[tor-talk] (no subject)

Seth David Schoen schoen at eff.org
Thu Jul 3 02:59:16 UTC 2014

ideas buenas writes:

> Why is markmonitor.com and its derivates in my TBB? How can I do to delete
> this ? Are they watching me?


Are you talking about seeing a markmonitor.com rule in the HTTPS Everywhere
Enable/Disable Rules menu?


If so, this is one of thousands of HTTPS Everywhere rewrite rules that
are included with HTTPS Everywhere, which is included with the Tor
Browser Bundle.  The goal of HTTPS Everywhere and its rewrite rules
is to automatically access as many sites as possible with secure HTTPS

HTTPS Everywhere typically does not make your browser access sites or
services that it would not otherwise have accessed, so it shouldn't help
sites monitor your web browsing if they would otherwise not have been
able to.  There are definitely lots of sites that can monitor some aspects
of your web browsing because the site operator has included content loaded
from those sites in their web page (so your browser automatically retrieves
that content when you visit the page that embedded the content).  For
example, there are ad networks whose ads are embedded in thousands or
millions of different sites, and if you visit any of those sites without
blocking those ads, the ad network operator will get some information
about your visit when your browser loads the embedded content from those

The "monitor" in the name of markmonitor is not a reference to monitoring
users' web browsing.  Instead, it's part of the name of the company
MarkMonitor, a subsidiary of Thomson Reuters, that provides certain
Internet services mostly to very large companies.


Their name is supposed to suggest that they can "monitor" their clients'
trademarks, but not specifically by spying on Internet (or Tor) users'
web browsing.  It seems that one of their original lines of business was
letting companies know about trademark infringement on web sites, so that
MarkMonitor's customers could threaten to sue those web sites' operators.
They subsequently went into other more infrastructural lines of business.

There was an article a few years ago criticizing the large amount of
power that MarkMonitor has, but most of that power seems to have arisen
mainly because it's an infrastructure provider that some very popular
sites decided to sign up with for various purposes (primarily to register
Internet domain names, because MarkMonitor's domain name registration
services make it extremely difficult for somebody else to take over
control of a domain name illicitly).

The markmonitor.com HTTPS Everywhere rule is one of thousands of HTTPS
Everywhere rules, and its goal is solely to make sure that if you're
visiting a web page hosted at (or loading content from) markmonitor.com
itself, that your browser's connection to markmonitor.com's servers will
be a secure HTTPS connection instead of an insecure HTTP connection.  It
is not trying to give any additional information to those servers or to
cause your browser to connect to those servers when it would not
otherwise have done so.

(You can see the rule itself in the atlas link toward the beginning of
my message, and see that its effect is to rewrite some http:// links into
corresponding https:// links, just like other HTTPS Everywhere rules do.)

Having HTTPS Everywhere rules that relate to a site does not necessarily
mean that your browser has ever visited that site or will ever visit
that site.  We've tried to make this clear because many of the rules
do relate to controversial or unpopular sites, or sites that somebody
could disagree with or be unhappy about in some way.  Each rule just
tries to make your connection more secure if and when you as the end
user of HTTPS Everywhere decide to visit a site that loads content from
the servers in question.

You can disable the markmonitor.com HTTPS Everywhere rule from within the
Enable/Disable Rules menu -- but that won't stop your web browser from
loading things from markmonitor.com's servers if and when you visit pages
that refer to content that's hosted on those servers.  It will just stop
HTTPS Eveyrwhere from rewriting that access to take place over HTTPS URLs.

Seth Schoen  <schoen at eff.org>
Senior Staff Technologist                       https://www.eff.org/
Electronic Frontier Foundation                  https://www.eff.org/join
815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x107

More information about the tor-talk mailing list