Privacy Badger extension is blocking clients5 dot google dot com tracker!

Yes, the EFF Privacy Badger Extension is blocking -clients5.google.com on the Google Chrome Browser default page, accounts.google.com, api.google.com and plus.google.com are given as yellow and not being blocked by default, only for yellow cookies are blocked.
Why this clients5.googl.com is being blocked?
We know that the modern Google Chrome browser is nothing but a huge tracking and profiling tool, but I had not seen clients5.google.com blocked by Ghostery or any other privacy related extension (only have Ghostery and DrWeb inside the browser and Avast Online Security off-course!
See: https://www.virustotal.com/nb/domain/clients5.google.com/information/
See: https://adblockplus.org/forum/viewtopic.php?p=104635 & https://www.robtex.net/en/advisory/dns/com/google/clients5/
& http://cookiepedia.co.uk/host/clients5.google.com
See: https://www.virustotal.com/nb/file/921f3c7d780e324e57b6874138bed562eeb293f21a3d299ce528a553fd1c1022/analysis/
& https://groups.google.com/forum/#!topic/alt.windows98/XR7nPrIE78I

polonus

WOT rating:

http://www.screencast-o-matic.com/screenshots/u/Lh/1419605342257-49727.png

Bob your wot rating image appears to have a typo clients5.googl.com not clients5.google.com - could be a typo squatting domain ???

Here’s an image of the email notification I received informing me of the original post:

http://www.screencast-o-matic.com/screenshots/u/Lh/1419610237486-30811.png

That’s what prompted me to post the screenshot. :o

Yep looks like a typo in polonus’s post and the notification you got.

That URL would certainly trigger WOT as there are many typo squatting URLs out there, where the clients5.google.com URL shouldn’t.

Hi bob3160 and DavidR,

A misunderstanding and cross-formulation. I understand very well why clients5.googl.com should be blocked by WOT and effectively should be blocked by some other extensions as a typo squatting destination, that easily could be abused. Alas in Privacy Badger the official tracker clients5.google.com is blocked and no typo. Again my question why (there is clients5,4,3,2,1, and 0 dot google dot com) - Is this a notorious tracker or what?

Block the hidden layer of crap that exists in all corporate websites is very efficient and one of the most effective methods available today for people running all versions of Windows, but particularly for Win-98 users
, read on this here: https://groups.google.com/forum/#!topic/alt.windows98/XR7nPrIE78I I do not propogate a standpoint on this ad-tracking/cookie blocking. Just wanted to know, how Privacy Badger worked out on the browser and what is being blocked in order of domains, cookies and what domains are allowed.

I do not particularly like the workings of hostfile blocking because they are that drastic and definitive, also slowing the browser quite a bit.
Privacy Badger until it has settled in it also slows the Chrome Broser downa bit, but that is only initially, as far as I could establish.

polonus

Facebook tracking all over the Internet is also being blocked by PrivacyBadger. Another way to achive this is via AdBlockPlus but then we have to know what to give in: https://adblockplus.org/blog/about-that-facebook-tracking-thing
There is even a Google Chrome extension to achieve this:
https://chrome.google.com/webstore/detail/facebook-disconnect/ejpepffjfmamnambagiibghpglaidiec
Also read: http://lifehacker.com/5843969/facebook-is-tracking-your-every-move-on-the-web-heres-how-to-stop-it

