There are forces out there working to turn user agents into private interests agents -- i.e. to turn browsers into proprietary devices. This is a manifestation of this.
There are forces out there working to turn user agents into private interests agents -- i.e. to turn browsers into proprietary devices. This is a manifestation of this.
Seems to me we just received a DMCA letter to alter our Firewall Rules. Next up: Malware sites issuing DMCA letters to Anti-virus and Web-protect sites (like Google) to have their domains removed from firewall blocking. (Firewall is generic term for like-technologies)
I don't care who these guys are or who's paying for their product; I don't want my computers connecting to their servers, and I don't want to become their product.
We have to make this news go full Streisand Effect!
Seems to me we just received a DMCA letter to alter our Firewall Rules. Next up: Malware sites issuing DMCA letters to Anti-virus and Web-protect sites (like Google) to have their domains removed from firewall blocking. (Firewall is generic term for like-technologies)
I don't care who these guys are or who's paying for their product; I don't want my computers connecting to their servers, and I don't want to become their product.
We have to make this news go full Streisand Effect!
So any ad serving company can now setup DRM business, which serves exactly one customer: their site, can then exclude them from block lists using DMCA? That's convenient.
@pgl Thanks for the domain list. Quick and simple fix.
So any ad serving company can now setup DRM business, which serves exactly one customer: their site, can then exclude them from block lists using DMCA? That's convenient.
@pgl Thanks for the domain list. Quick and simple fix.
+zb3 That would be a horrible idea, as it would fragment the efforts of this.
I would say to watch this: https://www.youtube.com/watch?v=LZwLbZ5boZ4 (deals with another frautulent DMCA complaint)
+a-raccoon Next thing, a porn site DMCAs OpenDNS because their web filter circumvents their ability to be accessed by OpenDNS web filter consumers?
This "functionalclam" service is not an effective access control, if circumventing it is as easy as blocking the entire website. If this were to go to court, EasyList would prevail hands down.
+zb3 That would be a horrible idea, as it would fragment the efforts of this.
I would say to watch this: https://www.youtube.com/watch?v=LZwLbZ5boZ4 (deals with another frautulent DMCA complaint)
+a-raccoon Next thing, a porn site DMCAs OpenDNS because their web filter circumvents their ability to be accessed by OpenDNS web filter consumers?
This "functionalclam" service is not an effective access control, if circumventing it is as easy as blocking the entire website. If this were to go to court, EasyList would prevail hands down.
@miguelmota DMCA should not apply even in this situation as the line in the blacklist is nothing more than blocking a whole website. You can sinkhole it in your HOSTS file just as easily.
I actually submitted the domain to MysteryFCM at hosts-file.net (not sure if he is willing to add it because while he is in the UK hpHosts is owned by Malwarebytes which I believe is US-based).
@miguelmota DMCA should not apply even in this situation as the line in the blacklist is nothing more than blocking a whole website. You can sinkhole it in your HOSTS file just as easily.
I actually submitted the domain to MysteryFCM at hosts-file.net (not sure if he is willing to add it because while he is in the UK hpHosts is owned by Malwarebytes which I believe is US-based).
I would suggest a new feature in Adblockers which instead of blocking ads, it block sites that use a specific ad server. In this case, any site that send requests to functionalclam will be blocked and replaced with a blank page and text to explain that the page was blocked.
This way, we do not need to worry about DMCA because there's no DRM if the whole page is blocked. We would then punish their customer instead of the ad services.
I would suggest a new feature in Adblockers which instead of blocking ads, it block sites that use a specific ad server. In this case, any site that send requests to functionalclam will be blocked and replaced with a blank page and text to explain that the page was blocked.
This way, we do not need to worry about DMCA because there's no DRM if the whole page is blocked. We would then punish their customer instead of the ad services.
@7Pass This could be doable if the adblockers were to add a new API to block the entire webpage if it has a banned match in it. However, it cannot effectively block the page as the browser still needs to load the page in order for the adblock filter to take effect, unlike how the existing lists prevent requests from even being issued by the browser.
@7Pass This could be doable if the adblockers were to add a new API to block the entire webpage if it has a banned match in it. However, it cannot effectively block the page as the browser still needs to load the page in order for the adblock filter to take effect, unlike how the existing lists prevent requests from even being issued by the browser.
Unbelievable. If users can access copyrighted works simply by blocking a connection, their customers should really think why they even hired them. Sad that you did not counter DMCA immediately. EFF would surely be interested to help. Usually after a counter DMCA you won't hear anything from them anymore, I don't think they would escalate this any further to a lawsuit. Lets just hope everyone will soon block their site by default.
Unbelievable. If users can access copyrighted works simply by blocking a connection, their customers should really think why they even hired them. Sad that you did not counter DMCA immediately. EFF would surely be interested to help. Usually after a counter DMCA you won't hear anything from them anymore, I don't think they would escalate this any further to a lawsuit. Lets just hope everyone will soon block their site by default.
Does HOSTS work on IP addresses like that on all platforms?
And if Leven Labs were to DMCA the reply by @Skaendoit would be yet another offense of perjury.
Does HOSTS work on IP addresses like that on all platforms?
And if Leven Labs were to DMCA the reply by @Skaendoit would be yet another offense of perjury.
I heard about this from another site and registered a Github account just to say this. Is the following possible; get a list of every. single. site. that uses BlockAdBlock and blacklist those sites completely! I KIND OF see their point about bypassing paywalls to get to protected content. But, if the entire site is blocked, not just the paywall roadblock, what could they cry about then? That's what I do now, if I visit a site that tells me to remove AdBlockPlus before I can see their content, I simple close the tab and don't bother going back there. As far as I'm concerned, no loss on my part. As others have said, this is a test case and if it stands, it will open the gates for others to abuse the DMCA process and Easylist will become useless as will uBo and all the others. Might be time to host Adblock and/or Easylist in a country that is beyond DMCA, if such a country exists. Maybe Turkey? North Korea?
I heard about this from another site and registered a Github account just to say this. Is the following possible; get a list of every. single. site. that uses BlockAdBlock and blacklist those sites completely! I KIND OF see their point about bypassing paywalls to get to protected content. But, if the entire site is blocked, not just the paywall roadblock, what could they cry about then? That's what I do now, if I visit a site that tells me to remove AdBlockPlus before I can see their content, I simple close the tab and don't bother going back there. As far as I'm concerned, no loss on my part. As others have said, this is a test case and if it stands, it will open the gates for others to abuse the DMCA process and Easylist will become useless as will uBo and all the others. Might be time to host Adblock and/or Easylist in a country that is beyond DMCA, if such a country exists. Maybe Turkey? North Korea?
@roadhazard The removed line does just that, blocks an entire website. What Leven Labs is demanding is to prevent end users from blocking access to their sites.
Placing the list outside the USA would not prevent liability from US based complainants, as is the case here.
Also North Korea is a completely Bad Idea™ as I am 99% sure the lists contain or reference content strictly banned by their government and they don't have enough IP addresses to host anything other than government propaganda.
@roadhazard The removed line does just that, blocks an entire website. What Leven Labs is demanding is to prevent end users from blocking access to their sites.
Placing the list outside the USA would not prevent liability from US based complainants, as is the case here.
Also North Korea is a completely Bad Idea™ as I am 99% sure the lists contain or reference content strictly banned by their government and they don't have enough IP addresses to host anything other than government propaganda.
@skaendo The file in Windows is %WINDIR%\System32\drivers\etc\hosts
On 64-bit systems, that directory needs to be accessed from a 64-bit view, for example opening the 64-bit version of Command Prompt and not the version in SYSWOW64.
@skaendo The file in Windows is %WINDIR%\System32\drivers\etc\hosts
On 64-bit systems, that directory needs to be accessed from a 64-bit view, for example opening the 64-bit version of Command Prompt and not the version in SYSWOW64.
Crazy question, what feeds into Easylist? How hard would it be for me to stand up my own Easylist server at my house and just point all my PCs to it? How much effort to stay on top of it and keep it updated?
Crazy question, what feeds into Easylist? How hard would it be for me to stand up my own Easylist server at my house and just point all my PCs to it? How much effort to stay on top of it and keep it updated?
@skaendo I recommend setting up a private GitLab server, the installation is pretty automated, pretty easy to use, though I'm not sure how to keep things in sync.
@skaendo I recommend setting up a private GitLab server, the installation is pretty automated, pretty easy to use, though I'm not sure how to keep things in sync.
Maybe a clever solution... Feature suggestion for ad blockers using EasyList:
Domains added to EasyList will be actuated in the ad blocker.
Domains removed from EasyList will not automatically remove them from actuation in the ad blocker.
In order to deactivate a domain from the ad blocker, a specific "REMOVE " command must appear in EasyList.
Since the DMCA only requires that EasyList take the domain off of its list, but cannot compel EasyList to assert a "remove command", the domain is never actually removed from existing ad blocker deployments. Think of it in the same reversed terms as how a 'warrant canary' works. Figure out what minimum effort EasyList is compelled to do under law, and see to it those actions alone don't really change much of anything.
ALSO, investigate what Google does when it removes a site from its search results due to DMCA takedown request. Google maintains a public list of all the URIs (domains included) of each takedown request. I recommend introducing a EasyList-DMCA-Removals parallel list.
Maybe a clever solution... Feature suggestion for ad blockers using EasyList:
Domains added to EasyList will be actuated in the ad blocker.
Domains removed from EasyList will not automatically remove them from actuation in the ad blocker.
In order to deactivate a domain from the ad blocker, a specific "REMOVE " command must appear in EasyList.
Since the DMCA only requires that EasyList take the domain off of its list, but cannot compel EasyList to assert a "remove command", the domain is never actually removed from existing ad blocker deployments. Think of it in the same reversed terms as how a 'warrant canary' works. Figure out what minimum effort EasyList is compelled to do under law, and see to it those actions alone don't really change much of anything.
ALSO, investigate what Google does when it removes a site from its search results due to DMCA takedown request. Google maintains a public list of all the URIs (domains included) of each takedown request. I recommend introducing a EasyList-DMCA-Removals parallel list.
Either it is something I don't get about DMCA or this request is abusing the DMCA for something that clearly isn't in breach.
Admiral CEO's post makes a point that by putting the domains on the list and blocking their content, it is possible to circumventing some access controls, from what I know as a developer, you gotta be a really bad developer to allow access by simply having some JavaScript blocked.
So from where I stand, it would seem that Admiral's developers are the ones who created back-doors to their customer's content and not this list, and Dan Rua is simply looking for a scapegoat to come out well in the eyes of those customers.
Either it is something I don't get about DMCA or this request is abusing the DMCA for something that clearly isn't in breach.
Admiral CEO's post makes a point that by putting the domains on the list and blocking their content, it is possible to circumventing some access controls, from what I know as a developer, you gotta be a really bad developer to allow access by simply having some JavaScript blocked.
So from where I stand, it would seem that Admiral's developers are the ones who created back-doors to their customer's content and not this list, and Dan Rua is simply looking for a scapegoat to come out well in the eyes of those customers.
@ida
If it is all about JavaScript does that make the security slider in Tor Browser (or any other browser means of turning off JavaScript) a circumvention device?
@ida
If it is all about JavaScript does that make the security slider in Tor Browser (or any other browser means of turning off JavaScript) a circumvention device?
