The germination of systems for tracking users on the net continues unabated. In an article titled, “I’m being followed”, The Atlantic offers a flavor of the invisible activity that’s happening underneath every site as one visits. Employing a combination of cookies, asynchronously loading client-side scripts, and unsuspecting domains, every move, every click, every attention, and every user interest is tracked without shame or guilt. It is the price of the free. It’s one thing though to let companies a certain amount of information when one does use their services, and entirely another when companies track those that are not even its users.
So, it’s time for some pest control. And the only way I know how is by adding domain names to a block list in
/etc/hosts. When mapped to
::1 — as shown in a typical example below, the computer thinks these are local sites, and therefore ignores loading from their real servers.
# Example of an IPv4 block 0.0.0.0 somesite.ext # # Example of an IPv6 block ::1 somesite.ext
For example, here’s how I block facebook on my computer:
# IPv4 0.0.0.0 facebook.com 0.0.0.0 www.facebook.com 0.0.0.0 facebook.net 0.0.0.0 www.facebook.net 0.0.0.0 fbcdn.com 0.0.0.0 www.fbcdn.com 0.0.0.0 fbcdn.net 0.0.0.0 www.fbcdn.net 0.0.0.0 login.facebook.com 0.0.0.0 www.login.facebook.com 0.0.0.0 static.ak.connect.facebook.com 0.0.0.0 static.ak.fbcdn.net 0.0.0.0 connect.facebook.net 0.0.0.0 www.connect.facebook.net 0.0.0.0 apps.facebook.com 0.0.0.0 www.youtube.com 0.0.0.0 m.youtube.com # IPv6 ::1 facebook.com ::1 www.facebook.com ::1 facebook.net ::1 www.facebook.net ::1 fbcdn.com ::1 www.fbcdn.com ::1 fbcdn.net ::1 www.fbcdn.net ::1 login.facebook.com ::1 www.login.facebook.com ::1 static.ak.connect.facebook.com ::1 static.ak.fbcdn.net ::1 connect.facebook.net ::1 www.connect.facebook.net ::1 apps.facebook.com ::1 www.youtube.com ::1 m.youtube.com
All this is easier said than done, of course, because the
hosts file’s structure is too simple (in that it does not accept wild cards, which I find very frustrating!) and domain vectors far too many to keep a count of, which makes this a long list of domains to block. But thanks to Dan Pollock for this comprehensive file, I can now keep trackers, trojans, ads, stats, and a fair bit of internet’s underbelly from loading up on my computer.
The best way though is I periodically run this script to keep my
/etc/hosts files up to speed like this:
#!/usr/bin/env bash curl -s https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-gambling-porn-social/hosts | sed 's/^||//' > /etc/hosts sed -i -e 's/127.0.0.1 localhost/127.0.0.1 localhost log.lo ckunte.lo home.lo test.lo/g' /etc/hosts sed -i -e 's/127.0.0.1 localhost log.lo ckunte.lo home.lo test.lo.localdomain/127.0.0.1 localhost.localdomain/g' /etc/hosts
Pi-hole (Aug 2018)
I recently armed my LAN with pi-hole, and routed to pass everything through it. This thing now silently nukes all the unwanted — ads, trackers, malware, et al., saving bandwidth, resulting in a cleaner, seamless private browsing and reading experience across all devices, including within apps. Best part is that it’s got REGEX and wildcard support for blocking domains. We’re finally talking bows and arrows here, and it’s about time too!