The creators of the uBlock Origin banner ad blocker have discovered a new technique by which advertisers bypass restrictions on tracking Internet visitors. The method is based on the manipulation of DNS queries and allows the online tracker to integrate into the exchange of data between the site and the client.
Disguising online tracking using DNS queries
Researchers described this technology in 2010 and 2014 . Its essence is to disguise the tracker as one of the elements of the site accessed by the browser. To do this, the site creator allocates a special subdomain, and the script developer binds it to a third-party server through a DNS CNAME record. It allows using the main cookie to collect data on visits to all sites within the specified domain.
By driving traffic through their data collection service, marketers and web analytics can create user profiles, even if they have disabled such tracking. For the browser, this intermediate step looks like the legitimate part of loading the target site. Therefore, blocking third-party scripts, which has recently been turned on by default in Firefox and Safari , in this case does not work.
Experts say the illegality of the new method
As the experts found out, at the moment several Internet companies are simultaneously promoting their analytical solutions as an opportunity to circumvent the bans of developers and users. Experts see in such actions a direct violation of the European GDPR regulation , which requires online sites to inform visitors about the tracking of their actions.
In a commentary to The Register reporters, Augustine Fou, an expert on junk technology, said that since the creators of the script-trackers emphasize the inability to track the activity of their products, this activity is clearly illegal.
“This is not an accidental error, but an exploit,” the researcher emphasized. – [The developers of such scripts take] hidden and sequential actions to issue third-party cookies for the file of the main site. As a result, they ignore the legal restrictions and wishes of the users themselves. ”
Prospects for dealing with DNS query manipulation
The developers proposed a method with which you can block such activity. The technology works only in Firefox – this browser has an API that can detect manipulations with CNAME.
Chrome doesn’t. In addition, Google representatives previously stated that they did not intend to deny advertisers the opportunity to monitor the activity of the audience. At the same time, corporation experts are working to ensure that users see only the ads they need and can block unwanted banners.
Earlier, experts warned Android users about the threat of free applications. According to experts, such utilities often transmit private data through insecure channels and sell information to third-party organizations.