I would think this DMCA claim is invalid because EasyList is not primarily used to circumvent access to copyrighted content. As the DMCA says
(2) No person shall manufacture, import, offer to the public, provide, or otherwise traffic in any technology, product, service, device, component, or part thereof, that— (A) is primarily designed or produced for the purpose of circumventing a technological measure that effectively controls access to a work protected under this title; (B) has only limited commercially significant purpose or use other than to circumvent a technological measure that effectively controls access to a work protected under this title; or (C) is marketed by that person or another acting in concert with that person with that person's knowledge for use in circumventing a technological measure that effectively controls access to a work protected under this title.
Admiral can say the server isn't serving ads but it IS used for tracking people. And the primary function of EasyList is to prevent ads from loading and users from being tracked. The fact that Admiral claims that their protection system is circumvented when the domain is blocked is THEIR problem since EasyList is provably NOT a circumvention tool.
I would think this DMCA claim is invalid because EasyList is not primarily used to circumvent access to copyrighted content. As the DMCA says
(2) No person shall manufacture, import, offer to the public, provide, or otherwise traffic in any technology, product, service, device, component, or part thereof, that— (A) is primarily designed or produced for the purpose of circumventing a technological measure that effectively controls access to a work protected under this title; (B) has only limited commercially significant purpose or use other than to circumvent a technological measure that effectively controls access to a work protected under this title; or (C) is marketed by that person or another acting in concert with that person with that person's knowledge for use in circumventing a technological measure that effectively controls access to a work protected under this title.
Admiral can say the server isn't serving ads but it IS used for tracking people. And the primary function of EasyList is to prevent ads from loading and users from being tracked. The fact that Admiral claims that their protection system is circumvented when the domain is blocked is THEIR problem since EasyList is provably NOT a circumvention tool.
@WilliamFeely surely not.
If a website has a paywall that loads all content but hides them via JavaScript, then they are using the wrong tool. you can't blame someone of circumventing access control for bypassing something that isn't meant for controlling access.
@WilliamFeely surely not.
If a website has a paywall that loads all content but hides them via JavaScript, then they are using the wrong tool. you can't blame someone of circumventing access control for bypassing something that isn't meant for controlling access.
Are they using all these 100+ different domains to implement an HSTS fingerprinting attack? If you treat the HTTPS redirect ON / OFF of each domain as a single bit to a large 100+bit value, you wind up with each browser having a unique fingerprint. These "HSTS cookies" can be detected by an ad agency across any site that uses its ad services; These "HSTS cookies" cannot be deleted from a browser (per specification); These "HSTS cookies" reveal a user's identity even while they are in Private Browsing / Incognito mode.
Can anyone confirm my suspicions by looking at their code?
Are they using all these 100+ different domains to implement an HSTS fingerprinting attack? If you treat the HTTPS redirect ON / OFF of each domain as a single bit to a large 100+bit value, you wind up with each browser having a unique fingerprint. These "HSTS cookies" can be detected by an ad agency across any site that uses its ad services; These "HSTS cookies" cannot be deleted from a browser (per specification); These "HSTS cookies" reveal a user's identity even while they are in Private Browsing / Incognito mode.
Can anyone confirm my suspicions by looking at their code?
commit should be reverted you can't copy right a domain further more its of violation of NO law to block a domain,regardless of what that domain is used for,further more if your drm is shitty enough to be-defeated by blocking one host then its of no use to anybody
commit should be reverted you can't copy right a domain further more its of violation of NO law to block a domain,regardless of what that domain is used for,further more if your drm is shitty enough to be-defeated by blocking one host then its of no use to anybody
This DMCA takedown is not allowed by copyright law. It should not be complied with. Furthermore, I'm adding this to all my personal adblock lists permanently in protest.
This DMCA takedown is not allowed by copyright law. It should not be complied with. Furthermore, I'm adding this to all my personal adblock lists permanently in protest.
@jbruchon GitHub does not have the legal capacity to determine the validity, just as YouTube does not have the legal capacity to stop Alex Mauer takedown notices. @ryanbr should consider filing a counter-notice due to its invalidity.
@jbruchon GitHub does not have the legal capacity to determine the validity, just as YouTube does not have the legal capacity to stop Alex Mauer takedown notices. @ryanbr should consider filing a counter-notice due to its invalidity.
Counter notice is free if there is no lawsuit. Wonder why nobody mentions GoFundMe? Snopes got over half a million in donations in a day to fight their legal troubles.
Surely EasyList is popular enough to drum up that kind of support?
Counter notice is free if there is no lawsuit. Wonder why nobody mentions GoFundMe? Snopes got over half a million in donations in a day to fight their legal troubles.
Surely EasyList is popular enough to drum up that kind of support?
@uda this point exactly. You are not preventing copyright infringement if you use javascript to hide content already served to the user agent. At that point it's trivial to disable javascript, and if the entire content is served as static html in the first instance then some browsers are incapable of running said scripts in any case. That's not circumvention, that's the copyright holder not actually trying to protect their stuff.
@uda this point exactly. You are not preventing copyright infringement if you use javascript to hide content already served to the user agent. At that point it's trivial to disable javascript, and if the entire content is served as static html in the first instance then some browsers are incapable of running said scripts in any case. That's not circumvention, that's the copyright holder not actually trying to protect their stuff.
@ameshkov A counter notice would not be expensive. You just need to affirm that the content you offer is not violating their rights. No need to explain any further. It can be as broad as you want. 5 minutes of your time, no lawyer needed. When GitHub receives a DMCA, it deactivates the content, when GitHub receives a counter DMCA, it enables it again. The parties can battle in court then.
@ameshkov A counter notice would not be expensive. You just need to affirm that the content you offer is not violating their rights. No need to explain any further. It can be as broad as you want. 5 minutes of your time, no lawyer needed. When GitHub receives a DMCA, it deactivates the content, when GitHub receives a counter DMCA, it enables it again. The parties can battle in court then.
I've seen some media outlets post a link to this page, if you've come from one of those and don't have something constructive or helpful to say and just want to express your anger at this then do it here instead: https://discord.me/BlockAdmiral
I've seen some media outlets post a link to this page, if you've come from one of those and don't have something constructive or helpful to say and just want to express your anger at this then do it here instead: https://discord.me/BlockAdmiral
A counter-notice should be signed by somebody. EasyList is not a company, so it should be one of the maintainers willing to take the risk.
The risk I am talking about is that the counter-notice may trigger a lawsuit, which is extremely expensive whatever is the outcome.
I think what we should do is not just blindly demand to reinstate the domain but to let EasyList people know that they can rely on us, and we're ready to support them.
A counter-notice should be signed by somebody. EasyList is not a company, so it should be one of the maintainers willing to take the risk.
The risk I am talking about is that the counter-notice may trigger a lawsuit, which is extremely expensive whatever is the outcome.
I think what we should do is not just blindly demand to reinstate the domain but to let EasyList people know that they can rely on us, and we're ready to support them.
We apologize if our delay in posting the notice led to any confusion. According to our policy, we allow the repository owner a window of time to make changes before we post the notices, and we also take time to redact any personal information.
To clarify, the dmcahelper account is not affiliated with GitHub.
We apologize if our delay in posting the notice led to any confusion. According to our policy, we allow the repository owner a window of time to make changes before we post the notices, and we also take time to redact any personal information.
To clarify, the dmcahelper account is not affiliated with GitHub.
Yes. Remember the news about perceptual ad blocker? It is time to seriously consider implementing this technology in the main stream ad blockers.
@ameshkov
If I recall, that method was more like a cosmetic blocking. Doesn't do anything to reduce the bandwidth or tracking that could come along with an image. I'm all for hiding stuff but I'd rather firewall the traffic. In-browser would be slick.
I'm thinking more like Privacy Badger, Karma Blocker, LibreJS, Kaspersky Banner Ad Blocker, Bluehell firewall (which is just a big regex string), and Privoxy or Proxomitron (I can't remember which was rule-based. Maybe both.) It may be that building an app which lets you adjust thresholds for variables of certain characteristics of content might be a good approach to learn out to hone in on what constitutes unwanted content. Say, strip out all content that's a transparent pixel. junk like that.
But also look at more modern tracking techniques such as registering service workers, reading sensor values and junk.
I assume it would take a lot of harvesting of desired and undesired javascript and content to come up with some good rules.
Yes. Remember the news about perceptual ad blocker? It is time to seriously consider implementing this technology in the main stream ad blockers.
@ameshkov
If I recall, that method was more like a cosmetic blocking. Doesn't do anything to reduce the bandwidth or tracking that could come along with an image. I'm all for hiding stuff but I'd rather firewall the traffic. In-browser would be slick.
I'm thinking more like Privacy Badger, Karma Blocker, LibreJS, Kaspersky Banner Ad Blocker, Bluehell firewall (which is just a big regex string), and Privoxy or Proxomitron (I can't remember which was rule-based. Maybe both.) It may be that building an app which lets you adjust thresholds for variables of certain characteristics of content might be a good approach to learn out to hone in on what constitutes unwanted content. Say, strip out all content that's a transparent pixel. junk like that.
But also look at more modern tracking techniques such as registering service workers, reading sensor values and junk.
I assume it would take a lot of harvesting of desired and undesired javascript and content to come up with some good rules.
+hook54321a
To break the following it is simple - click Block then immediately unblock. I do that all the time on my Twitter to kick spam followers that don't quite require blocking.
+hook54321a
To break the following it is simple - click Block then immediately unblock. I do that all the time on my Twitter to kick spam followers that don't quite require blocking.
What about a dummy script, which some of the better ad-blockers already make use of.
NOBODY can claim the ownership of a dummy script that wasn't written by themselves.
What about a dummy script, which some of the better ad-blockers already make use of.
NOBODY can claim the ownership of a dummy script that wasn't written by themselves.
Let's create a new list for GetAdmiral customers so we can punish their customers while not bypassing their DRM. I don't think it's fair to ask the maintainers of EasyList to fight the legal system for us, we have to make sure that no other ad servers dare to use DMCA again, and best would be for GetAdmiral to be recorded in history of Internet for the worse failure.
Let's create a new list for GetAdmiral customers so we can punish their customers while not bypassing their DRM. I don't think it's fair to ask the maintainers of EasyList to fight the legal system for us, we have to make sure that no other ad servers dare to use DMCA again, and best would be for GetAdmiral to be recorded in history of Internet for the worse failure.
Lets move the list outside of US jurisdiction; problem solved.
The list should not be moved to a country that is headquartered in the US; or is part of the "five eyes"; I suggest Germany? Or, if you really want to shake shit up, Russia?
Another method is to setup p2p.
Another method is to purchase a VPS and just use gitlab.
Lets move the list outside of US jurisdiction; problem solved.
The list should not be moved to a country that is headquartered in the US; or is part of the "five eyes"; I suggest Germany? Or, if you really want to shake shit up, Russia?
Another method is to setup p2p.
Another method is to purchase a VPS and just use gitlab.
@bbb31
Not at all problem solved, and you run the risk of referenced domains in the list violating local censorship laws which could give rise to criminal liability.
If you live in the US you cannot escape US jurisdiction by hosting abroad, in fact doing so means you consent to not the US and foreign jurisdictions.
Germany has laws against Nazi imagery, so if any websites in the list have that that would be hazardous. Russia has all sorts of censorship laws that would make the list a minefield.
@bbb31
Not at all problem solved, and you run the risk of referenced domains in the list violating local censorship laws which could give rise to criminal liability.
