FSTDT Forums

Community => Science and Technology => Topic started by: The Illusive Man on July 19, 2013, 02:13:30 am

Title: Tech companies just love to spy on their users.
Post by: The Illusive Man on July 19, 2013, 02:13:30 am

Another day another set of rule set for create for Privoxy. To my knowledge there are no tech companies that have not engaged in some form of tracking. This the below example was something I had almost forgotten about when capturing traffic promiscuously from VMs of different operating systems.

Apple’s opt out statistical collection service is not opt out. It always on for 10.6 and above even if you disable it. (http://best-mac-tips.com/2011/06/30/stop-apple-submitdiaginfo-radar-submissions/) More to the point:

17.254.2.214 [radarsubmissions.apple.com]
Certified by Entrust Inc (http://www.entrust.net/) using level1c.crl, l1c-chain.cer (http://crl.entrust.net/level1c.crl), l1c-chain.cer (http://aia.entrust.net/l1c-chain.cer), server1.crl (http://crl.entrust.net/server1.crl)

For extra fun use Wireshark to capture traffic during updates or when idle for an hour, save then apply the following view filter ip.addr == 17.254.2.214.

That server is quite funny. 92% chance to be Citrix NetScaler load balancer (embedded OS). Open ports found via Nmap:
80/tcp  open  http Apache Tomcat/Coyote JSP engine 1.1
443/tcp open ssl/http Apache Tomcat/Coyote JSP engine 1.1
4444/tcp open krb524?
5190/tcp open aol?

I have created Privoxy rules to block this and other tracking Apple does, might be useful for someone.

Code: [Select]

r
{+block{Apple tracking}}
radarsubmissions.apple.com
*metrics.*.*
*locator.apple.com
s.mzstatic.com

Strange stuff:
r.mzstatic.com, r.mzstatic.com.edgesuite.net host .pdf files that are used for images. Why not image files for images? These images are created with Adobe Illustrator CS4 on MAC OS X 10.6.4 (Quartz PDFContext)