[tor-talk] (no subject)
ideasbuenas at gmail.com
Thu Jul 3 21:27:16 UTC 2014
Another example is this s3-website-eu-west-1.amazonaws.com OR
ec2-54-225-215-244.compute-1.amazonaws.com everyone resolving to
On Thu, Jul 3, 2014 at 9:19 PM, ideas buenas <ideasbuenas at gmail.com> wrote:
> I'm not referring to this.I'm talking of a lot of URI that appears when I
> try to link to any site. Every one of those Remote Address start with a
> couple o letters followed by numbers like this:
> server-54-230-83-145.mia50.r.cloudfront.net .
> On Thu, Jul 3, 2014 at 2:59 AM, Seth David Schoen <schoen at eff.org> wrote:
>> ideas buenas writes:
>> > Why is markmonitor.com and its derivates in my TBB? How can I do to
>> > this ? Are they watching me?
>> Are you talking about seeing a markmonitor.com rule in the HTTPS
>> Enable/Disable Rules menu?
>> If so, this is one of thousands of HTTPS Everywhere rewrite rules that
>> are included with HTTPS Everywhere, which is included with the Tor
>> Browser Bundle. The goal of HTTPS Everywhere and its rewrite rules
>> is to automatically access as many sites as possible with secure HTTPS
>> HTTPS Everywhere typically does not make your browser access sites or
>> services that it would not otherwise have accessed, so it shouldn't help
>> sites monitor your web browsing if they would otherwise not have been
>> able to. There are definitely lots of sites that can monitor some aspects
>> of your web browsing because the site operator has included content loaded
>> from those sites in their web page (so your browser automatically
>> that content when you visit the page that embedded the content). For
>> example, there are ad networks whose ads are embedded in thousands or
>> millions of different sites, and if you visit any of those sites without
>> blocking those ads, the ad network operator will get some information
>> about your visit when your browser loads the embedded content from those
>> The "monitor" in the name of markmonitor is not a reference to monitoring
>> users' web browsing. Instead, it's part of the name of the company
>> MarkMonitor, a subsidiary of Thomson Reuters, that provides certain
>> Internet services mostly to very large companies.
>> Their name is supposed to suggest that they can "monitor" their clients'
>> trademarks, but not specifically by spying on Internet (or Tor) users'
>> web browsing. It seems that one of their original lines of business was
>> letting companies know about trademark infringement on web sites, so that
>> MarkMonitor's customers could threaten to sue those web sites' operators.
>> They subsequently went into other more infrastructural lines of business.
>> There was an article a few years ago criticizing the large amount of
>> power that MarkMonitor has, but most of that power seems to have arisen
>> mainly because it's an infrastructure provider that some very popular
>> sites decided to sign up with for various purposes (primarily to register
>> Internet domain names, because MarkMonitor's domain name registration
>> services make it extremely difficult for somebody else to take over
>> control of a domain name illicitly).
>> The markmonitor.com HTTPS Everywhere rule is one of thousands of HTTPS
>> Everywhere rules, and its goal is solely to make sure that if you're
>> visiting a web page hosted at (or loading content from) markmonitor.com
>> itself, that your browser's connection to markmonitor.com's servers will
>> be a secure HTTPS connection instead of an insecure HTTP connection. It
>> is not trying to give any additional information to those servers or to
>> cause your browser to connect to those servers when it would not
>> otherwise have done so.
>> (You can see the rule itself in the atlas link toward the beginning of
>> my message, and see that its effect is to rewrite some http:// links into
>> corresponding https:// links, just like other HTTPS Everywhere rules do.)
>> Having HTTPS Everywhere rules that relate to a site does not necessarily
>> mean that your browser has ever visited that site or will ever visit
>> that site. We've tried to make this clear because many of the rules
>> do relate to controversial or unpopular sites, or sites that somebody
>> could disagree with or be unhappy about in some way. Each rule just
>> tries to make your connection more secure if and when you as the end
>> user of HTTPS Everywhere decide to visit a site that loads content from
>> the servers in question.
>> You can disable the markmonitor.com HTTPS Everywhere rule from within the
>> Enable/Disable Rules menu -- but that won't stop your web browser from
>> loading things from markmonitor.com's servers if and when you visit pages
>> that refer to content that's hosted on those servers. It will just stop
>> HTTPS Eveyrwhere from rewriting that access to take place over HTTPS URLs.
>> Seth Schoen <schoen at eff.org>
>> Senior Staff Technologist https://www.eff.org/
>> Electronic Frontier Foundation https://www.eff.org/join
>> 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107
>> tor-talk mailing list - tor-talk at lists.torproject.org
>> To unsubscribe or change other settings go to
More information about the tor-talk