If you live in the US you cannot escape US jurisdiction by hosting abroad, in fact doing so means you consent to not the US and foreign jurisdictions.
Germany has laws against Nazi imagery, so if any websites in the list have that that would be hazardous. Russia has all sorts of censorship laws that would make the list a minefield.
@WilliamFeely It seems to me that since the list is specifically a blocking list it can't really run afoul of censorship laws. I see ad blocking lists as a censorship mechanism controlled by the end user. I may be wrong and I'd be interested in hearing why I might be wrong.
@WilliamFeely It seems to me that since the list is specifically a blocking list it can't really run afoul of censorship laws. I see ad blocking lists as a censorship mechanism controlled by the end user. I may be wrong and I'd be interested in hearing why I might be wrong.
@jbruchon I do suspect though the claims that hosting on a foreign server will prevent liability may be coming from those with misinformation regarding copyright law, as this is featured on the homepage of TorrentFreak today.
@jbruchon I do suspect though the claims that hosting on a foreign server will prevent liability may be coming from those with misinformation regarding copyright law, as this is featured on the homepage of TorrentFreak today.
The reactions here.... forks, blocking the site in Windows hosts lists. Did you ever considered that the DCMA owner don't care about you or the handful of people here? If they target Easylist then they care about all the subscribers (million) of people around the world who got the Easylist auto-updated in their adblockers. They will not know and automatically receive the list with the hostname removed.
So hosts/forks/other lists will not help. The only thing that actually does something useful is that EasyList gets out of range of DCMA and re-add the host, period.
The great majority of adblock users are people who just install an addon and expect everything to work and don't read github or changelogs or even touch any settings. And this DCMA request has targeted these users only cuz they build the majority. So please stop trying to pretend to fight back cuz you figured out how to edit a Windows host list. (Sorry for the harsh words but ive seen this discussion drifting away from the original problem).
The reactions here.... forks, blocking the site in Windows hosts lists. Did you ever considered that the DCMA owner don't care about you or the handful of people here? If they target Easylist then they care about all the subscribers (million) of people around the world who got the Easylist auto-updated in their adblockers. They will not know and automatically receive the list with the hostname removed.
So hosts/forks/other lists will not help. The only thing that actually does something useful is that EasyList gets out of range of DCMA and re-add the host, period.
The great majority of adblock users are people who just install an addon and expect everything to work and don't read github or changelogs or even touch any settings. And this DCMA request has targeted these users only cuz they build the majority. So please stop trying to pretend to fight back cuz you figured out how to edit a Windows host list. (Sorry for the harsh words but ive seen this discussion drifting away from the original problem).
Admiral is inherently a huge malware risk vector. If you cannot block them directly, then you should block all their customers.
I'd suggest adding a new blocking mode to uBlock Origin where any page attempting to load the blocked content gets redirected to a very scary looking warning page, perhaps modeled after Google warning pages, except that users should be given the option to whitelist for a limited period of time, although few would do so when being warned about malware, etc.
Admiral is inherently a huge malware risk vector. If you cannot block them directly, then you should block all their customers.
I'd suggest adding a new blocking mode to uBlock Origin where any page attempting to load the blocked content gets redirected to a very scary looking warning page, perhaps modeled after Google warning pages, except that users should be given the option to whitelist for a limited period of time, although few would do so when being warned about malware, etc.
Admiral is just using this squarely as a means to boost their revenue and that of advertisers. They're taking advantage of Github's open platform to try and control publicly available information in order to profit and are working to delegitimize your freedom to simply not connect. If you use EasyList, you are expressing your desire (and freedom) not to connect and download advertising, spyware and possible malware attacks. Publishers who advertise are entirely capable of detecting this and preventing you from accessing their site. I see it all of the time and simply leave the website instead of disabling my ad blocker. This is a simple transaction and it forces us to make decisions so we can negotiate through our conscious actions.
I'm all for 👍@ameshkov's suggestion of moving this over to Gitlab or literally any other platform that will allow us to allow us to control how we use the Internet instead of allowing it to be unilaterally manipulated like this so transparently for the profit of a select few. I'm a fan of Github, but this is way too far. Let's move forward with #500 once we're off this platform.
Admiral is just using this squarely as a means to boost their revenue and that of advertisers. They're taking advantage of Github's open platform to try and control publicly available information in order to profit and are working to delegitimize your freedom to simply not connect. If you use EasyList, you are expressing your desire (and freedom) not to connect and download advertising, spyware and possible malware attacks. Publishers who advertise are entirely capable of detecting this and preventing you from accessing their site. I see it all of the time and simply leave the website instead of disabling my ad blocker. This is a simple transaction and it forces us to make decisions so we can negotiate through our conscious actions.
I'm all for 👍@ameshkov's suggestion of moving this over to Gitlab or literally any other platform that will allow us to allow us to control how we use the Internet instead of allowing it to be unilaterally manipulated like this so transparently for the profit of a select few. I'm a fan of Github, but this is way too far. Let's move forward with #500 once we're off this platform.
To anyone interested in generating these lists locally, I have forked easylist added local template generation (maybe you feel like publishing these lists on S3 automatically?), and added the removed domain; and also re-added a list of the compiled domains related to "that" domain.
Since GH was adamant on the removal of source code; they probably will be adamant on the removal of this code as well; so fork away!
To anyone interested in generating these lists locally, I have forked easylist added local template generation (maybe you feel like publishing these lists on S3 automatically?), and added the removed domain; and also re-added a list of the compiled domains related to "that" domain.
Since GH was adamant on the removal of source code; they probably will be adamant on the removal of this code as well; so fork away!
@patricknelson
Unfortunately moving off GitHub would alienate a lot of contributors, and self hosted solutions could potentially become costly if the traffic gets high enough.
Also, would you mind finding a copy of that Linkedin page that doesn't require an account? I deleted my LinkedIn account because I didn't want my boss looking too far into my job-hunting activities.
@patricknelson
Unfortunately moving off GitHub would alienate a lot of contributors, and self hosted solutions could potentially become costly if the traffic gets high enough.
Also, would you mind finding a copy of that Linkedin page that doesn't require an account? I deleted my LinkedIn account because I didn't want my boss looking too far into my job-hunting activities.
@WilliamFeely I suppose you're right. What if @a-raccoon's idea of at least simply openly disclosing the list of domains removed due to DMCA requests? Per #501 This will allow people to be aware of the content that is no longer being blocked and it is up to them to continue using EasyList as they wish.
@WilliamFeely I suppose you're right. What if @a-raccoon's idea of at least simply openly disclosing the list of domains removed due to DMCA requests? Per #501 This will allow people to be aware of the content that is no longer being blocked and it is up to them to continue using EasyList as they wish.
That said, has the OP contacted EFF yet?
Until it gets reinstated, perhaps it would be a good idea for someone to maintain a "forbidden domains" list that can be imported into the "custom" section of one's adblocker? Most if not all adblockers allow for custom blacklist subscription URLs.
That said, has the OP contacted EFF yet?
Until it gets reinstated, perhaps it would be a good idea for someone to maintain a "forbidden domains" list that can be imported into the "custom" section of one's adblocker? Most if not all adblockers allow for custom blacklist subscription URLs.
I'd also propose a sort of dead man's switch approach; an automated list of domains removed from EasyList with comments containing the reason (or the commit message) for their removal. I think #501 is a good (but still manual) step in that that direction.
I'd also propose a sort of dead man's switch approach; an automated list of domains removed from EasyList with comments containing the reason (or the commit message) for their removal. I think #501 is a good (but still manual) step in that that direction.
Can we add all of their other domains to easylist since they haven't DMCA-ed those? We could do only one and wait for them to send a DMCA for that, then add another one, and then repeat, to waste their time.
Can we add all of their other domains to easylist since they haven't DMCA-ed those? We could do only one and wait for them to send a DMCA for that, then add another one, and then repeat, to waste their time.
FWIW, we're ready to sponsor the hosting if the guys decide to move the list. Can't say for others, but I guess they also do.
On the other hand, this does not completely solve the issue of a legal trolling and may be perceived as a retreat. Anyway, I'd like to assure EasyList maintainers that when they decide to take action, we will help them with all the means.
FWIW, we're ready to sponsor the hosting if the guys decide to move the list. Can't say for others, but I guess they also do.
On the other hand, this does not completely solve the issue of a legal trolling and may be perceived as a retreat. Anyway, I'd like to assure EasyList maintainers that when they decide to take action, we will help them with all the means.
I don't always use a blocker but I wanted to participate in the Streisand Effect happening here, so I created a browser extension that blocks Admiral. I will add other domains if other companies start to see legally threatening open-source projects as a way to have themselves removed from blacklists.
I don't always use a blocker but I wanted to participate in the Streisand Effect happening here, so I created a browser extension that blocks Admiral. I will add other domains if other companies start to see legally threatening open-source projects as a way to have themselves removed from blacklists.
This is why webpages should not be allowed to load anything third party, also why scripting should be disallowed period. So what are our options to fight admiral?
This is why webpages should not be allowed to load anything third party, also why scripting should be disallowed period. So what are our options to fight admiral?
@ciravbot
With that in mind, do you know if OWASP ZAP can be configured to alert to all third party resources on a web server?
Also, might it be just about time to close this thread, as it has gotten a little out of hand, including with more than a few suggestions that could be considered bad legal advice?
@ciravbot
With that in mind, do you know if OWASP ZAP can be configured to alert to all third party resources on a web server?
Also, might it be just about time to close this thread, as it has gotten a little out of hand, including with more than a few suggestions that could be considered bad legal advice?
hilariously, functionalclam.com say HTTPS is used whenever possible - whilst the front page is 1 big jpg file, and neither the front page, nor the jpg file, is served over https 😆
hilariously, functionalclam.com say HTTPS is used whenever possible - whilst the front page is 1 big jpg file, and neither the front page, nor the jpg file, is served over https 😆
@WilliamFeely That I do not know yet. I am currently researching some options for both the short term with current tech and the long term with new tech. I do believe we are reaching a point where a new browser and rules are needed to help put an end to ads and their ability to detect/circumvent adblockers.
If the advertisers think they can employ DMCA to take us down, we too can do the same. Circumventing adblocking tech to shove ads and malware into a system should be met with the same.
DMCA as it stands now is an outdated system and needs to be repealed or replaced and the more news this gets as well as tieing up the courts will help this come about faster.
@WilliamFeely That I do not know yet. I am currently researching some options for both the short term with current tech and the long term with new tech. I do believe we are reaching a point where a new browser and rules are needed to help put an end to ads and their ability to detect/circumvent adblockers.
If the advertisers think they can employ DMCA to take us down, we too can do the same. Circumventing adblocking tech to shove ads and malware into a system should be met with the same.
DMCA as it stands now is an outdated system and needs to be repealed or replaced and the more news this gets as well as tieing up the courts will help this come about faster.
+cirvabot it was actually a question regarding my own server in order find and destroy third-party resources.
Regarding your thoughts about DMCA, hopefully this is not abusing this unusual case in order to make it easier to distribute copyrighted works without permission.
Repealing 17 U.S. Code § 512 would put hosting providers in danger of liability for content they have no control over.
+cirvabot it was actually a question regarding my own server in order find and destroy third-party resources.
Regarding your thoughts about DMCA, hopefully this is not abusing this unusual case in order to make it easier to distribute copyrighted works without permission.
Repealing 17 U.S. Code § 512 would put hosting providers in danger of liability for content they have no control over.
