Nvidia Adds Telemetry To Latest Drivers

[rigoletto@]

Hi obsigna ,

I was not pointing it out for this specific purpose, I was just willing to add an alternative to AdBlock in general (a lot of better IMO), since there is talk about AdBlock from people using that.

Also, they compile several lists beyond ads, including malware etc. and may be a good centralized source for them.

EDIT:

And yes, I totally agree that firewall/dns should be the most effective way to beat telemetry, proxy maybe a good too but I bit more complicated to implement per average user. But the most important is to have a source of what shall be blocked.

There are several lists, but one source where we can find everything would be a lot of better. I am not talking about uBlock, of course, that is just the best source I could find for now but it have other purposes than telemetry.

 

[MarcoB]

I have to admit that an adblocker plugin does filter the ads in webpages better. But using unbound has some other advantages I really like e.g. not needing plugins anymore, FF needing a lot less memory, via unbound protects my complete system and I can switch to webbrowsers without adblockplugin. And of course it's just fun to fiddle with it .

 

[obsigna]

MarcoB, I updated the GitHub repository of the void-zones-tools, and among other tiny details, I added a change that is supposed to fix the invalid instruction issue on your Xeon CPU. I cannot test it on my side, though. Please may I ask you to test it for me on your system, and let me know the result?

fetch -o void-zones-tools-master.zip https://github.com/cyclaero/void-zones-tools/archive/master.zip
unzip void-zones-tools-master.zip
cd void-zones-tools-master
make install clean
void-zones-update.sh

 

[MarcoB]

The tools build and install ok. Running the script results in a new download of the txt-files, but then a coredump again with an illegal instruction.

 

[obsigna]

The tools build and install ok. Running the script results in a new download of the txt-files, but then a coredump again with an illegal instruction.

For the time being, please edit the file binutils.h, replacing once again on line 151 #if defined(__x86_64__) with #if 0, then build and install again. Obviously, this one needs more investigation.

 

[MarcoB]

Ok I will. With

#if 0

it runs fine.
BTW do you know where unbound stores it's cache?

 

[rigoletto@]

IIRC Unbound store the cache in memory, but I think there is a way to make it store in a file.
You can use this guide to optimize Unbound if you like.

 

[rigoletto@]

obsigna

I installed the void-zones-tools here and it is working very well, but there is a simple way to add more lists? I let the integrated Opera adblocker and the uBlock still on and some times they still get about 15 things in total on a single site.

Thank you!

 

[obsigna]

Ok I will. With

#if 0

it runs fine.
BTW do you know where unbound stores it's cache?

Well, I got the next incarnation of binutils.h for testing, s. attached file. If you would be willing to assist in trouble shooting the Xeon issue, then please replace the original one by the attached binutils.h, and try again.

Also, it might be better to continue the troubleshooting session per e-mail, in order to reduce the noise on the forum, what do you think. If this is OK for you, then please return your results by e-mail.

 

[obsigna]

obsigna

I installed the void-zones-tools here and it is working very well, but there is a simple way to add more lists? I let the integrated Opera adblocker and the uBlock still on and some times they still get about 15 things in total on a single site.

Thank you!

The first run of void-zones-update.sh should have created the directory /usr/local/etc/void-zones/. In addition it should have placed a template my_void_hosts.txt, and this one is meant for adding additional domains.

Use 0.0.0.0 for blacklisting, and 1.1.1.1 for whitelisting. You may move this file to a more convenient location for frequent editing, and leave a symbolic link to it in /usr/local/etc/void-zones/.

For running the hosts2zones conversion without updating (downloading) all the remote Hosts files, you may want to use the following shell script:

#!/bin/sh

ZONES_DIR="/usr/local/etc/void-zones"
/usr/local/bin/hosts2zones /tmp/local-void.zones \
                           "$ZONES_DIR/my_void_hosts.txt" \
                           "$ZONES_DIR/pgl_void_hosts.txt" \
                           "$ZONES_DIR/sowc_void_hosts.txt" \
                           "$ZONES_DIR/mvps_void_hosts.txt" \
                           "$ZONES_DIR/mdl_void_hosts.txt" \
                           "$ZONES_DIR/away_void_hosts.txt" \
                           "$ZONES_DIR/ucky_void_host.txt" \
                           "$ZONES_DIR/telm_void_hosts.txt" \
  && /bin/mv /tmp/local-void.zones /var/unbound/local-void.zones

Anybody is welcome to post their custom my_void_hosts.txt as an issue on the GitHub repository of the void-zones-tools, and I will place another remote Hosts file for download on GitHub.

 

[MarcoB]

Afaics only place where a lot of ads are not blocked is on Linkedin. These are mostly "sponsored content". Is blocking this kind of ads possible with the tool? Or do we really need a browser plugin for this?

 

[rigoletto@]

obsigna

I will try it. Anyway I want to add just the lists I find on uBlock Origin that are not already on void-zones-tools - at least for now.