polonus

Hi forum friends,

But Privacy Badger is not acting in the grey zone, where malbot fake search results and BHO infection threatens the browser.
For instance what about these?

``` # Block fake traffic RewriteEngine on Options +FollowSymlinks # Block all http and https referrals from "savetubevideo.com" and all subdomains of "savetubevideo.com" RewriteCond %{HTTP_REFERER} ^https?://([^.]+\.)*savetubevideo\.com\ [NC,OR] # Block all http and https referrals from "srecorder.com" and all subdomains of "srecorder.com" RewriteCond %{HTTP_REFERER} ^https?://([^.]+\.)*srecorder\.com\ [NC,OR] # Block all http and https referrals from semalt.com" and all subdomains of "semalt.com" RewriteCond %{HTTP_REFERER} ^https?://([^.]+\.)*semalt\.com\ [NC,OR] # Block all http and https referrals from "kambasoft.com" and all subdomains of "kambasoft.com" RewriteCond %{HTTP_REFERER} ^https?://([^.]+\.)*kambasoft\.com\ [NC] RewriteRule .* - [F]
</blockquote> See my posting here: https://forum.avast.com/index.php?topic=163554.0 and also read here: http://www.linuxbrigade.com/remove-kambasoft-com-google-analytics/ -> https://www.virustotal.com/nb/url/013765df1a1a8eec3ebf16e1a3a081977b47fcb0c1ba8e5a18dca75c566720a1/analysis/
and https://www.virustotal.com/nb/ip-address/217.23.2.19/information/
and http://www.herdprotect.com/ip-address-217.23.2.19.aspx

These inconclusive SEO abusers should be set out for what they are, crooks, and not only for the damage to the average website owner's ad income. Why Google is turning a blind eye here? Aren't they interested how their ad income is being generated - either via legit or through fake clicks. When blocked or flagged they find no way to ignore these abusers anymore. ;)

polonus

P.S. [b]Unique Privacy Protection Device[/b]  ;D: 
http://www.collectorsweekly.com/articles/wp-content/uploads/2012/10/il_fullxfull.2283478601.jpg

Not sure if this has anything to do with the subject at hand but, Privacy Badger v0.1.4
may still be in alpha stage.

Back then, they used to steal the ribbons and examine them for any valuable information.
It was tedious work and required lots of soap to hide the evidence of tampering.

There are some people who haven’t the foggiest idea of what that is. ;D

So let’s not tell them. See if they can figure it out. :slight_smile:

Hi bob3160,

Wasn’t there also not an issue with hidden-watermarked paper?
Off-line spying worked differently.
Some letters had “Blue Velvet Valentine” odor and color, wasn’t it?

polonus

An update as to the present situation - 2 pages found, triggering on average 1% antiviruses (Robtex mentions this).
It is Google Search.
See the VT results here: https://www.virustotal.com/en/domain/clients5.google.com/information/
(with some BrowseFox adware PUP detection). The unknown cookies served up from there: http://cookiepedia.co.uk/host/clients5.google.com
Then also issues with this: https://github.com/kunklejr/ssl-everywhere.safariextension/blob/master/rules/Google.xml
Malcode manipulative → https://productforums.google.com/forum/#!msg/chrome/XXlV3RY4WfY/3lzSwbayHc0J
A redirection caused by ABP extension: https://adblockplus.org/forum/viewtopic.php?t=24503
Startsearcher BHO PUP: http://www.threatexpert.com/report.aspx?md5=508ec50a2e9b1ec092de130e9181b567
Insecurities caused by re-writes for HTTPS Anywhere: https://www.eff.org/https-everywhere/atlas/domains/google.com.html
The squid report: http://shandutech.co.za/sarg/2015Feb01-2015Feb08/192.168.0.116/tt192.168.0.116-clients5_google_com_443.html
IP locator info: http://www.ip-address.org/lookup/ip-locator.php?track=clients5.google.com
Going to IP I get a Bitdefender TrafficLight blocking a PHISHing attempt.
Script execution failed on the http_generator. 252 disallowed entries - ssl-cert: Subject: commonName=*.google.com/organizationName=Google Inc/stateOrProvinceName=California/countryName=US

  • tls-nextprotoneg:
    | h2-15
    | h2-14
    | spdy/3.1
    | spdy/3
    |_ http/1.1 via linux/linux.kernel
    Indeed time to check the links with a tracker tracker report as given attached. Do not try to open links from this attached file directly into a browser. Info strictly for research purposes only. The issue with trac.torproject.org tracking until now has not been tackled/solved by google apparently.

polonus