I don't know what the answer is, there are plenty more people out there more qualified then I who can figure that one out. Something does need to change though and soon. This goes beyond shaving seconds off page load times and securing systems from bad actors on the net. Lists such as EasyList are simply a bandaide and we need to have a larger discussion about moving forward.
I don't know what the answer is, there are plenty more people out there more qualified then I who can figure that one out. Something does need to change though and soon. This goes beyond shaving seconds off page load times and securing systems from bad actors on the net. Lists such as EasyList are simply a bandaide and we need to have a larger discussion about moving forward.
@Serkan-devel You mean actually infringe copyright with one of those low effort image macros or an animated GIF screencapped from a copyrighted TV show or movie?
There was no infringement yet on this list.
@Serkan-devel You mean actually infringe copyright with one of those low effort image macros or an animated GIF screencapped from a copyrighted TV show or movie?
There was no infringement yet on this list.
This comment has been minimized.
gorhillAug 11, 2017
There are forces out there working to turn user agents into private interests agents -- i.e. to turn browsers into proprietary devices. This is a manifestation of this.
gorhill repliedAug 11, 2017
There are forces out there working to turn user agents into private interests agents -- i.e. to turn browsers into proprietary devices. This is a manifestation of this.
This comment has been minimized.
bakman2Aug 11, 2017
A text file with domain-names, how can this be a valid DMCA request ?
bakman2 repliedAug 11, 2017
•
edited
Edited 1 time
-
bakman2
edited Aug 11, 2017 (most recent)
A text file with domain-names, how can this be a valid DMCA request ?
This comment has been minimized.
zb3Aug 11, 2017
This repo needs to be forked. Maybe Streisand effect will help.
zb3 repliedAug 11, 2017
This repo needs to be forked. Maybe Streisand effect will help.
This comment has been minimized.
jspenguin2017Aug 11, 2017
Oh well, time to set up my GitLab server.
jspenguin2017 repliedAug 11, 2017
Oh well, time to set up my GitLab server.
This comment has been minimized.
pglAug 11, 2017
@lol768 There is a fairly good list in this Hacker News article.
I've added them all to my list (except for the ones noted below as not currently in use.)
They are here for reference: https://pgl.yoyo.org/adservers/admiral-domains.txt
pgl repliedAug 11, 2017
•
edited
Edited 1 time
-
pgl
edited Aug 11, 2017 (most recent)
@lol768 There is a fairly good list in this Hacker News article.
I've added them all to my list (except for the ones noted below as not currently in use.)
They are here for reference: https://pgl.yoyo.org/adservers/admiral-domains.txt
This comment has been minimized.
a-raccoonAug 11, 2017
Seems to me we just received a DMCA letter to alter our Firewall Rules. Next up: Malware sites issuing DMCA letters to Anti-virus and Web-protect sites (like Google) to have their domains removed from firewall blocking. (Firewall is generic term for like-technologies)
I don't care who these guys are or who's paying for their product; I don't want my computers connecting to their servers, and I don't want to become their product.
We have to make this news go full Streisand Effect!
a-raccoon repliedAug 11, 2017
•
edited
Edited 1 time
-
a-raccoon
edited Aug 11, 2017 (most recent)
Seems to me we just received a DMCA letter to alter our Firewall Rules. Next up: Malware sites issuing DMCA letters to Anti-virus and Web-protect sites (like Google) to have their domains removed from firewall blocking. (Firewall is generic term for like-technologies)
I don't care who these guys are or who's paying for their product; I don't want my computers connecting to their servers, and I don't want to become their product.
We have to make this news go full Streisand Effect!
This comment has been minimized.
7PassAug 11, 2017
So any ad serving company can now setup DRM business, which serves exactly one customer: their site, can then exclude them from block lists using DMCA? That's convenient.
@pgl Thanks for the domain list. Quick and simple fix.
7Pass repliedAug 11, 2017
•
edited
Edited 1 time
-
7Pass
edited Aug 11, 2017 (most recent)
So any ad serving company can now setup DRM business, which serves exactly one customer: their site, can then exclude them from block lists using DMCA? That's convenient.
@pgl Thanks for the domain list. Quick and simple fix.
This comment has been minimized.
DXGLdotinfoAug 11, 2017
+zb3 That would be a horrible idea, as it would fragment the efforts of this.
I would say to watch this: https://www.youtube.com/watch?v=LZwLbZ5boZ4 (deals with another frautulent DMCA complaint)
+a-raccoon Next thing, a porn site DMCAs OpenDNS because their web filter circumvents their ability to be accessed by OpenDNS web filter consumers?
This "functionalclam" service is not an effective access control, if circumventing it is as easy as blocking the entire website. If this were to go to court, EasyList would prevail hands down.
DXGLdotinfo repliedAug 11, 2017
+zb3 That would be a horrible idea, as it would fragment the efforts of this.
I would say to watch this: https://www.youtube.com/watch?v=LZwLbZ5boZ4 (deals with another frautulent DMCA complaint)
+a-raccoon Next thing, a porn site DMCAs OpenDNS because their web filter circumvents their ability to be accessed by OpenDNS web filter consumers?
This "functionalclam" service is not an effective access control, if circumventing it is as easy as blocking the entire website. If this were to go to court, EasyList would prevail hands down.
This comment has been minimized.
miguelmotaAug 11, 2017
What if we hash all the domains in the list? AdBlock clients can then just compare the hash. Does DMCA still apply?
miguelmota repliedAug 11, 2017
What if we hash all the domains in the list? AdBlock clients can then just compare the hash. Does DMCA still apply?
This comment has been minimized.
pglAug 11, 2017
@7Pass Feel free to use the rest of my list as well. :)
pgl repliedAug 11, 2017
@7Pass Feel free to use the rest of my list as well. :)
This comment has been minimized.
aknoohAug 11, 2017
@miguelmota hashing the names would not serve anything for such DMCA request, and it would make the repo very hard to maintain.
aknooh repliedAug 11, 2017
•
edited
Edited 1 time
-
aknooh
edited Aug 11, 2017 (most recent)
@miguelmota hashing the names would not serve anything for such DMCA request, and it would make the repo very hard to maintain.
This comment has been minimized.
a-raccoonAug 11, 2017
Can we get a representative from GitHub, Inc. to comment here?
a-raccoon repliedAug 11, 2017
Can we get a representative from GitHub, Inc. to comment here?
This comment has been minimized.
DXGLdotinfoAug 11, 2017
@miguelmota DMCA should not apply even in this situation as the line in the blacklist is nothing more than blocking a whole website. You can sinkhole it in your HOSTS file just as easily.
I actually submitted the domain to MysteryFCM at hosts-file.net (not sure if he is willing to add it because while he is in the UK hpHosts is owned by Malwarebytes which I believe is US-based).
DXGLdotinfo repliedAug 11, 2017
@miguelmota DMCA should not apply even in this situation as the line in the blacklist is nothing more than blocking a whole website. You can sinkhole it in your HOSTS file just as easily.
I actually submitted the domain to MysteryFCM at hosts-file.net (not sure if he is willing to add it because while he is in the UK hpHosts is owned by Malwarebytes which I believe is US-based).
This comment has been minimized.
7PassAug 11, 2017
I would suggest a new feature in Adblockers which instead of blocking ads, it block sites that use a specific ad server. In this case, any site that send requests to functionalclam will be blocked and replaced with a blank page and text to explain that the page was blocked.
This way, we do not need to worry about DMCA because there's no DRM if the whole page is blocked. We would then punish their customer instead of the ad services.
7Pass repliedAug 11, 2017
I would suggest a new feature in Adblockers which instead of blocking ads, it block sites that use a specific ad server. In this case, any site that send requests to functionalclam will be blocked and replaced with a blank page and text to explain that the page was blocked.
This way, we do not need to worry about DMCA because there's no DRM if the whole page is blocked. We would then punish their customer instead of the ad services.
This comment has been minimized.
DXGLdotinfoAug 11, 2017
@7Pass This could be doable if the adblockers were to add a new API to block the entire webpage if it has a banned match in it. However, it cannot effectively block the page as the browser still needs to load the page in order for the adblock filter to take effect, unlike how the existing lists prevent requests from even being issued by the browser.
DXGLdotinfo repliedAug 11, 2017
@7Pass This could be doable if the adblockers were to add a new API to block the entire webpage if it has a banned match in it. However, it cannot effectively block the page as the browser still needs to load the page in order for the adblock filter to take effect, unlike how the existing lists prevent requests from even being issued by the browser.
This comment has been minimized.
BeavingAug 11, 2017
Unbelievable. If users can access copyrighted works simply by blocking a connection, their customers should really think why they even hired them. Sad that you did not counter DMCA immediately. EFF would surely be interested to help. Usually after a counter DMCA you won't hear anything from them anymore, I don't think they would escalate this any further to a lawsuit. Lets just hope everyone will soon block their site by default.
Beaving repliedAug 11, 2017
Unbelievable. If users can access copyrighted works simply by blocking a connection, their customers should really think why they even hired them. Sad that you did not counter DMCA immediately. EFF would surely be interested to help. Usually after a counter DMCA you won't hear anything from them anymore, I don't think they would escalate this any further to a lawsuit. Lets just hope everyone will soon block their site by default.
This comment has been minimized.
daumillerAug 11, 2017
The takedown request has finally appeared on GitHub's DMCA repo. https://github.com/github/dmca/blob/master/2017/2017-08-02-LevenLabs.md
daumiller repliedAug 11, 2017
The takedown request has finally appeared on GitHub's DMCA repo. https://github.com/github/dmca/blob/master/2017/2017-08-02-LevenLabs.md
This comment has been minimized.
DXGLdotinfoAug 11, 2017
Does HOSTS work on IP addresses like that on all platforms?
And if Leven Labs were to DMCA the reply by @Skaendoit would be yet another offense of perjury.
DXGLdotinfo repliedAug 11, 2017
•
edited
Edited 1 time
-
DXGLdotinfo
edited Aug 11, 2017 (most recent)
Does HOSTS work on IP addresses like that on all platforms?
And if Leven Labs were to DMCA the reply by @Skaendoit would be yet another offense of perjury.
This comment has been minimized.
roadhazardAug 11, 2017
I heard about this from another site and registered a Github account just to say this. Is the following possible; get a list of every. single. site. that uses BlockAdBlock and blacklist those sites completely! I KIND OF see their point about bypassing paywalls to get to protected content. But, if the entire site is blocked, not just the paywall roadblock, what could they cry about then? That's what I do now, if I visit a site that tells me to remove AdBlockPlus before I can see their content, I simple close the tab and don't bother going back there. As far as I'm concerned, no loss on my part. As others have said, this is a test case and if it stands, it will open the gates for others to abuse the DMCA process and Easylist will become useless as will uBo and all the others. Might be time to host Adblock and/or Easylist in a country that is beyond DMCA, if such a country exists. Maybe Turkey? North Korea?
roadhazard repliedAug 11, 2017
I heard about this from another site and registered a Github account just to say this. Is the following possible; get a list of every. single. site. that uses BlockAdBlock and blacklist those sites completely! I KIND OF see their point about bypassing paywalls to get to protected content. But, if the entire site is blocked, not just the paywall roadblock, what could they cry about then? That's what I do now, if I visit a site that tells me to remove AdBlockPlus before I can see their content, I simple close the tab and don't bother going back there. As far as I'm concerned, no loss on my part. As others have said, this is a test case and if it stands, it will open the gates for others to abuse the DMCA process and Easylist will become useless as will uBo and all the others. Might be time to host Adblock and/or Easylist in a country that is beyond DMCA, if such a country exists. Maybe Turkey? North Korea?