The Opera integrated adblock use (IIRC) Easylist what is also on uBlock Origin, but the integrated adblock is faster than the plugin.

Thank you!

 

[obsigna]

With the help of MarcoB, the Xeon invalid instruction issue with the hosts2zones tool has been resolved, and I updated the GitHub repository void-zones-tools already.

 

[obsigna]

obsigna

I will try it. Anyway I want to add just the lists I find on uBlock Origin that are not already on void-zones-tools - at least for now.

The Opera integrated adblock use (IIRC) Easylist what is also on uBlock Origin, but the integrated adblock is faster than the plugin.

Do these external lists exist in the Hosts file format (either of 127.0.0.1 or 0.0.0.0 will do)? If yes, then simply execute: cat Easylist_in_hosts_format >> /usr/local/etc/void-zones/my_void_hosts.txt

If no, please sent me a sample, so I can check it for a possible conversion.

 

[obsigna]

Afaics only place where a lot of ads are not blocked is on Linkedin. These are mostly "sponsored content". Is blocking this kind of ads possible with the tool? Or do we really need a browser plugin for this?

Can you identify distinguished domain names for these sponsored ads, i.e. ones that are different from the non-ad content on LinkedIn? For example, if the ads are coming from spads.linkedin.com and the non-ad content is served from www.linkedin.com, then you would simply add the entry 0.0.0.0 spads.linkedin.com to /usr/local/etc/void-zones/my_void_hosts.txt, and run either the updating script void-zones-update.sh or the simple conversion script from post #60) and the ads should have gone.

It is worth to note, that also the client machines maintain a DNS cache. So it might be well possible, that you don't see the void-zones being 100 % effective, because some domain names are still being resolved from the DNS cache of the client.

On my Mac's I run sudo killall -HUP mDNSResponder for cleaning the DNS caches, unfortunately I don't know the commands for other client systems.

 

[MarcoB]

Can you identify distinguished domain names for these sponsored ads, i.e. ones that are different from the non-ad content on LinkedIn? For example, if the ads are coming from spads.linkedin.com and the non-ad content is served from www.linkedin.com, then you would simply add the entry 0.0.0.0 spads.linkedin.com to /usr/local/etc/void-zones/my_void_hosts.txt, and run either the updating script void-zones-update.sh or the simple conversion script from post #60) and the ads should have gone.

Yeah I tried to find the domain names where those ads are coming from but couldn't find them. I'll keep searching then.

It is worth to note, that also the client machines maintain a DNS cache. So it might be well possible, that you don't see the void-zones being 100 % effective, because some domain names are still being resolved from the DNS cache of the client.

On my Mac's I run sudo killall -HUP mDNSResponder for cleaning the DNS caches, unfortunately I don't know the commands for other client systems.

Don't know the command on FreeBSD either but will look for it. Thanks.

 

[rigoletto@]

Do these external lists exist in the Hosts file format (either of 127.0.0.1 or 0.0.0.0 will do)? If yes, then simply execute: cat Easylist_in_hosts_format >> /usr/local/etc/void-zones/my_void_hosts.txt

If no, please sent me a sample, so I can check it for a possible conversion.

I was looking on it right now, and unfortunately, apparently, some of the lists it use an AdBlock specific syntax. I will take o look on some of the websites uBlock get the lists to see if there is something more normal. Other lists appear to be ok.

All lists they use can be found here.

Thank you!

Some seem to have a very specific syntax what include the size of the banner (or something) to be removed.

 

[rigoletto@]

obsigna I could not find a way to send you a e-mail or a PM.

So, I opened all of their lists, and the only ones what seem will work without a major work are those:

http://hosts-file.net/.\ad_servers.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_malware.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
http://mirror1.malwaredomains.com/files/justdomains
http://malwaredomains.lehigh.edu/files/immortal_domains.txt
http://someonewhocares.org/hosts/hosts ### Already there
http://winhelp2002.mvps.org/hosts.txt ### Already there
http://www.malwaredomainlist.com/hostslist/hosts.txt ### Already there

One more, not in uBlock:

https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt

Thank you.

 

[obsigna]

obsigna I could not find a way to send you a e-mail or a PM.

So, I opened all of their lists, and the only ones what seem will work without a major work are those:

http://hosts-file.net/.\ad_servers.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_malware.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
http://mirror1.malwaredomains.com/files/justdomains
http://malwaredomains.lehigh.edu/files/immortal_domains.txt
http://someonewhocares.org/hosts/hosts ### Already there
http://winhelp2002.mvps.org/hosts.txt ### Already there
http://www.malwaredomainlist.com/hostslist/hosts.txt ### Already there

One more, not in uBlock:

https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt

Thank you.

Since, it is not a good idea to post e-mail addresses publicly, please may I ask you to pick it up on my BLog/Impressum.

I will look at the various lists in the next days. My main concern is not the format, but whether the lists are maintained.

