InformAction Forums

NoScripters and WebSec nerds of all lands, unite!
https://forums.informaction.com/

adlog

https://forums.informaction.com/viewtopic.php?t=8351

Page 1 of 4

adlog

Posted: Fri Mar 16, 2012 2:05 pm
by Guest
why does adlog get through?
no matter what i do on cnet i still get that adlog.com.com which comes with bs.serving-sys.com(a well known tracking cookie.)

Re: adlog

Posted: Fri Mar 16, 2012 5:44 pm
by therube
What is adlog.com.com?
Is it the same as a total aircraft maintenance recordkeeping system?

Where did this flight depart from?
And to where is it expected to arrive?

Re: adlog

Posted: Fri Mar 16, 2012 8:00 pm
by Guest
@ therube.
lol,but seriously.any help with this mess?

Re: adlog

Posted: Fri Mar 16, 2012 8:16 pm
by Giorgio Maone
https://addons.mozilla.org/en-US/firefo ... e-monster/

Similar to NoScript, but about cookies rather than about security and active content.

Re: adlog

Posted: Sat Mar 17, 2012 10:27 pm
by Guest
hello Giorgio Maone.
well,well the man himself.i just want to say:THANK YOU VERY MUCH FOR CREATING NOSCRIPT!!!
i would like to see more features,but i don't want to sign up for yet another website/forum.then,post once,or twice,& forget about it.(would be nice if people could suggest stuff without registering.)
it's a nice plugin,but i don't need it.i got a host file,& 3rd party cookies blocked.
it's just that adlog never used to get through until 5 weeks ago.(why now?)
as for the whole bs.serving-sys.com it's just an extra that bothers me.
what can i do to block adlog???

Re: adlog

Posted: Sun Mar 18, 2012 12:13 am
by Tom T.
Guest wrote:i would like to see more features,but i don't want to sign up for yet another website/forum.then,post once,or twice,& forget about it.(would be nice if people could suggest stuff without registering.)
You noticed that we allow guest posting here.

We figure anyone interested enough to make a suggestion for improvement ("RFE" = request for enhancement) would join.

For one thing, while many are useful and do in fact get implemented, a lot are junk , are already there, are dangerous, or would have been found in the NoScript FAQ and other readily-available documentation. If it's too easy to do drive-by suggesting ;) , the volume of those useless ones would probably multiply.
it's a nice plugin,but i don't need it.i got a host file,& 3rd party cookies blocked. what can i do to block adlog???
If it isn't already in your HOSTS file, add it. That's easy.

Re: adlog

Posted: Sun Mar 18, 2012 1:49 am
by Guest
@ Tom T.
i doubt my suggestions would be implemented.that's why i don't really bother.
i'm not a noob.i had been using noscript for a while,& scanned this site a lot.(faq especially.)
ofcourse adlog is in my host file,but it still gets through.
seriously,is there any help?if not,just tell me to give up.

Re: adlog

Posted: Sun Mar 18, 2012 3:04 am
by Tom T.
Guest wrote:@ Tom T.
i doubt my suggestions would be implemented.that's why i don't really bother.
You'd be surprised, and you really don't know until you try.

I make suggestions. Some get implemented; some don't. It's Giorgio's call. But scan the changelog for how many enhancements came from users.
ofcourse adlog is in my host file,but it still gets through.
Sounds impossible, but... (to be continued)
seriously,is there any help?if not,just tell me to give up.
Of course there is, but we need to see the URL of the site itself, where this happens.

And therube wasn't kidding. I did what he did -- tried www dot adlog.com, and got the aircraft-related company.

Just post one or more URLs where adlog is getting through.
And IIUC, it's not the *script* that's getting through, it's just the tracking cookie? You have adlog in your Untrusted list?