This comment has been minimized.
DXGLdotinfoAug 11, 2017
@roadhazard The removed line does just that, blocks an entire website. What Leven Labs is demanding is to prevent end users from blocking access to their sites.
Placing the list outside the USA would not prevent liability from US based complainants, as is the case here.
Also North Korea is a completely Bad Idea™ as I am 99% sure the lists contain or reference content strictly banned by their government and they don't have enough IP addresses to host anything other than government propaganda.
DXGLdotinfo repliedAug 11, 2017
•
edited
Edited 1 time
-
DXGLdotinfo
edited Aug 11, 2017 (most recent)
@roadhazard The removed line does just that, blocks an entire website. What Leven Labs is demanding is to prevent end users from blocking access to their sites.
Placing the list outside the USA would not prevent liability from US based complainants, as is the case here.
Also North Korea is a completely Bad Idea™ as I am 99% sure the lists contain or reference content strictly banned by their government and they don't have enough IP addresses to host anything other than government propaganda.
This comment has been minimized.
DXGLdotinfoAug 11, 2017
@skaendo The file in Windows is %WINDIR%\System32\drivers\etc\hosts
On 64-bit systems, that directory needs to be accessed from a 64-bit view, for example opening the 64-bit version of Command Prompt and not the version in SYSWOW64.
DXGLdotinfo repliedAug 11, 2017
•
edited
Edited 1 time
-
DXGLdotinfo
edited Aug 11, 2017 (most recent)
@skaendo The file in Windows is %WINDIR%\System32\drivers\etc\hosts
On 64-bit systems, that directory needs to be accessed from a 64-bit view, for example opening the 64-bit version of Command Prompt and not the version in SYSWOW64.
This comment has been minimized.
roadhazardAug 11, 2017
@WilliamFeely Oh, OK. Now I understand better. WOW, this makes things 10,000 worse. What in the actual F!??!
roadhazard repliedAug 11, 2017
@WilliamFeely Oh, OK. Now I understand better. WOW, this makes things 10,000 worse. What in the actual F!??!
This comment has been minimized.
roadhazardAug 11, 2017
Crazy question, what feeds into Easylist? How hard would it be for me to stand up my own Easylist server at my house and just point all my PCs to it? How much effort to stay on top of it and keep it updated?
roadhazard repliedAug 11, 2017
Crazy question, what feeds into Easylist? How hard would it be for me to stand up my own Easylist server at my house and just point all my PCs to it? How much effort to stay on top of it and keep it updated?
This comment has been minimized.
jspenguin2017Aug 11, 2017
@WilliamFeely HOSTS file is a guide, browsers do not have to check it. You should just add the filter to your ad blocker yourself, easy and reliable.
https://superuser.com/questions/723703/why-is-chromium-bypassing-etc-hosts-and-dnsmasq
@roadhazard Not hard to get it up and running, but keep things in sync can be tricky.
jspenguin2017 repliedAug 11, 2017
•
edited
Edited 1 time
-
jspenguin2017
edited Aug 11, 2017 (most recent)
@WilliamFeely HOSTS file is a guide, browsers do not have to check it. You should just add the filter to your ad blocker yourself, easy and reliable.
https://superuser.com/questions/723703/why-is-chromium-bypassing-etc-hosts-and-dnsmasq
@roadhazard Not hard to get it up and running, but keep things in sync can be tricky.
This comment has been minimized.
jspenguin2017Aug 11, 2017
@skaendo I recommend setting up a private GitLab server, the installation is pretty automated, pretty easy to use, though I'm not sure how to keep things in sync.
jspenguin2017 repliedAug 11, 2017
@skaendo I recommend setting up a private GitLab server, the installation is pretty automated, pretty easy to use, though I'm not sure how to keep things in sync.
This comment has been minimized.
a-raccoonAug 11, 2017
Maybe a clever solution... Feature suggestion for ad blockers using EasyList:
Since the DMCA only requires that EasyList take the domain off of its list, but cannot compel EasyList to assert a "remove command", the domain is never actually removed from existing ad blocker deployments. Think of it in the same reversed terms as how a 'warrant canary' works. Figure out what minimum effort EasyList is compelled to do under law, and see to it those actions alone don't really change much of anything.
ALSO, investigate what Google does when it removes a site from its search results due to DMCA takedown request. Google maintains a public list of all the URIs (domains included) of each takedown request. I recommend introducing a EasyList-DMCA-Removals parallel list.
a-raccoon repliedAug 11, 2017
•
edited
Edited 1 time
-
a-raccoon
edited Aug 11, 2017 (most recent)
Maybe a clever solution... Feature suggestion for ad blockers using EasyList:
Since the DMCA only requires that EasyList take the domain off of its list, but cannot compel EasyList to assert a "remove command", the domain is never actually removed from existing ad blocker deployments. Think of it in the same reversed terms as how a 'warrant canary' works. Figure out what minimum effort EasyList is compelled to do under law, and see to it those actions alone don't really change much of anything.
ALSO, investigate what Google does when it removes a site from its search results due to DMCA takedown request. Google maintains a public list of all the URIs (domains included) of each takedown request. I recommend introducing a EasyList-DMCA-Removals parallel list.
This comment has been minimized.
udaAug 11, 2017
Either it is something I don't get about DMCA or this request is abusing the DMCA for something that clearly isn't in breach.
Admiral CEO's post makes a point that by putting the domains on the list and blocking their content, it is possible to circumventing some access controls, from what I know as a developer, you gotta be a really bad developer to allow access by simply having some JavaScript blocked.
So from where I stand, it would seem that Admiral's developers are the ones who created back-doors to their customer's content and not this list, and Dan Rua is simply looking for a scapegoat to come out well in the eyes of those customers.
uda repliedAug 11, 2017
Either it is something I don't get about DMCA or this request is abusing the DMCA for something that clearly isn't in breach.
Admiral CEO's post makes a point that by putting the domains on the list and blocking their content, it is possible to circumventing some access controls, from what I know as a developer, you gotta be a really bad developer to allow access by simply having some JavaScript blocked.
So from where I stand, it would seem that Admiral's developers are the ones who created back-doors to their customer's content and not this list, and Dan Rua is simply looking for a scapegoat to come out well in the eyes of those customers.
This comment has been minimized.
DXGLdotinfoAug 11, 2017
@ida
If it is all about JavaScript does that make the security slider in Tor Browser (or any other browser means of turning off JavaScript) a circumvention device?
DXGLdotinfo repliedAug 11, 2017
@ida
If it is all about JavaScript does that make the security slider in Tor Browser (or any other browser means of turning off JavaScript) a circumvention device?
This comment has been minimized.
cleverkraftAug 11, 2017
I would think this DMCA claim is invalid because EasyList is not primarily used to circumvent access to copyrighted content. As the DMCA says
Admiral can say the server isn't serving ads but it IS used for tracking people. And the primary function of EasyList is to prevent ads from loading and users from being tracked. The fact that Admiral claims that their protection system is circumvented when the domain is blocked is THEIR problem since EasyList is provably NOT a circumvention tool.
cleverkraft repliedAug 11, 2017
•
edited
Edited 1 time
-
cleverkraft
edited Aug 11, 2017 (most recent)
I would think this DMCA claim is invalid because EasyList is not primarily used to circumvent access to copyrighted content. As the DMCA says
Admiral can say the server isn't serving ads but it IS used for tracking people. And the primary function of EasyList is to prevent ads from loading and users from being tracked. The fact that Admiral claims that their protection system is circumvented when the domain is blocked is THEIR problem since EasyList is provably NOT a circumvention tool.
This comment has been minimized.
udaAug 11, 2017
@WilliamFeely surely not.
If a website has a paywall that loads all content but hides them via JavaScript, then they are using the wrong tool. you can't blame someone of circumventing access control for bypassing something that isn't meant for controlling access.
uda repliedAug 11, 2017
@WilliamFeely surely not.
If a website has a paywall that loads all content but hides them via JavaScript, then they are using the wrong tool. you can't blame someone of circumventing access control for bypassing something that isn't meant for controlling access.
This comment has been minimized.
a-raccoonAug 11, 2017
Are they using all these 100+ different domains to implement an HSTS fingerprinting attack? If you treat the HTTPS redirect ON / OFF of each domain as a single bit to a large 100+bit value, you wind up with each browser having a unique fingerprint. These "HSTS cookies" can be detected by an ad agency across any site that uses its ad services; These "HSTS cookies" cannot be deleted from a browser (per specification); These "HSTS cookies" reveal a user's identity even while they are in Private Browsing / Incognito mode.
Can anyone confirm my suspicions by looking at their code?
a-raccoon repliedAug 11, 2017
•
edited
Edited 1 time
-
a-raccoon
edited Aug 11, 2017 (most recent)
Are they using all these 100+ different domains to implement an HSTS fingerprinting attack? If you treat the HTTPS redirect ON / OFF of each domain as a single bit to a large 100+bit value, you wind up with each browser having a unique fingerprint. These "HSTS cookies" can be detected by an ad agency across any site that uses its ad services; These "HSTS cookies" cannot be deleted from a browser (per specification); These "HSTS cookies" reveal a user's identity even while they are in Private Browsing / Incognito mode.
Can anyone confirm my suspicions by looking at their code?
This comment has been minimized.
AtavicAug 11, 2017
@ameshkov asked for DMCA request here.
DMCA REQUEST:
https://github.com/github/dmca/blob/ff44d37f62d772bfec5fd4327e4a2009b9ad47aa/2017/2017-08-02-LevenLabs.md
Atavic repliedAug 11, 2017
@ameshkov asked for DMCA request here.
DMCA REQUEST:
https://github.com/github/dmca/blob/ff44d37f62d772bfec5fd4327e4a2009b9ad47aa/2017/2017-08-02-LevenLabs.md
This comment has been minimized.
senposageAug 11, 2017
commit should be reverted you can't copy right a domain further more its of violation of NO law to block a domain,regardless of what that domain is used for,further more if your drm is shitty enough to be-defeated by blocking one host then its of no use to anybody
senposage repliedAug 11, 2017
commit should be reverted you can't copy right a domain further more its of violation of NO law to block a domain,regardless of what that domain is used for,further more if your drm is shitty enough to be-defeated by blocking one host then its of no use to anybody
This comment has been minimized.
DXGLdotinfoAug 11, 2017
@senposage It would help if you used proper capitalization and spelling (copyright is one word) and that you do not use profanities.
DXGLdotinfo repliedAug 11, 2017
@senposage It would help if you used proper capitalization and spelling (copyright is one word) and that you do not use profanities.
This comment has been minimized.
senposageAug 11, 2017
no it would not help the point stands period end of discussion
senposage repliedAug 11, 2017
no it would not help the point stands period end of discussion
This comment has been minimized.
DXGLdotinfoAug 11, 2017
Are you able to properly capitalize and punctuate?
Even my phone keyboard helps do it for me.
DXGLdotinfo repliedAug 11, 2017
Are you able to properly capitalize and punctuate?
Even my phone keyboard helps do it for me.
