all the things, e.g., the Clickspring variant PurityScan.

Maybe a/the uBO owner or developers can weigh in. What is the point of all these filter lists? Malware and trackers always seem to find a way. CNAME-cloaking is just one of those tricks. If we’re being honest, again, I have seen malware droppers on gaming (mobile) websites where they use copy/pasted scripts from the Shadow Broker dump. Those sites target older browsers on older machines, but guess who updates their software? :eyes: