If you care about your privacy and your device's security, chances are you run a browser plugin such as NoScript to block malicious and unnecessary scripts. NoScript is a must have for your security arsenal. You'd be amazed at how many scripts are executed when you visit certain websites. Even more ridiculous is that these scripts often are sourced from dozens of different places. This adds for a lot of opportunity for cross site scripting attacks, and makes running a script blocking extension much more annoying than it ought to be. Not even a year ago, it was not too difficult to block the bad while still enjoying a descent browsing experience. Things have changed.
You may have noticed that many big websites now have scripts coming from obscure, random URLs, like "askjajgn2dsnfaf5ef89dsudsih3ur3.cloudfront.com". This makes it impossible to efficiently use a script blocker, because if you completely block cloudfront, or amazonaws, than you cannot access a lot of web content. These big content providers seem to serve no useful purpose other than making it difficult for the end user to block ads, scripts, and protect themselves. Because many different types of content are hosting under the same parent domain, and the subdomains are so random, if you simply block the parent domain, you loose a lot of web functionality. If you block the subdomain, it makes no difference because the provider will just shoot some more crap at you from a different random subdomain.
We need to come up a solution for this. Perhaps a proxy of sorts, that is intelligent enough to intercept and separate the useless/malicious from the necessary content, and than reassemble the page before it reaches the end user. The only problem is that I have no idea where to even begin building a program that could do that. So, I am just putting the idea out there. If someone could pull that off, they'd be famous.
No comments:
Post a Comment