I just checked. My HOSTS provider has adlog in there. I'm not endorsing, you understand, but I use
http://www.mvps.org/winhelp2002/hosts.htm

It's in there as

Code: Select all

adlog.com.com
which is probably what differentiates it from the aircraft vendor. ;)

So if you can't find that in your Hosts file, just add

Code: Select all

0.0.0.0  adlog.com.com

Re: adlog

Posted: Sun Mar 18, 2012 5:47 pm
by Guest
@ Tom T.
okay,okay i will sign up later.
yes,it's adlog.com.com.not adlog.com
lol,i had been using mvps host for a while as well.(obviously adlog is in it's list.)
btw,shouldn't it be:127.0.0.1 adlog.com.com?
as i said,"it's on cnet."
here are the links:http://download.cnet.com/windows/ and news.cnet.com.
look for:Ad:Manage Packages With UPS My Choice at the very top of the page,wright before the search box.
not to mention,there is a bunch of adlog ads wright below the menus.(reviews,news,download...)
if you don't believe me.i can post pictures.

Re: adlog

Posted: Mon Mar 19, 2012 1:46 am
by Tom T.
Guest wrote:@ Tom T.
okay,okay i will sign up later.
Or at least, come up with some original nick. ;) If ten people post in the same thread, all using "Guest" as their name, it gets kind of confusing ... Image
btw,shouldn't it be:127.0.0.1 adlog.com.com?
Please see Giorgio's advice on correct HOSTS destinations, where Giorgio debates with the operator of MVPS Hosts. I like the HOSTS service, but Giorgio is the authority on what goes on inside a browser, LAN, or Internet, at least in my book. :ugeek: So use 0.0.0.0 or 255.255.255.0, as Giorgio advises.

Then please see Editing HOSTS away from 127.0.0.1 for the quick-and-easy way to do this.
here are the links:http://download.cnet.com/windows/ and news.cnet.com.
look for:Ad:Manage Packages With UPS My Choice at the very top of the page,wright before the search box.
Sorry, I don't see that ad. But that's probably because I didn't allow the scripting from com.com, or most of the other stuff either. TA'd only these:

(+ = allowed or TA; - = default-deny; ! = Untrusted, per Default Whitelist FAQ

Code: Select all

+cnet.com
+cbsistatic.com
-http://cdn.gigya.com
-gigya.com
-http://dw.com.com
]-com.com
-http://i.i.com.com
-http://js.revsci.net
-revsci.net
-http://platform.twitter.com
-twitter.com
-http://static.crowdscience.com
-crowdscience.com
!google-analytics.com
!bkrtx.com
!scorecardresearch.com
Note that com.com was in the script menu, and not allowed. Should be marked as Untrusted, clearly.

Also, com.com shows in RequestPolicy, another very useful add-on that complements NS, and blocks static content (still-image ads, for example), whereas NS focuses on security and *executable* content vs. privacy or ad-blocking per se -- even though it accomplishes a lot of the latter two, as "collateral benefit.) :)
if you don't believe me.i can post pictures.
If you don't beleive *me*, I can post pictures. :D

Re: adlog

Posted: Mon Mar 19, 2012 11:52 pm
by therube
> I don't see that ad.

Clearly there. (At download.cnet.com. news.cnet.com too, but I'm not actually seeing where? OK found it there too. It's just unobtrusive.)
You're blocking it with something (AdblockPlus will, or one of your other blockers).

> probably because I didn't allow the scripting from com.com, or most of the other stuff either

Nothing to do with it.


Perhaps, Inline Script Blockage ?
Or just that fact that it is not using <script>?