This comment has been minimized.
jbruchonAug 11, 2017
This DMCA takedown is not allowed by copyright law. It should not be complied with. Furthermore, I'm adding this to all my personal adblock lists permanently in protest.
jbruchon repliedAug 11, 2017
•
edited
Edited 1 time
-
jbruchon
edited Aug 11, 2017 (most recent)
This DMCA takedown is not allowed by copyright law. It should not be complied with. Furthermore, I'm adding this to all my personal adblock lists permanently in protest.
This comment has been minimized.
DXGLdotinfoAug 11, 2017
@jbruchon GitHub does not have the legal capacity to determine the validity, just as YouTube does not have the legal capacity to stop Alex Mauer takedown notices. @ryanbr should consider filing a counter-notice due to its invalidity.
DXGLdotinfo repliedAug 11, 2017
@jbruchon GitHub does not have the legal capacity to determine the validity, just as YouTube does not have the legal capacity to stop Alex Mauer takedown notices. @ryanbr should consider filing a counter-notice due to its invalidity.
This comment has been minimized.
jbruchonAug 11, 2017
@WilliamFeely Agreed, a counter-notice is the best solution. Then they have to take it to court and subsequently get laughed out of it.
jbruchon repliedAug 11, 2017
@WilliamFeely Agreed, a counter-notice is the best solution. Then they have to take it to court and subsequently get laughed out of it.
This comment has been minimized.
DXGLdotinfoAug 11, 2017
@jbruchon Or 10 business days pass without response from the complainant and Github gives the green light to re-post.
DXGLdotinfo repliedAug 11, 2017
@jbruchon Or 10 business days pass without response from the complainant and Github gives the green light to re-post.
This comment has been minimized.
ameshkovAug 11, 2017
@WilliamFeely
Meanwhile, the repo will be disrupted or blocked until the counter-notice is ready. Filing a counter-notice will be quite expensive also.
And this will be extremely expensive. We're talking about a community-driven project here.
ameshkov repliedAug 11, 2017
@WilliamFeely
Meanwhile, the repo will be disrupted or blocked until the counter-notice is ready. Filing a counter-notice will be quite expensive also.
And this will be extremely expensive. We're talking about a community-driven project here.
This comment has been minimized.
DXGLdotinfoAug 11, 2017
Counter notice is free if there is no lawsuit. Wonder why nobody mentions GoFundMe? Snopes got over half a million in donations in a day to fight their legal troubles.
Surely EasyList is popular enough to drum up that kind of support?
DXGLdotinfo repliedAug 11, 2017
•
edited
Edited 1 time
-
DXGLdotinfo
edited Aug 11, 2017 (most recent)
Counter notice is free if there is no lawsuit. Wonder why nobody mentions GoFundMe? Snopes got over half a million in donations in a day to fight their legal troubles.
Surely EasyList is popular enough to drum up that kind of support?
This comment has been minimized.
TopperfalkonAug 11, 2017
@uda this point exactly. You are not preventing copyright infringement if you use javascript to hide content already served to the user agent. At that point it's trivial to disable javascript, and if the entire content is served as static html in the first instance then some browsers are incapable of running said scripts in any case. That's not circumvention, that's the copyright holder not actually trying to protect their stuff.
Topperfalkon repliedAug 11, 2017
@uda this point exactly. You are not preventing copyright infringement if you use javascript to hide content already served to the user agent. At that point it's trivial to disable javascript, and if the entire content is served as static html in the first instance then some browsers are incapable of running said scripts in any case. That's not circumvention, that's the copyright holder not actually trying to protect their stuff.
This comment has been minimized.
AtavicAug 11, 2017
There's no copyright infringement in this repository. Either with that URL or without it.
Atavic repliedAug 11, 2017
There's no copyright infringement in this repository. Either with that URL or without it.
This comment has been minimized.
eligreyAug 11, 2017
Please do not comply with frivolous DMCA takedowns. Tell GitHub that you wish to contest the takedown and file a counter-notice.
eligrey repliedAug 11, 2017
•
edited
Edited 1 time
-
eligrey
edited Aug 12, 2017 (most recent)
Please do not comply with frivolous DMCA takedowns. Tell GitHub that you wish to contest the takedown and file a counter-notice.
This comment has been minimized.
jnovackAug 11, 2017
Just make a separate file of all the domains that have made a DMCA request.
The list should only be used as an enumerated list of DMCA take-down requests and nothing more.
jnovack repliedAug 11, 2017
Just make a separate file of all the domains that have made a DMCA request.
The list should only be used as an enumerated list of DMCA take-down requests and nothing more.
This comment has been minimized.
BeavingAug 11, 2017
@ameshkov A counter notice would not be expensive. You just need to affirm that the content you offer is not violating their rights. No need to explain any further. It can be as broad as you want. 5 minutes of your time, no lawyer needed. When GitHub receives a DMCA, it deactivates the content, when GitHub receives a counter DMCA, it enables it again. The parties can battle in court then.
Beaving repliedAug 11, 2017
@ameshkov A counter notice would not be expensive. You just need to affirm that the content you offer is not violating their rights. No need to explain any further. It can be as broad as you want. 5 minutes of your time, no lawyer needed. When GitHub receives a DMCA, it deactivates the content, when GitHub receives a counter DMCA, it enables it again. The parties can battle in court then.
This comment has been minimized.
hook54321Aug 11, 2017
I've seen some media outlets post a link to this page, if you've come from one of those and don't have something constructive or helpful to say and just want to express your anger at this then do it here instead: https://discord.me/BlockAdmiral
hook54321 repliedAug 11, 2017
I've seen some media outlets post a link to this page, if you've come from one of those and don't have something constructive or helpful to say and just want to express your anger at this then do it here instead: https://discord.me/BlockAdmiral
This comment has been minimized.
jawz101Aug 11, 2017
heuristic blocking would solve this, right?
jawz101 repliedAug 11, 2017
•
edited
Edited 1 time
-
jawz101
edited Aug 11, 2017 (most recent)
heuristic blocking would solve this, right?
This comment has been minimized.
ameshkovAug 11, 2017
@Beaving @WilliamFeely
I think what we should do is not just blindly demand to reinstate the domain but to let EasyList people know that they can rely on us, and we're ready to support them.
ameshkov repliedAug 11, 2017
•
edited
Edited 1 time
-
ameshkov
edited Aug 11, 2017 (most recent)
@Beaving @WilliamFeely
I think what we should do is not just blindly demand to reinstate the domain but to let EasyList people know that they can rely on us, and we're ready to support them.
This comment has been minimized.
ameshkovAug 11, 2017
Yes. Remember the news about perceptual ad blocker? It is time to seriously consider implementing this technology in the main stream ad blockers.
ameshkov repliedAug 11, 2017
Yes. Remember the news about perceptual ad blocker? It is time to seriously consider implementing this technology in the main stream ad blockers.
This comment has been minimized.
nsqeAug 11, 2017
Hey, all.
A couple of people have reached out to GitHub and asked us to weigh in here. Hi.
We follow the DMCA framework when we receive a complaint with sufficient details. In this case, we received a complaint based on a theory of anti-circumvention.
We apologize if our delay in posting the notice led to any confusion. According to our policy, we allow the repository owner a window of time to make changes before we post the notices, and we also take time to redact any personal information.
To clarify, the dmcahelper account is not affiliated with GitHub.
Hannah Poteat
Privacy & IP Counsel
GitHub, Inc.
nsqe repliedAug 11, 2017
Hey, all.
A couple of people have reached out to GitHub and asked us to weigh in here. Hi.
We follow the DMCA framework when we receive a complaint with sufficient details. In this case, we received a complaint based on a theory of anti-circumvention.
We apologize if our delay in posting the notice led to any confusion. According to our policy, we allow the repository owner a window of time to make changes before we post the notices, and we also take time to redact any personal information.
To clarify, the dmcahelper account is not affiliated with GitHub.
Hannah Poteat
Privacy & IP Counsel
GitHub, Inc.
This comment has been minimized.
hook54321Aug 11, 2017
@ameshkov
Could they form an LLC and then issue a counter-notice?
hook54321 repliedAug 11, 2017
@ameshkov
Could they form an LLC and then issue a counter-notice?
This comment has been minimized.
jspenguin2017Aug 11, 2017
@hook54321a That would be too complex and too much work. Since EFF offered help, I guess leaving it to them is the best.
jspenguin2017 repliedAug 11, 2017
@hook54321a That would be too complex and too much work. Since EFF offered help, I guess leaving it to them is the best.
This comment has been minimized.
hook54321Aug 11, 2017
@gorhill Look who's following you on twitter.
hook54321 repliedAug 11, 2017
@gorhill Look who's following you on twitter.
This comment has been minimized.
jawz101Aug 11, 2017
@ameshkov
If I recall, that method was more like a cosmetic blocking. Doesn't do anything to reduce the bandwidth or tracking that could come along with an image. I'm all for hiding stuff but I'd rather firewall the traffic. In-browser would be slick.
I'm thinking more like Privacy Badger, Karma Blocker, LibreJS, Kaspersky Banner Ad Blocker, Bluehell firewall (which is just a big regex string), and Privoxy or Proxomitron (I can't remember which was rule-based. Maybe both.) It may be that building an app which lets you adjust thresholds for variables of certain characteristics of content might be a good approach to learn out to hone in on what constitutes unwanted content. Say, strip out all content that's a transparent pixel. junk like that.
But also look at more modern tracking techniques such as registering service workers, reading sensor values and junk.
I assume it would take a lot of harvesting of desired and undesired javascript and content to come up with some good rules.
Or an easier untrust-all approach.
jawz101 repliedAug 11, 2017
•
edited
Edited 1 time
-
jawz101
edited Aug 11, 2017 (most recent)
@ameshkov
If I recall, that method was more like a cosmetic blocking. Doesn't do anything to reduce the bandwidth or tracking that could come along with an image. I'm all for hiding stuff but I'd rather firewall the traffic. In-browser would be slick.
I'm thinking more like Privacy Badger, Karma Blocker, LibreJS, Kaspersky Banner Ad Blocker, Bluehell firewall (which is just a big regex string), and Privoxy or Proxomitron (I can't remember which was rule-based. Maybe both.) It may be that building an app which lets you adjust thresholds for variables of certain characteristics of content might be a good approach to learn out to hone in on what constitutes unwanted content. Say, strip out all content that's a transparent pixel. junk like that.
But also look at more modern tracking techniques such as registering service workers, reading sensor values and junk.
I assume it would take a lot of harvesting of desired and undesired javascript and content to come up with some good rules.
Or an easier untrust-all approach.
This comment has been minimized.
DXGLdotinfoAug 11, 2017
+hook54321a
To break the following it is simple - click Block then immediately unblock. I do that all the time on my Twitter to kick spam followers that don't quite require blocking.
DXGLdotinfo repliedAug 11, 2017
+hook54321a
To break the following it is simple - click Block then immediately unblock. I do that all the time on my Twitter to kick spam followers that don't quite require blocking.
This comment has been minimized.
Betsy25Aug 11, 2017
What about a dummy script, which some of the better ad-blockers already make use of.
NOBODY can claim the ownership of a dummy script that wasn't written by themselves.
Betsy25 repliedAug 11, 2017
•
edited
Edited 1 time
-
Betsy25
edited Aug 11, 2017 (most recent)
What about a dummy script, which some of the better ad-blockers already make use of.
NOBODY can claim the ownership of a dummy script that wasn't written by themselves.
This comment has been minimized.
40cccAug 11, 2017
Long term, ditch GitHub and utilise some form of decentralised file hosting?