 

[obsigna]

Sr. Baron,

In the meantime, I had a look at the proposed lists, and furthermore I added the capability of scanning simple domain lists along side to listings in the Hosts file format to the hosts2zones tool, and the updates are on GitHub already.

http://hosts-file.net/.\ad_servers.txt

This file comes from the hpHosts site. I didn't include lists from hpHosts for 2 reasons.

1. These lists seem to be quite unbalanced, which becomes apparent by the mere number of total entries > 500000 hosts. This would not be a big problem for the hosts2zones tool, it would still process this in less than a second, however, the doubt remains if perhaps the major part of these lists consist of dead entries.
   
   
2. The License forbids automatic processing, so I do not suggest this by any means.

https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_malware.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt

These lists are said to be originated at Disconnect.me, (see: https://github.com/chrisaljoudi/uBlock/issues/1406), however, besides this claim, there is no further evidence. As a matter of fact, I stumbled across these lists already more than a year ago, and I also experimented with it. Nonetheless, I am hesitant to add these lists to the automatic processing scheme of the void-zones-tools, because of my doubts who owns and maintains the lists, and it is even not very clear whether these lists are actually maintained (only 300 more entries in more than one year).

http://mirror1.malwaredomains.com/files/justdomains
http://malwaredomains.lehigh.edu/files/immortal_domains.txt

These lists are actually from the same source, i.e. DNS-BH – Malware Domain Blocklist, which seems to be well maintained and supports inclusion into open source projects. I just added the justdomains list to the automatic updating scheme of my tools.

Finally, I facilitated inclusion of lists that are not part of my automated updating scheme. On invocation of hosts2zones by the shell script void-zones-update.sh, now 3 additional input files are passed:
x_void_list.txt, y_void_list.txt, z_void_list.txt.
With that in place it would be quite easy to include for example above ...lists.disconnect.me/simple_...txt files to the hosts2zones processing.

Simply execute the following command before updating the other zones:
fetch -o - \
https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt \
https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt \
https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt \
https://s3.amazonaws.com/lists.disconnect.me/simple_malware.txt \
> /usr/local/etc/void-zones/x_void_list.txt

Said command would place the respective lists joined together into /usr/local/etc/void-zones/x_void_list.txt, and that one would be converted/consolidated into the local-void.zones for filtering by Unbound on the next run of void-zones-update.sh. In the case these additional files are missing, the tool simply ignores these parameters.

 

[rigoletto@]

Thank you obsigna!

Already working here.

 

[MarcoB]

Same here

 

[wblock@]

I don't understand this thread. It started as Nvidia telemetry, then evolved into something that seemed to suggest you can block that with a hosts file. The easy way to get past that is for the "telemetry" to just use static IP addresses. There are numerous other ways it could be done through other channels. Likewise with the Windows stuff. As far as what it reports, a video card can potentially report every image displayed on your monitor. Or the driver could do a little processing to grab text from the screen.

 

[obsigna]

I don't understand this thread. It started as Nvidia telemetry, then evolved into something that seemed to suggest you can block that with a hosts file.

Seems you understood it subconsciously -- correct, once you have the facility in place, then add the telemetry domains, and you are almost done with it.

The easy way to get past that is for the "telemetry" to just use static IP addresses.

Think about this again, keeping in mind that it is much easier to add a firewall rule than to keep domain lists updated:
ipfw add 10 deny ip from any to nn.vv.id.ia

There are numerous other ways it could be done through other channels.

Hardly, if the target system is controlling the DNS and the Firewall.

Likewise with the Windows stuff.

During evolvement of this thread we found already a domain list of all the Windows 10 telemetry:

### Extra rules for @StevenBlack 's hosts project
### https://github.com/FadeMind/hosts.extras
### <Windows 10 Telemetry> < B E G I N >
0.0.0.0 a.ads1.msn.com
0.0.0.0 a.ads2.msads.net
0.0.0.0 a.ads2.msn.com
0.0.0.0 a.rad.msn.com
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 a-0002.a-msedge.net
...
...
0.0.0.0 vortex-win.data.microsoft.com
0.0.0.0 watson.live.com
0.0.0.0 watson.microsoft.com
0.0.0.0 watson.ppe.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com.nsatc.net
0.0.0.0 wes.df.telemetry.microsoft.com
0.0.0.0 win10.ipv6.microsoft.com
0.0.0.0 www.msftncsi.com
### <Windows 10 Telemetry> < E N D >

As far as what it reports, a video card can potentially report every image displayed on your monitor. Or the driver could do a little processing to grab text from the screen.

Yeah, people are not only concerned but developing and deploying already counter measures.

So, I guess, we are still on topic, aren't we?

 

[wblock@]

I understand that firewalls can block arbitrary addresses, but I also know that this would not stop anyone. There is no reason a semi-random list of IP addresses cannot be used, and those would not necessarily be in a company's IP block. Think "partners". And of course, any update to the driver or firmware or even something that seems entirely unrelated can change it all entirely. The point is that counting on DNS to stop this is very fragile.