Code: Select all

<!-- LINK 1 START style:new -->
<div class="ad LAUNCH_PAD" id="ll_1">
<span class="ll_sponsored">Sponsored</span>
<h5 class="ll_title"><a href="http://adlog.com.com/adlog/c/t=2012.03.19.23.27.06&x-fid=206&r=6735&sg=579790&o=19409%253a&h=cn&p=2&b=6&l=en_US&site=4&pt=2000&nd=19409&pid=&cid=0&pp=100&e=3&rqid=00phx1-ad-e18:4F67B274FBAC7&orh=&oepartner=&epartner=&ppartner=&pdom=&cpnmodule=&count=&ra=69%252e138%252e77%252e2&pg=T2fAygoOYIwAABihzP0AAADU/http://www.iyogi.com/offers/diagnosis.html" target="_top">Call iYogi Before You Download</a></h5>
<p class="ll_copy">Call 1-855-886-0852 now, to get your PC checked before you download any software</p>
<a href="http://adlog.com.com/adlog/c/t=2012.03.19.23.27.06&x-fid=206&r=6735&sg=579790&o=19409%253a&h=cn&p=2&b=6&l=en_US&site=4&pt=2000&nd=19409&pid=&cid=0&pp=100&e=3&rqid=00phx1-ad-e18:4F67B274FBAC7&orh=&oepartner=&epartner=&ppartner=&pdom=&cpnmodule=&count=&ra=69%252e138%252e77%252e2&pg=T2fAygoOYIwAABihzP0AAADU/http://www.iyogi.com/offers/diagnosis.html" target="_top"><img src="http://i.i.com.com/cnwk.1d/Ads/common/CatSpot/icon_download.gif" alt="Call Now" class="icon" border="0" height="11" width="11"></a> <a href="http://adlog.com.com/adlog/c/t=2012.03.19.23.27.06&x-fid=206&r=6735&sg=579790&o=19409%253a&h=cn&p=2&b=6&l=en_US&site=4&pt=2000&nd=19409&pid=&cid=0&pp=100&e=3&rqid=00phx1-ad-e18:4F67B274FBAC7&orh=&oepartner=&epartner=&ppartner=&pdom=&cpnmodule=&count=&ra=69%252e138%252e77%252e2&pg=T2fAygoOYIwAABihzP0AAADU/http://www.iyogi.com/offers/diagnosis.html" target="_top" class="ll_underline">Call Now</a><img src="http://adlog.com.com/adlog/i/t=2012.03.19.23.27.06&x-fid=206&r=6735&sg=579790&o=19409%253a&h=cn&p=2&b=6&l=en_US&site=4&pt=2000&nd=19409&pid=&cid=0&pp=100&e=3&rqid=00phx1-ad-e18:4F67B274FBAC7&orh=&ort=&oepartner=&epartner=&ppartner=&pdom=&cpnmodule=&count=&ra=69%252e138%252e77%252e2&dvar=dvar%255fplatform%253dwindows%2523dvar%255fversion%253d2011&ucat_rsi=%2526&pg=T2fAygoOYIwAABihzP0AAADU/http://i.i.com.com/cnwk.1d/Ads/common/dotclear.gif" alt="" style="position: absolute; top: 0px; left: 0px;" height="0" width="0">
</div>
<!-- LINK 1 END -->

Re: adlog

Posted: Tue Mar 20, 2012 2:21 am
by Tom T.
therube wrote:> I don't see that ad.

Clearly there. (At download.cnet.com. news.cnet.com too, but I'm not actually seeing where? OK found it there too. It's just unobtrusive.)
You're blocking it with something (AdblockPlus will, or one of your other blockers).
Yup.

I don't use ABP or any other ad-blocking sw. Between NS and HOSTS, nothing gets through.

CNet-related entries in Hosts:

