[Suggestion] TPL format

[silv3r_bull3t]

I'm not sure if anyone will be found of this suggestion, but if one doesn't try one will never know, right?

That said, as you all may be aware, Microsoft has released Internet Explorer 9. This new version includes a feature called Parental Controls which makes use of Tracking Protection Lists.

Basically what these lists do is check if a third-party service/domain is allowed or blocked, and allow or block communication with it accordingly.

Example: I'm at www.malwaredomainlist.com. Let's imagine this domain would display ads from xyz.domain.com, and this domain is blocked by a Tracking Protection List. Communication is blocked. But, only if communication is being done from a first-party (MDL's website in my example) to a third-party (xyz.domain.com).

But, if the user directly goes to xyz.domain.com, then the TPLs won't block access to it. This is just so that you guys get a general idea of how it works.

So, my suggestion is based on a more than known situation - hacked websites with compromised ads leading to malicious domains.

While there are like 4 lists so far, solely blocking ads, none of them is efficient or they're either too invasive, so over time their creators will need to put certain domains/ads in a whitelist (such situation is out of user's control), and they aren't 100% effective either at blocking ads.

So, what's my suggestion? I'm wondering if MDL would support such TPL format, but to block malicious domains, to where users may be redirected to from compromised domains hosting ads... Even if the other TPL lists may not be sucessuful at blocking the ads, MDL list would block communication to the malicious domains.

It would be an alternative to a hosts file, for those who things to simply update automatically, rather than making sure their hosts file is updated.

For a further understanding of TPLs take a look here -http://www.zdnet.com/blog/bott/ie9-and-tracking-protection-microsoft-disrupts-the-online-ad-business/3004

What do you guys think? Stupid idea?

[SysAdMini]

Have you found a documentation about the file format ?

A screenshot on this page

http://blogs.msdn.com/b/ie/archive/2010/12/07/ie9-and-privacy-introducing-tracking-protection-v8.aspx

shows a xml based format.

But existing lists like for example

http://easylist-msie.adblockplus.org/easyprivacy.tpl

look completely different.

[silv3r_bull3t]

Have you found a documentation about the file format ?

A screenshot on this page

http://blogs.msdn.com/b/ie/archive/2010/12/07/ie9-and-privacy-introducing-tracking-protection-v8.aspx

shows a xml based format.

But existing lists like for example

http://easylist-msie.adblockplus.org/easyprivacy.tpl

look completely different.

I apologize for not mentioning it.

There are other lists here -http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists/Default.html

But, considering what MDL would aim to do, block malicious domains (and not sub-domains), I'd believe it would have the format that, for example, PrivacyChoice list has -http://www.privacychoice.org/trackerblock/all_companies_tpl (this one has no extension, but the others have the extension *.tpl (either way works).

The list goes something like:

Code: [Select]

msFilterList
#All Companies TPL
: Expires=3
#Allow non-tracking activities
+d not_tracking
#List of networks:
-d ru4.com
-d 247realmedia.com
-d realmedia.com
-d decideinteractive.com
-d decdna.net
-d pm14.com
-d acxiom.com
-d mm7.net
-d adadvisor.net
-d adcentriconline.com

+d means it allows connection to the domain
-d means it will block connection to the domain
# where one can place comments

In MDL's case, we'd want only -d before each domain.

Maybe you could try that way and see if it works? Meantime, I'll keep researching for it. So far, I only managed to find what you already know.

But, one thing I know is that the lists need to be contained within a JavaScript tag. You can analyze what's here -http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists/Default.html by looking at its source code, I guess.

I'm sorry if I can't be of more assistance right now.

[silv3r_bull3t]

Hello,

Do you have any news on this format?


Thank you

[cleanmx]

hi @all

http://support.clean-mx.de/clean-mx/rss?mode=TPL

does the job, but be aware some big players are also on this list because this is only a domain list....

-- gerhard

[silv3r_bull3t]

hi @all

http://support.clean-mx.de/clean-mx/rss?mode=TPL

does the job, but be aware some big players are also on this list because this is only a domain list....

-- gerhard

Hello,

That's not how it works. You need to add the following to the source code of the page. This example is taken from Fanboy's Tracking Protection List.

Code: [Select]

<a href="javascript:window.external.msAddTrackingProtectionList('http://www.fanboy.co.nz/adblock/ie/fanboy-noele.tpl', 'Fanboy Adblock List')">Add TPL</a>

Source: https://secure.fanboy.co.nz/ie.html

That's the only way to provide it. Then, users will have to click the link, and they will be presented with a message from IE9 if they wish to install the TPL.

[silv3r_bull3t]

I found a MSDN Library page talking about TPLs. Great source of info.

http://msdn.microsoft.com/en-us/library/hh273399(v=VS.85).aspx#creatingtpls

[cleanmx]

I found a MSDN Library page talking about TPLs. Great source of info.

http://msdn.microsoft.com/en-us/library/hh273399(v=VS.85).aspx#creatingtpls

Hi

this tpl's are quite worthless,they only block outgoing traffic, but they do *not*prevent* fetching url's with malicious content.

-- gerhard

[silv3r_bull3t]

I found a MSDN Library page talking about TPLs. Great source of info.

http://msdn.microsoft.com/en-us/library/hh273399(v=VS.85).aspx#creatingtpls

Hi

this tpl's are quite worthless,they only block outgoing traffic, but they do *not*prevent* fetching url's with malicious content.

-- gerhard

Not worthless. Many infections, for sure happen due to hijacked ad networks. Some of the TPLs should block most ads, but some do allow them, otherwise the website won't function properly. In this case, a list such as your or even MDL (if there was one ), would help prevent a drive-by download, due to an hijacked ad.

Sure, it would be best to block all connections to such malicious domains, for example by using a hosts file, but many people aren't familiar with any of the sources or tools to be used; or simply don't want to have the hassle to keep it always up-to-date. TPLs update automatically.

By the way, you need to change your TPL page to allow users to add it to Internet Explorer 9.

Example:

Code: [Select]

<a href="javascript:window.external.msAddTrackingProtectionList('http://support.clean-mx.de/clean-mx/rss?mode=TPL', 'Clean-MX TPL')">Add TPL</a>

Without this bit of code, user's won't be able to add it to IE9, unless they manually create an html file with that code, and open it inside Internet Explorer 9.

@SysAdMini

By the way, I'm wondering if you have intentions of realeasing one MDL TPL?