It’s Brave To Take On CNAME
The Brave Little Cookie Toaster
There is an eternal war on the internet (no, not that one) between users who value the privacy of their metadata and browsing habits and advertisers that want to collect as much of that valuable information as they can. One of the latest tricks advertisers use is to hide behind canonical name DNS records, or as it is more commonly know, CNAME.
The Register offers a good example for those unsure what exactly this means, looking at the scripts running on the site https://mathon.fr. In addition to the usual suspects like Google and Facebook is a script that claims to be running from a randomly generated URL from the mathon.fr domain but “Inspection outside of the browser reveals that 16ao.mathon.fr actually has a canonical name of et5.eulerian.net, meaning it’s a third-party script served by Eulerian“.
This process allows the advertiser to bypass the third party cookie protections which most browsers offer by default but they are as of yet unable to automatically detect and block this particular process. If you want a browser which will allow you to avoid these tracking scripts then call on Brave to take on CNAME tracking.
Brave Browser 1.17 will be the first browser that can detect and block these scripts, while still allowing those actually hosted on the domain you are visiting to run. Firefox have been working on a mitigation for the better part of a year, with no success reported as of yet, though Safari at least has a proposed method which might be feasible to implement in the near future.
Remember the good old days when LSOs were the worst thing to deal with?