Code: Select all

0.0.0.0  adinterax.cnet.com.edgesuite.net
# [CBS Interactive / CNET Networks]
0.0.0.0  stat.fengniao.com
0.0.0.0  ads.webshots.com
0.0.0.0  tracker.zdnet.com.au #[WebBug]
# [CBS Interactive / CNET Networks][AS13867][216.239.112.0 - 216.239.127.255]
0.0.0.0  bwp.builderau.com.au
0.0.0.0  adimg.bnet.com
0.0.0.0  bwp.bnet.com
0.0.0.0  mads.bnet.com
0.0.0.0  ocp.bnet.com
0.0.0.0  mads.cbs.com
0.0.0.0  track.cbs.com #[WebBug]
0.0.0.0  mads.cbsnews.com
0.0.0.0  ocp.cbsnews.com
0.0.0.0  adimg.chow.com
0.0.0.0  mads.chow.com
0.0.0.0  bwp.chowhound.com
0.0.0.0  adimg.cnet.com
0.0.0.0  bwp.cnet.com
0.0.0.0  bwp.cnet.com.au
0.0.0.0  mads.cnet.com
0.0.0.0  remotead-internal.cnet.com
0.0.0.0  remotead.cnet.com
0.0.0.0  mads.cnettv.com
0.0.0.0  ads.com.com
0.0.0.0  adimg.com.com
0.0.0.0  adlog.com.com
0.0.0.0  mads.com.com
0.0.0.0  ocp.com.com
0.0.0.0  rok.com.com
0.0.0.0  adimg.download.com
0.0.0.0  bwp.download.com
0.0.0.0  mads.download.com
0.0.0.0  bwp.filmspot.com
0.0.0.0  bwp.findarticles.com
0.0.0.0  adimg.gamefaqs.com
0.0.0.0  bwp.gamefaqs.com
0.0.0.0  mads.gamefaqs.com
0.0.0.0  bwp.gamespot.com
0.0.0.0  mads.gamespot.com
0.0.0.0  adimg.theinsider.com
0.0.0.0  mads.theinsider.com
0.0.0.0  bwp.metacritic.com
0.0.0.0  adimg.mp3.com
0.0.0.0  bwp.mp3.com
0.0.0.0  mads.mp3.com
0.0.0.0  bwp.mysimon.com
0.0.0.0  adimg.news.com
0.0.0.0  bwp.news.com
0.0.0.0  bwp.techrepublic.com.com
0.0.0.0  adimg.tv.com
0.0.0.0  bwp.tv.com
0.0.0.0  mads.tv.com
0.0.0.0  bwp.versiontracker.com
0.0.0.0  bwp.webware.com
0.0.0.0  ads.zdnet.com
0.0.0.0  adimg.zdnet.com
0.0.0.0  bwp.zdnet.com.au
0.0.0.0  bwp.zdnet.co.uk
0.0.0.0  bwp.zdnet.com
0.0.0.0  bwp.zdnet.fr
0.0.0.0  mads.zdnet.com
# [CBS Interactive / CNET Networks][AS6623][64.30.224.0 - 64.30.239.255]
0.0.0.0  bwp.download.cnet.com

0.0.0.0  cnet.us.intellitxt.com
IMHO, pretty good case for using a Hosts service; still don't know why some object *for typical home users* (not for enterprise, or if you're running a Web server from your home); and why I never see ads, despite no ad-blocker.

Scrolling through the downloads page, a typical message in what would have been an ad space:
Unable to connect
Firefox can't establish a connection to the server at bwp.cnet.com.
Cool, huh? 8-)

Re: adlog

Posted: Tue Mar 20, 2012 5:01 am
by Guest
@ Tom T.
i had tried 0.0.0.0,255.255.255.0,& others.none of them worked.
just as i thought,127.0.0.1 is better,because it is considered an industry standard.(no incompatibility issues with other stuff.as was discussed in the links you provided.)
i see the benefit of 0.0.0.0 though!!!
as therube has confirmed cnet is riddled with adlog.com.com.(could the factor be that you are using a different ff version!?)
look,we are dancing around this issue.adlog never used to get through.if Giorgio Maone wants to look into it,fine.if not,then that's the end of this.(i really don't see the point in discussing this further.)

@ therube.
thank you very much for helping/confirming.

MY USER NAME:surge666666.

Re: adlog

Posted: Tue Mar 20, 2012 5:38 am
by Tom T.
Guest wrote:@ Tom T.
i had tried 0.0.0.0,255.255.255.0,& others.none of them worked.
Did you read the link, "Then please see Editing HOSTS away from 127.0.0.1 for the quick-and-easy way to do this."