40ccc repliedAug 11, 2017
Long term, ditch GitHub and utilise some form of decentralised file hosting?
This comment has been minimized.
TanathAug 11, 2017
It seems to me that they're circumventing my access controls.
Tanath repliedAug 11, 2017
It seems to me that they're circumventing my access controls.
This comment has been minimized.
mgomersbachAug 11, 2017
@Tanath interesting point. Is that legal?
mgomersbach repliedAug 11, 2017
@Tanath interesting point. Is that legal?
This comment has been minimized.
7PassAug 11, 2017
Let's create a new list for GetAdmiral customers so we can punish their customers while not bypassing their DRM. I don't think it's fair to ask the maintainers of EasyList to fight the legal system for us, we have to make sure that no other ad servers dare to use DMCA again, and best would be for GetAdmiral to be recorded in history of Internet for the worse failure.
7Pass repliedAug 11, 2017
Let's create a new list for GetAdmiral customers so we can punish their customers while not bypassing their DRM. I don't think it's fair to ask the maintainers of EasyList to fight the legal system for us, we have to make sure that no other ad servers dare to use DMCA again, and best would be for GetAdmiral to be recorded in history of Internet for the worse failure.
This comment has been minimized.
31bbbAug 11, 2017
Lets move the list outside of US jurisdiction; problem solved.
The list should not be moved to a country that is headquartered in the US; or is part of the "five eyes"; I suggest Germany? Or, if you really want to shake shit up, Russia?
Another method is to setup p2p.
Another method is to purchase a VPS and just use gitlab.
31bbb repliedAug 11, 2017
•
edited
Edited 1 time
-
31bbb
edited Aug 11, 2017 (most recent)
Lets move the list outside of US jurisdiction; problem solved.
The list should not be moved to a country that is headquartered in the US; or is part of the "five eyes"; I suggest Germany? Or, if you really want to shake shit up, Russia?
Another method is to setup p2p.
Another method is to purchase a VPS and just use gitlab.
This comment has been minimized.
DXGLdotinfoAug 11, 2017
@bbb31
Not at all problem solved, and you run the risk of referenced domains in the list violating local censorship laws which could give rise to criminal liability.
If you live in the US you cannot escape US jurisdiction by hosting abroad, in fact doing so means you consent to not the US and foreign jurisdictions.
Germany has laws against Nazi imagery, so if any websites in the list have that that would be hazardous. Russia has all sorts of censorship laws that would make the list a minefield.
DXGLdotinfo repliedAug 11, 2017
•
edited
Edited 1 time
-
DXGLdotinfo
edited Aug 11, 2017 (most recent)
@bbb31
Not at all problem solved, and you run the risk of referenced domains in the list violating local censorship laws which could give rise to criminal liability.
If you live in the US you cannot escape US jurisdiction by hosting abroad, in fact doing so means you consent to not the US and foreign jurisdictions.
Germany has laws against Nazi imagery, so if any websites in the list have that that would be hazardous. Russia has all sorts of censorship laws that would make the list a minefield.
This comment has been minimized.
jbruchonAug 11, 2017
@WilliamFeely It seems to me that since the list is specifically a blocking list it can't really run afoul of censorship laws. I see ad blocking lists as a censorship mechanism controlled by the end user. I may be wrong and I'd be interested in hearing why I might be wrong.
jbruchon repliedAug 11, 2017
@WilliamFeely It seems to me that since the list is specifically a blocking list it can't really run afoul of censorship laws. I see ad blocking lists as a censorship mechanism controlled by the end user. I may be wrong and I'd be interested in hearing why I might be wrong.
This comment has been minimized.
DXGLdotinfoAug 11, 2017
@jbruchon I do suspect though the claims that hosting on a foreign server will prevent liability may be coming from those with misinformation regarding copyright law, as this is featured on the homepage of TorrentFreak today.
DXGLdotinfo repliedAug 11, 2017
@jbruchon I do suspect though the claims that hosting on a foreign server will prevent liability may be coming from those with misinformation regarding copyright law, as this is featured on the homepage of TorrentFreak today.
This comment has been minimized.
TopperfalkonAug 11, 2017
If you're considering alternate jurisdictions to host in, Iceland wouldn't be the worst bet. I'm sure Piratar would be able to offer some assistance.
Topperfalkon repliedAug 11, 2017
If you're considering alternate jurisdictions to host in, Iceland wouldn't be the worst bet. I'm sure Piratar would be able to offer some assistance.
This comment has been minimized.
SymbaiAug 12, 2017
The reactions here.... forks, blocking the site in Windows hosts lists. Did you ever considered that the DCMA owner don't care about you or the handful of people here? If they target Easylist then they care about all the subscribers (million) of people around the world who got the Easylist auto-updated in their adblockers. They will not know and automatically receive the list with the hostname removed.
So hosts/forks/other lists will not help. The only thing that actually does something useful is that EasyList gets out of range of DCMA and re-add the host, period.
The great majority of adblock users are people who just install an addon and expect everything to work and don't read github or changelogs or even touch any settings. And this DCMA request has targeted these users only cuz they build the majority. So please stop trying to pretend to fight back cuz you figured out how to edit a Windows host list. (Sorry for the harsh words but ive seen this discussion drifting away from the original problem).
Symbai repliedAug 12, 2017
The reactions here.... forks, blocking the site in Windows hosts lists. Did you ever considered that the DCMA owner don't care about you or the handful of people here? If they target Easylist then they care about all the subscribers (million) of people around the world who got the Easylist auto-updated in their adblockers. They will not know and automatically receive the list with the hostname removed.
So hosts/forks/other lists will not help. The only thing that actually does something useful is that EasyList gets out of range of DCMA and re-add the host, period.
The great majority of adblock users are people who just install an addon and expect everything to work and don't read github or changelogs or even touch any settings. And this DCMA request has targeted these users only cuz they build the majority. So please stop trying to pretend to fight back cuz you figured out how to edit a Windows host list. (Sorry for the harsh words but ive seen this discussion drifting away from the original problem).
This comment has been minimized.
burdgesAug 12, 2017
Admiral is inherently a huge malware risk vector. If you cannot block them directly, then you should block all their customers.
I'd suggest adding a new blocking mode to uBlock Origin where any page attempting to load the blocked content gets redirected to a very scary looking warning page, perhaps modeled after Google warning pages, except that users should be given the option to whitelist for a limited period of time, although few would do so when being warned about malware, etc.
burdges repliedAug 12, 2017
Admiral is inherently a huge malware risk vector. If you cannot block them directly, then you should block all their customers.
I'd suggest adding a new blocking mode to uBlock Origin where any page attempting to load the blocked content gets redirected to a very scary looking warning page, perhaps modeled after Google warning pages, except that users should be given the option to whitelist for a limited period of time, although few would do so when being warned about malware, etc.
This comment has been minimized.
patricknelsonAug 12, 2017
Admiral is just using this squarely as a means to boost their revenue and that of advertisers. They're taking advantage of Github's open platform to try and control publicly available information in order to profit and are working to delegitimize your freedom to simply not connect. If you use EasyList, you are expressing your desire (and freedom) not to connect and download advertising, spyware and possible malware attacks. Publishers who advertise are entirely capable of detecting this and preventing you from accessing their site. I see it all of the time and simply leave the website instead of disabling my ad blocker. This is a simple transaction and it forces us to make decisions so we can negotiate through our conscious actions.
They speak freely about this on their insecure homepage and they're boasting about this on their LinkedIn page: https://www.linkedin.com/company/getadmiral. And re: DMCA, Easylist, Adblock, Copyright Access Control & Admiral: 10 Things To Know This is precisely why their use of the weasel word
circumventingis so twisted, manipulative and intentionally misleading.I'm all for👍 @ameshkov's suggestion of moving this over to Gitlab or literally any other platform that will allow us to allow us to control how we use the Internet instead of allowing it to be unilaterally manipulated like this so transparently for the profit of a select few. I'm a fan of Github, but this is way too far. Let's move forward with #500 once we're off this platform.
patricknelson repliedAug 12, 2017
•
edited
Edited 1 time
-
patricknelson
edited Aug 12, 2017 (most recent)
Admiral is just using this squarely as a means to boost their revenue and that of advertisers. They're taking advantage of Github's open platform to try and control publicly available information in order to profit and are working to delegitimize your freedom to simply not connect. If you use EasyList, you are expressing your desire (and freedom) not to connect and download advertising, spyware and possible malware attacks. Publishers who advertise are entirely capable of detecting this and preventing you from accessing their site. I see it all of the time and simply leave the website instead of disabling my ad blocker. This is a simple transaction and it forces us to make decisions so we can negotiate through our conscious actions.
They speak freely about this on their insecure homepage and they're boasting about this on their LinkedIn page: https://www.linkedin.com/company/getadmiral. And re: DMCA, Easylist, Adblock, Copyright Access Control & Admiral: 10 Things To Know This is precisely why their use of the weasel word
circumventingis so twisted, manipulative and intentionally misleading.I'm all for👍 @ameshkov's suggestion of moving this over to Gitlab or literally any other platform that will allow us to allow us to control how we use the Internet instead of allowing it to be unilaterally manipulated like this so transparently for the profit of a select few. I'm a fan of Github, but this is way too far. Let's move forward with #500 once we're off this platform.
This comment has been minimized.
31bbbAug 12, 2017
To anyone interested in generating these lists locally, I have forked easylist added local template generation (maybe you feel like publishing these lists on S3 automatically?), and added the removed domain; and also re-added a list of the compiled domains related to "that" domain.
Since GH was adamant on the removal of source code; they probably will be adamant on the removal of this code as well; so fork away!
https://github.com/bbb31/easylist
31bbb repliedAug 12, 2017
•
edited
Edited 1 time
-
31bbb
edited Aug 12, 2017 (most recent)
To anyone interested in generating these lists locally, I have forked easylist added local template generation (maybe you feel like publishing these lists on S3 automatically?), and added the removed domain; and also re-added a list of the compiled domains related to "that" domain.
Since GH was adamant on the removal of source code; they probably will be adamant on the removal of this code as well; so fork away!
https://github.com/bbb31/easylist
This comment has been minimized.
DXGLdotinfoAug 12, 2017
@patricknelson
Unfortunately moving off GitHub would alienate a lot of contributors, and self hosted solutions could potentially become costly if the traffic gets high enough.
Also, would you mind finding a copy of that Linkedin page that doesn't require an account? I deleted my LinkedIn account because I didn't want my boss looking too far into my job-hunting activities.
DXGLdotinfo repliedAug 12, 2017
@patricknelson
Unfortunately moving off GitHub would alienate a lot of contributors, and self hosted solutions could potentially become costly if the traffic gets high enough.
Also, would you mind finding a copy of that Linkedin page that doesn't require an account? I deleted my LinkedIn account because I didn't want my boss looking too far into my job-hunting activities.
This comment has been minimized.
patricknelsonAug 12, 2017
@WilliamFeely I suppose you're right. What if @a-raccoon's idea of at least simply openly disclosing the list of domains removed due to DMCA requests? Per #501 This will allow people to be aware of the content that is no longer being blocked and it is up to them to continue using EasyList as they wish.
patricknelson repliedAug 12, 2017
•
edited
Edited 1 time
-
patricknelson
edited Aug 12, 2017 (most recent)
@WilliamFeely I suppose you're right. What if @a-raccoon's idea of at least simply openly disclosing the list of domains removed due to DMCA requests? Per #501 This will allow people to be aware of the content that is no longer being blocked and it is up to them to continue using EasyList as they wish.
