[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] (no subject)



Another example is this   s3-website-eu-west-1.amazonaws.com    OR
edge-star-shv-08-gru1.facebook.com  OR
ec2-54-225-215-244.compute-1.amazonaws.com   everyone resolving to
markmonitor.com


On Thu, Jul 3, 2014 at 9:19 PM, ideas buenas <ideasbuenas@xxxxxxxxx> wrote:

> I'm not referring to this.I'm talking of a lot of URI that appears when I
> try to link to any site. Every one of those Remote Address start with a
> couple o letters followed by numbers like this:
> server-54-230-83-145.mia50.r.cloudfront.net  .
>
>
>
>
> On Thu, Jul 3, 2014 at 2:59 AM, Seth David Schoen <schoen@xxxxxxx> wrote:
>
>> ideas buenas writes:
>>
>> > Why is markmonitor.com and its derivates in my TBB? How can I do to
>> delete
>> > this ? Are they watching me?
>>
>> Hi,
>>
>> Are you talking about seeing a markmonitor.com rule in the HTTPS
>> Everywhere
>> Enable/Disable Rules menu?
>>
>> https://www.eff.org/https-everywhere/atlas/domains/markmonitor.com.html
>>
>> If so, this is one of thousands of HTTPS Everywhere rewrite rules that
>> are included with HTTPS Everywhere, which is included with the Tor
>> Browser Bundle.  The goal of HTTPS Everywhere and its rewrite rules
>> is to automatically access as many sites as possible with secure HTTPS
>> connections.
>>
>> HTTPS Everywhere typically does not make your browser access sites or
>> services that it would not otherwise have accessed, so it shouldn't help
>> sites monitor your web browsing if they would otherwise not have been
>> able to.  There are definitely lots of sites that can monitor some aspects
>> of your web browsing because the site operator has included content loaded
>> from those sites in their web page (so your browser automatically
>> retrieves
>> that content when you visit the page that embedded the content).  For
>> example, there are ad networks whose ads are embedded in thousands or
>> millions of different sites, and if you visit any of those sites without
>> blocking those ads, the ad network operator will get some information
>> about your visit when your browser loads the embedded content from those
>> servers.
>>
>> The "monitor" in the name of markmonitor is not a reference to monitoring
>> users' web browsing.  Instead, it's part of the name of the company
>> MarkMonitor, a subsidiary of Thomson Reuters, that provides certain
>> Internet services mostly to very large companies.
>>
>> https://www.markmonitor.com/
>>
>> Their name is supposed to suggest that they can "monitor" their clients'
>> trademarks, but not specifically by spying on Internet (or Tor) users'
>> web browsing.  It seems that one of their original lines of business was
>> letting companies know about trademark infringement on web sites, so that
>> MarkMonitor's customers could threaten to sue those web sites' operators.
>> They subsequently went into other more infrastructural lines of business.
>>
>> There was an article a few years ago criticizing the large amount of
>> power that MarkMonitor has, but most of that power seems to have arisen
>> mainly because it's an infrastructure provider that some very popular
>> sites decided to sign up with for various purposes (primarily to register
>> Internet domain names, because MarkMonitor's domain name registration
>> services make it extremely difficult for somebody else to take over
>> control of a domain name illicitly).
>>
>> The markmonitor.com HTTPS Everywhere rule is one of thousands of HTTPS
>> Everywhere rules, and its goal is solely to make sure that if you're
>> visiting a web page hosted at (or loading content from) markmonitor.com
>> itself, that your browser's connection to markmonitor.com's servers will
>> be a secure HTTPS connection instead of an insecure HTTP connection.  It
>> is not trying to give any additional information to those servers or to
>> cause your browser to connect to those servers when it would not
>> otherwise have done so.
>>
>> (You can see the rule itself in the atlas link toward the beginning of
>> my message, and see that its effect is to rewrite some http:// links into
>> corresponding https:// links, just like other HTTPS Everywhere rules do.)
>>
>> Having HTTPS Everywhere rules that relate to a site does not necessarily
>> mean that your browser has ever visited that site or will ever visit
>> that site.  We've tried to make this clear because many of the rules
>> do relate to controversial or unpopular sites, or sites that somebody
>> could disagree with or be unhappy about in some way.  Each rule just
>> tries to make your connection more secure if and when you as the end
>> user of HTTPS Everywhere decide to visit a site that loads content from
>> the servers in question.
>>
>> You can disable the markmonitor.com HTTPS Everywhere rule from within the
>> Enable/Disable Rules menu -- but that won't stop your web browser from
>> loading things from markmonitor.com's servers if and when you visit pages
>> that refer to content that's hosted on those servers.  It will just stop
>> HTTPS Eveyrwhere from rewriting that access to take place over HTTPS URLs.
>>
>> --
>> Seth Schoen  <schoen@xxxxxxx>
>> Senior Staff Technologist                       https://www.eff.org/
>> Electronic Frontier Foundation                  https://www.eff.org/join
>> 815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x107
>> --
>> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
>> To unsubscribe or change other settings go to
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>>
>
>
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk