lukasz.bromirski.net

aviate, navigate, communicate

canvas fingerprinting… and unbound

some time ago I exchanged my BIND at home to Unbound, due to the change of the default DNS server in FreeBSD (yes, I have my DNS server at home, which serves all queries). actually, I have four right now ;)

in BIND times, I used a lot of scripts to add zones containing 127.0.0.1 for domains serving ads. in Unbound’s time …. I forgot about it completely.

in connection with recent interesting reports about the so-called fingerprinting using Canvas API in browsers, I came back to the topic of blocking addthis.com and derivatives.

it turns out that the method to block a domain in Unbound is simple, but requires a proper spell in google to find a working solution. for the example domain addthis.com, the entry in unbound.conf looks like this:

local-zone: "addthis.com" redirect
local-data: "addthis.com A 127.0.0.1"

happy blocking.


Share