Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ghostery-collector.ghostery.com #197

Closed
Speciesx opened this issue Sep 23, 2018 · 9 comments
Closed

ghostery-collector.ghostery.com #197

Speciesx opened this issue Sep 23, 2018 · 9 comments

Comments

@Speciesx
Copy link

@Speciesx Speciesx commented Sep 23, 2018

Why the heck Ghostery try every 5 min to connect to ghostery-collector.ghostery.com?

ghostery

Firefox Nigthly
Ghostery 8.2.4
Windows 10

@philipp-classen
Copy link
Contributor

@philipp-classen philipp-classen commented Sep 25, 2018

ghostery-collector.ghostery.com is the endpoint for Human Web related communication.

If Human Web is enabled, Ghostery will poll the list of proxies (https://ghostery-collector.ghostery.com/v2/lookuptable). That explains the requests that you see. As the lists do not change often, we should increase the polling interval, which is currently set to five minutes.

Do you know which Pi-hole blocklist contains the rule? Contributing Human Web data is optional and if you disable it in the UI, you should no longer see those requests. That it ends up being blocked looks like a false-positive to me.

@Speciesx
Copy link
Author

@Speciesx Speciesx commented Sep 25, 2018

Do you know which Pi-hole blocklist contains the rule?

I've blocked ghostery-collector.ghostery.com, after i saw those requests.

Contributing Human Web data is optional and if you disable it in the UI, you should no longer see those requests. That it ends up being blocked looks like a false-positive to me.

Human Web is disabled, it was never enabled, but i still see those requests.

@philipp-classen
Copy link
Contributor

@philipp-classen philipp-classen commented Sep 26, 2018

@Speciesx Thank you, I'll try to reproduce.

@philipp-classen
Copy link
Contributor

@philipp-classen philipp-classen commented Oct 16, 2018

In the current release (8.2.4), we are polling for changes to the proxy list every 5 minutes. That is a GET request to https://ghostery-collector.ghostery.com/v2/lookuptable.

We are not sending data in these requests, but as the fetched content of rarely changes, 5 minutes is quite wasteful, especially if you are using in on a metered internet connection. In the upcoming release, it will now poll every 6 hours, which should reduce most of the overhead.

@Feranor
Copy link

@Feranor Feranor commented Oct 24, 2018

Do you know which Pi-hole blocklist contains the rule? Contributing Human Web data is optional and if you disable it in the UI, you should no longer see those requests. That it ends up being blocked looks like a false-positive to me.

A bunch of public blocklists have added everything related to Cliqz and Ghostery as a result of Mozilla sneakily adding the Cliqz extension to some German Firefox installations. Especially communities like the Firefox subreddit seem to believe (rather zealously) that Ghostery is closed source and sells their users browser history to ad companies.

Some examples:

https://www.reddit.com/r/firefox/comments/7569ts/list_of_cliqz_domains_to_block_in_hosts_file_post/
AdGuard Spyware filter: https://filters.adtidy.org/extension/chromium/filters/3.txt
https://hosts-file.net/default.asp?s=ghostery

@Speciesx
Copy link
Author

@Speciesx Speciesx commented Nov 23, 2018

1
Human Web is disabled and will be never enabled, but still get a bunch of that spyware connections!

@christophertino
Copy link
Member

@christophertino christophertino commented Nov 27, 2018

@Speciesx v8.2.5 released today reduces those proxy checks to every 6 hours. To disable them completely, make sure to also turn off Anti-Tracking protection in Ghostery (blue shield icon), since that feature uses the Human Web proxies to obfuscate sender data when building our Safe Data Set. Check out the "Unsafe Data Removal" section of this blog post for more info.

@Feranor thanks for pointing out those links. Unfortunately, those threads are nothing new, but we are steadily combating them here with our commitment to being open and transparent with the software we build. Suffice to say, we are not closed source, nor are we selling any user data.

@mutrised
Copy link

@mutrised mutrised commented Aug 10, 2019

Hi,
I ended up here looking for collector-hpn.privacy.ghostery.net and collector-hpn.ghostery.net domains.
I keep seeing today DNS requests every 4 or 5 minutes. More than 600 request is less than 12 hours.
I try to keeps my traffic as low as possible since I'm currently using a low quality 3G connection.
I'm on firefox, and Ghostery(v 8.3.4) is up to date (last updated on june 5th).

Is there a way to increase proxy checks ?

Thanks for your help ! =)

@philipp-classen
Copy link
Contributor

@philipp-classen philipp-classen commented Aug 12, 2019

Hi @mutrised

Normally, DNS requests only happen before a HTTPS request. As in terms of bandwidth use, the HTTPS requests are heavier than the relatively small DNS requests, looking at the actual requests could give more insights.

Note that the discussions in this thread refer to an older version of the extension. In the current system, there are no calls to get the proxy lists any more.

We still need to poll for configuration changes, which we currently do once every 1 to 4 hours (or on average once per 2.5 hours):
https://github.com/cliqz-oss/browser-core/blob/v7.37.7/modules/hpnv2/sources/config-loader.es#L25

If you look at your network traffic, these requests will should up as
GET https://collector-hpn.ghostery.net/config

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
5 participants