This comment has been minimized.
DXGLdotinfoAug 12, 2017
That said, has the OP contacted EFF yet?
Until it gets reinstated, perhaps it would be a good idea for someone to maintain a "forbidden domains" list that can be imported into the "custom" section of one's adblocker? Most if not all adblockers allow for custom blacklist subscription URLs.
DXGLdotinfo repliedAug 12, 2017
That said, has the OP contacted EFF yet?
Until it gets reinstated, perhaps it would be a good idea for someone to maintain a "forbidden domains" list that can be imported into the "custom" section of one's adblocker? Most if not all adblockers allow for custom blacklist subscription URLs.
This comment has been minimized.
patricknelsonAug 12, 2017
@WilliamFeely I've edited my original comment to point to the public version of their page (lucky guess😉 ). See here: https://www.linkedin.com/company/getadmiral
patricknelson repliedAug 12, 2017
@WilliamFeely I've edited my original comment to point to the public version of their page (lucky guess😉 ). See here: https://www.linkedin.com/company/getadmiral
This comment has been minimized.
patricknelsonAug 12, 2017
I'd also propose a sort of dead man's switch approach; an automated list of domains removed from EasyList with comments containing the reason (or the commit message) for their removal. I think #501 is a good (but still manual) step in that that direction.
patricknelson repliedAug 12, 2017
I'd also propose a sort of dead man's switch approach; an automated list of domains removed from EasyList with comments containing the reason (or the commit message) for their removal. I think #501 is a good (but still manual) step in that that direction.
This comment has been minimized.
31bbbAug 12, 2017
I've added the "forbidden" list: https://github.com/bbb31/easylist/blob/master/forbidden/forbidden.txt send PR if you have others.
31bbb repliedAug 12, 2017
I've added the "forbidden" list: https://github.com/bbb31/easylist/blob/master/forbidden/forbidden.txt send PR if you have others.
This comment has been minimized.
hook54321Aug 12, 2017
Can we add all of their other domains to easylist since they haven't DMCA-ed those? We could do only one and wait for them to send a DMCA for that, then add another one, and then repeat, to waste their time.
hook54321 repliedAug 12, 2017
Can we add all of their other domains to easylist since they haven't DMCA-ed those? We could do only one and wait for them to send a DMCA for that, then add another one, and then repeat, to waste their time.
This comment has been minimized.
hook54321Aug 12, 2017
Brave handled it in an uhm, interesting way: brave/adblock-lists@2c0e86c
hook54321 repliedAug 12, 2017
•
edited
Edited 1 time
-
hook54321
edited Aug 12, 2017 (most recent)
Brave handled it in an uhm, interesting way: brave/adblock-lists@2c0e86c
This comment has been minimized.
ameshkovAug 12, 2017
FWIW, we're ready to sponsor the hosting if the guys decide to move the list. Can't say for others, but I guess they also do.
On the other hand, this does not completely solve the issue of a legal trolling and may be perceived as a retreat. Anyway, I'd like to assure EasyList maintainers that when they decide to take action, we will help them with all the means.
ameshkov repliedAug 12, 2017
FWIW, we're ready to sponsor the hosting if the guys decide to move the list. Can't say for others, but I guess they also do.
On the other hand, this does not completely solve the issue of a legal trolling and may be perceived as a retreat. Anyway, I'd like to assure EasyList maintainers that when they decide to take action, we will help them with all the means.
This comment has been minimized.
paulgbAug 12, 2017
I don't always use a blocker but I wanted to participate in the Streisand Effect happening here, so I created a browser extension that blocks Admiral. I will add other domains if other companies start to see legally threatening open-source projects as a way to have themselves removed from blacklists.
https://github.com/paulgb/BarbBlock
paulgb repliedAug 12, 2017
I don't always use a blocker but I wanted to participate in the Streisand Effect happening here, so I created a browser extension that blocks Admiral. I will add other domains if other companies start to see legally threatening open-source projects as a way to have themselves removed from blacklists.
https://github.com/paulgb/BarbBlock
This comment has been minimized.
M9kAug 12, 2017
Wait, what?
M9k repliedAug 12, 2017
Wait, what?
This comment has been minimized.
hook54321Aug 12, 2017
The issue with moving the list to another host is that it will kinda let Admiral win and will inconvenience other block lists on github.
hook54321 repliedAug 12, 2017
The issue with moving the list to another host is that it will kinda let Admiral win and will inconvenience other block lists on github.
This comment has been minimized.
hook54321Aug 12, 2017
gorhill/uBlock#2864 (comment)
hook54321 repliedAug 12, 2017
gorhill/uBlock#2864 (comment)
This comment has been minimized.
hook54321Aug 12, 2017
https://twitter.com/getadmiral/status/896486274466533381
hook54321 repliedAug 12, 2017
https://twitter.com/getadmiral/status/896486274466533381
This comment has been minimized.
hmageAug 13, 2017
https://www.whois.com/whois/104.155.48.223 --
The IP addresses under this netblock are in use by Google Cloud customersThey're using Google hosting.
hmage repliedAug 13, 2017
•
edited
Edited 1 time
-
hmage
edited Aug 13, 2017 (most recent)
https://www.whois.com/whois/104.155.48.223 --
The IP addresses under this netblock are in use by Google Cloud customersThey're using Google hosting.
This comment has been minimized.
ciravbotAug 13, 2017
This is why webpages should not be allowed to load anything third party, also why scripting should be disallowed period. So what are our options to fight admiral?
ciravbot repliedAug 13, 2017
This is why webpages should not be allowed to load anything third party, also why scripting should be disallowed period. So what are our options to fight admiral?
This comment has been minimized.
DXGLdotinfoAug 13, 2017
@ciravbot
With that in mind, do you know if OWASP ZAP can be configured to alert to all third party resources on a web server?
Also, might it be just about time to close this thread, as it has gotten a little out of hand, including with more than a few suggestions that could be considered bad legal advice?
DXGLdotinfo repliedAug 13, 2017
@ciravbot
With that in mind, do you know if OWASP ZAP can be configured to alert to all third party resources on a web server?
Also, might it be just about time to close this thread, as it has gotten a little out of hand, including with more than a few suggestions that could be considered bad legal advice?
This comment has been minimized.
divinity76Aug 13, 2017
hilariously, functionalclam.com say😆
HTTPS is used whenever possible- whilst the front page is 1 big jpg file, and neither the front page, nor the jpg file, is served over httpsdivinity76 repliedAug 13, 2017
•
edited
Edited 1 time
-
divinity76
edited Aug 13, 2017 (most recent)
hilariously, functionalclam.com say😆
HTTPS is used whenever possible- whilst the front page is 1 big jpg file, and neither the front page, nor the jpg file, is served over httpsThis comment has been minimized.
ciravbotAug 13, 2017
@WilliamFeely That I do not know yet. I am currently researching some options for both the short term with current tech and the long term with new tech. I do believe we are reaching a point where a new browser and rules are needed to help put an end to ads and their ability to detect/circumvent adblockers.
If the advertisers think they can employ DMCA to take us down, we too can do the same. Circumventing adblocking tech to shove ads and malware into a system should be met with the same.
DMCA as it stands now is an outdated system and needs to be repealed or replaced and the more news this gets as well as tieing up the courts will help this come about faster.
ciravbot repliedAug 13, 2017
@WilliamFeely That I do not know yet. I am currently researching some options for both the short term with current tech and the long term with new tech. I do believe we are reaching a point where a new browser and rules are needed to help put an end to ads and their ability to detect/circumvent adblockers.
If the advertisers think they can employ DMCA to take us down, we too can do the same. Circumventing adblocking tech to shove ads and malware into a system should be met with the same.
DMCA as it stands now is an outdated system and needs to be repealed or replaced and the more news this gets as well as tieing up the courts will help this come about faster.
This comment has been minimized.
DXGLdotinfoAug 13, 2017
+cirvabot it was actually a question regarding my own server in order find and destroy third-party resources.
Regarding your thoughts about DMCA, hopefully this is not abusing this unusual case in order to make it easier to distribute copyrighted works without permission.
Repealing 17 U.S. Code § 512 would put hosting providers in danger of liability for content they have no control over.
DXGLdotinfo repliedAug 13, 2017
•
edited
Edited 1 time
-
DXGLdotinfo
edited Aug 13, 2017 (most recent)
+cirvabot it was actually a question regarding my own server in order find and destroy third-party resources.
Regarding your thoughts about DMCA, hopefully this is not abusing this unusual case in order to make it easier to distribute copyrighted works without permission.
Repealing 17 U.S. Code § 512 would put hosting providers in danger of liability for content they have no control over.
This comment has been minimized.
ciravbotAug 13, 2017
I don't know what the answer is, there are plenty more people out there more qualified then I who can figure that one out. Something does need to change though and soon. This goes beyond shaving seconds off page load times and securing systems from bad actors on the net. Lists such as EasyList are simply a bandaide and we need to have a larger discussion about moving forward.
ciravbot repliedAug 13, 2017
I don't know what the answer is, there are plenty more people out there more qualified then I who can figure that one out. Something does need to change though and soon. This goes beyond shaving seconds off page load times and securing systems from bad actors on the net. Lists such as EasyList are simply a bandaide and we need to have a larger discussion about moving forward.
This comment has been minimized.
stefek99Aug 13, 2017
Part of the internet history.
stefek99 repliedAug 13, 2017
Part of the internet history.
This comment has been minimized.
alessiot89Aug 13, 2017
What about send a DMCA request to functionalclam?
alessiot89 repliedAug 13, 2017
What about send a DMCA request to functionalclam?
This comment has been minimized.
Serkan-develAug 14, 2017
We can make a meme out of this
Serkan-devel repliedAug 14, 2017
We can make a meme out of this
This comment has been minimized.
DXGLdotinfoAug 14, 2017
@Serkan-devel You mean actually infringe copyright with one of those low effort image macros or an animated GIF screencapped from a copyrighted TV show or movie?
There was no infringement yet on this list.
DXGLdotinfo repliedAug 14, 2017
@Serkan-devel You mean actually infringe copyright with one of those low effort image macros or an animated GIF screencapped from a copyrighted TV show or movie?
There was no infringement yet on this list.
This comment has been minimized.
lclhstrAug 14, 2017
Feel free to delete the comment. Or tell me and I'll delete it. Here it is, no infringement.
lclhstr repliedAug 14, 2017
Feel free to delete the comment. Or tell me and I'll delete it. Here it is, no infringement.
This comment has been minimized.
Serkan-develAug 14, 2017
DMCA-machine broke
Serkan-devel repliedAug 14, 2017
DMCA-machine broke
This comment has been minimized.
nekoswagAug 14, 2017
Ad peddlers - eat shit and die.
Also made sure to add this domain to all my filters manually now.
STREISAND
T
R
E
I
S
A
N
D
nekoswag repliedAug 14, 2017
•
edited
Edited 1 time
-
nekoswag
edited Aug 14, 2017 (most recent)
Ad peddlers - eat shit and die.
Also made sure to add this domain to all my filters manually now.
STREISAND
T
R
E
I
S
A
N
D
This comment has been minimized.
ryanbrAug 14, 2017
MemberLocking this, its run its course.
ryanbr repliedAug 14, 2017
Locking this, its run its course.