Google and Facebook, I am facilitating packet filtering to block your tracking
source link: https://peguero.xyz/blog/google_and_facebook_i_am_facilitating_packet_filtering_to_block_your_tracking.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Google and Facebook, I am facilitating packet filtering to block your tracking
2021-09-20
If you are a computer hobbyist and are displeased with Google and Facebook nonconsensually tracking your every digital move through websites and applications not under their direct control, I encourage you to consider using sirubo, a project that I felt was imperative for me to build and release to the public under a permissive license.
In essence, sirubo is a POSIX shell script that leverages:
whois
, to perform a query for autonomous system number, or ASN, prefixes, such as8.8.8.8/24
.nftables
on Linux andpf
on OpenBSD, to impose firewall rules that reject outgoing traffic to IPv4 and IPv6 addresses associated with the aforementioned ASN prefixes.
I've been experimenting with sirubo during the COVID-19 pandemic, and while I plan to write a manpage and continue to address possible programmatic imperfections within sirubo's source, I believe this software is generally ready for production use on personal Linux and OpenBSD systems.
If interested, within a shell...
- Clone the sirubo repository:
% git clone https://git.sr.ht/~speguero/sirubo
Install sirubo:
% cd sirubo % make install
Then, to illustrate, add the following ASNs to /usr/local/etc/sirubo.conf
:
AS15169 # Google AS32934 # Facebook
And finally, create a firewall ruleset to reject outgoing network traffic to IP address associated with the aforementioned ASNs:
% sirubo -c > retrieving asn prefixes from: AS15169 AS32934 %
Run the following nc
commands; Google and Facebook outbound traffic should now be rejected:
% nc -vw 1 google.com 443 nc: connect to google.com (0.0.0.0) port 443 (tcp) timed out: Operation now in progress nc: connect to google.com (0.0.0.0) port 443 (tcp) failed: Connection refused % nc -vw 1 facebook.com 443 nc: connect to facebook.com (0.0.0.0) port 443 (tcp) timed out: Operation now in progress nc: connect to facebook.com (0.0.0.0) port 443 (tcp) failed: Connection refused
To disable this ruleset:
% sirubo -s
And to re-enable it:
% sirubo -r
Principally, the purpose of this software is to reclaim your privacy from these Silicon Valley conglomerates. It must be noted that businesses such as Google and Facebook are fundamentally of the advertising industry. Particularly, in an era of personalized advertising, and considering the measures necessary for such an idea to be feasible, businesses such as Google and Facebook ought to not be trusted.
To conclude this first blog post of mine, I wanted to make note of some good, old-fashioned Northeastern American sarcasm that I injected into the sirubo source code (at line 14):
1 #!/bin/sh -ue 2 3 # .__ ___. 4 # _____|__|______ __ _\_ |__ ____ 5 # / ___/ \_ __ \ | \ __ \ / _ \ 6 # \___ \| || | \/ | / \_\ ( <_> ) 7 # /____ >__||__| |____/|___ /\____/ 8 # \/ \/ 9 # v0.3 10 # 11 # ASN prefix (big tech conglomerate) 12 # outbound traffic blocker. 13 # 14 # "Special shout-out to Google and Facebook!"
Silicon Valley, allow me to toss in your direction a friendly vernacular phrase from my hometown of Boston:
Fahk you.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK