DNSFilter has recently introduced a new category that can be blocked in configured policies: Trackers.
Having this category available provides a ton of advantages—finer-grained blocking, a focus on privacy, as well as the ability to integrate a wider range of third party feeds on our side—but one big advantage is that it can help with usability of sites.
Previously, there was only Advertising that could be blocked. This generally covered tracking domains—although domains that were Trackers but not Advertising wouldn't be included—but one issue we encountered was the number of sites tying functionality to tracking they had going on in the background. This meant that blocking a tracking domain could cause a site to stop working correctly.
How Things Break
These breakages aren't even just simple cases where the site won't load. Sometimes, only parts of a site will fail to load, or odd overlays might appear because something stopped halfway through rendering. Sometimes it was even more subtle, causing a site to load more slowly than usual or only fail when the user tried certain actions.
Most of the time this is all accidental: Developers just assumed that the resources stored on trackers, and data being sent to them, would work correctly and they hadn't tested the unhappy path. Other times, it's less clear that they aren't deliberately trying to convince users to unblock trackers. But either way, site owners have little incentive to fix things: all they would be doing would be enabling users to prevent valuable data about their browsing behavior being recorded for future use and sale.
Sam Macbeth from DuckDuckGo has an ongoing thread on Twitter that talks about some of the worst cases where this happens. He discusses websites in particular, but this trend has unfortunately been increasing and expanding as the ever-growing IoT market has kept up pace.
Devices which "phone home" are basically ubiquitous these days, sending all sorts of data like your viewing habits (for smart TV devices), eye movements (for VR headsets), and heart rate (for fitness trackers) back to the cloud where they are highly likely used to build up a profile of you and your habits.
So unfortunately, as users who care about privacy, we're left with a choice: Privacy, or usability?
For some people, they'll always go for usability. Several people I work with, for example, are more than happy to have every detail of their online life tracked and stored, and simply assume that's happening everywhere and all the time. (I'm looking at you, Mike.) Personally it worries me, and the right to privacy is something I hold dear.
But in the end, it's up to you.
If this sort of thing doesn't bother you, something you may find interesting is to take a look at what's actually happening behind the scenes.
A peek behind the curtain can be revealing: Seeing the number of domains that are being accessed that are classed as trackers, and the rate they're being looked up, can be eye-opening.
Have a look at your DNS query log. Go to a few of your favorite news sites. Check out a couple of time wasting forums. Turn on and play with a couple of internet-connected devices. Then take another look.
You might be surprised at what's going on. And maybe, it might just change your mind.
This month there was a high level of focus on compliance issues spanning several focus areas from governments and oversight agencies around the world. And while there were actions taken with regard to specific vulnerabilities, a larger spotlight was placed on bigger picture security considerations in a more general context.
TL;DR: SASE is broadening—it is about more than just access! It is about endpoint protection and user-based access…and it's called Security Service Edge (SSE). All of the aspects of the joint NSA and CISA guidance on Protective DNS (PDNS) and user-level policies are part of the secure category, originally launched by Gartner in January 2022. Regardless, it’s been interesting to see the NSA and CISA create guidance recognizing the breadth of cyber...
Explore More Content
Ready to brush up on something new? We've got even more for you to discover.