As noted there, after changing all the 127.x to (whatever else) you MUST reset the first entry to

Code: Select all

127.0.0.1  localhost
which MUST ALWAYS be the first entry.

I'm sorry to have asked you to spend a couple of minutes reading that post, but it gets tiring typing the same thing 100 times each time any of 100 users asks the same question. This is why there are links, stickies, FAQ, etc. (No, I don't get paid by the hour, or it wouldn't matter. Actually, I don't get paid at all. The entire team is part-time, unpaid volunteers, donating however much of their precious spare time is left over after making a living, family/friends, having a Real Life, recreation, sleeping, eating, etc.)

I expect that not resetting localhost after editing is what broke your HOSTS before.
just as i thought,127.0.0.1 is better,because it is considered an industry standard.
Here I am quoting Giorgio literally, as I normally wouldn't use such language:
Giorgio Maone wrote:Eat shit! One billion flies can’t be wrong.
A little more detail:
Giorgio Maone wrote:Who uses 127.0.0.1 for adblocking did not put enough thought into his business.
There’s no “industry standard” about hosts file used as a poor man adblocker, which is a hack at best.

There are IETF’s Networking Group RFCs (which are not standards either, but are the specification which the internet is built on and are much more authoritative than Microsoft itself, let alone any MVP): according RFC3330, networking, which say “127.0.0.1″ is the address of the loopback interface, where you can actually bind a web server, while “0.0.0.0″ is an alias for “all the network interfaces on this hosts”, and it’s used almost exclusively as a placeholder for server binding purposes. These designations don’t hint (or are even compatible) with any adblocking purpose.

That said, any IPv4 “address” whose rightmost byte is 0 is practically invalid as a destination, therefore I suggested 255.255.255.0 initially because the “0.0.0.0″ network is a local network anyway and caught by ABE, but at this moment (in current NoScript beta) “0.0.0.0″ should be equally good since invalid addresses like this are properly recognized.
as therube has confirmed cnet is riddled with adlog.com.com.(could the factor be that you are using a different ff version!?)
It was that my Hosts file was blocking them all. I can remove that, using a default Hosts file, and try to reproduce, but it doesn't sound as though you're interested:
look,we are dancing around this issue.adlog never used to get through.if Giorgio Maone wants to look into it,fine.if not,then that's the end of this.(i really don't see the point in discussing this further.)
If you are truly interested in further investigation, let me know, and I'll be happy to remove the Hosts blocking, and see what happens.
If not, not.

ETA:

You're concerned about an ad getting through, but not concerned about using a very obsolete Firefox 8.0, which has a number of CRITICAL security flaws, as per the security bulletins for 9.x, 10.x, and 11.0? :shock:

Fx 3.6.28 is still supported for security and stability issues. Fx 8.0 hasn't been, for quite a while. NoScript (or anything else) cannot guarantee to protect you from every flaw in the browser itself.

Re: adlog

Posted: Tue Mar 20, 2012 6:32 am
by Guest
@ Tom T.
yes,i read all of the info in the links.yes,i reset localhost to 127.yes,i saw Giorgio's answer in the replies.lol.
127 is still a standard despite 0s being better.(that's why i mentioned it.sorry,it's not up to me.)
yes,reading all of that was time consuming,but very useful.thank you very much for your contributions/time!!!
why are we talking about a host file?when this is a noscript issue?cnet has clearly found a way to get around noscript.
i would think that Giorgio would see this as an insult/challenge!?
reset your host file if you want.it wont make a difference.it will just waste more of your time.
the ff version was just an observation.lets not take shots at which version has not been supported/upgraded for years,& years.when you only got an update recently after years of nothing.
as i said,"it's up to Giorgio."
All times are UTC
Page 1 of 4

Powered by phpBB® Forum Software © phpBB Limited