ideas buenas writes: > Why is markmonitor.com and its derivates in my TBB? How can I do to delete > this ? Are they watching me?
Hi, Are you talking about seeing a markmonitor.com rule in the HTTPS Everywhere Enable/Disable Rules menu? https://www.eff.org/https-everywhere/atlas/domains/markmonitor.com.html If so, this is one of thousands of HTTPS Everywhere rewrite rules that are included with HTTPS Everywhere, which is included with the Tor Browser Bundle. The goal of HTTPS Everywhere and its rewrite rules is to automatically access as many sites as possible with secure HTTPS connections. HTTPS Everywhere typically does not make your browser access sites or services that it would not otherwise have accessed, so it shouldn't help sites monitor your web browsing if they would otherwise not have been able to. There are definitely lots of sites that can monitor some aspects of your web browsing because the site operator has included content loaded from those sites in their web page (so your browser automatically retrieves that content when you visit the page that embedded the content). For example, there are ad networks whose ads are embedded in thousands or millions of different sites, and if you visit any of those sites without blocking those ads, the ad network operator will get some information about your visit when your browser loads the embedded content from those servers. The "monitor" in the name of markmonitor is not a reference to monitoring users' web browsing. Instead, it's part of the name of the company MarkMonitor, a subsidiary of Thomson Reuters, that provides certain Internet services mostly to very large companies. https://www.markmonitor.com/ Their name is supposed to suggest that they can "monitor" their clients' trademarks, but not specifically by spying on Internet (or Tor) users' web browsing. It seems that one of their original lines of business was letting companies know about trademark infringement on web sites, so that MarkMonitor's customers could threaten to sue those web sites' operators. They subsequently went into other more infrastructural lines of business. There was an article a few years ago criticizing the large amount of power that MarkMonitor has, but most of that power seems to have arisen mainly because it's an infrastructure provider that some very popular sites decided to sign up with for various purposes (primarily to register Internet domain names, because MarkMonitor's domain name registration services make it extremely difficult for somebody else to take over control of a domain name illicitly). The markmonitor.com HTTPS Everywhere rule is one of thousands of HTTPS Everywhere rules, and its goal is solely to make sure that if you're visiting a web page hosted at (or loading content from) markmonitor.com itself, that your browser's connection to markmonitor.com's servers will be a secure HTTPS connection instead of an insecure HTTP connection. It is not trying to give any additional information to those servers or to cause your browser to connect to those servers when it would not otherwise have done so. (You can see the rule itself in the atlas link toward the beginning of my message, and see that its effect is to rewrite some http:// links into corresponding https:// links, just like other HTTPS Everywhere rules do.) Having HTTPS Everywhere rules that relate to a site does not necessarily mean that your browser has ever visited that site or will ever visit that site. We've tried to make this clear because many of the rules do relate to controversial or unpopular sites, or sites that somebody could disagree with or be unhappy about in some way. Each rule just tries to make your connection more secure if and when you as the end user of HTTPS Everywhere decide to visit a site that loads content from the servers in question. You can disable the markmonitor.com HTTPS Everywhere rule from within the Enable/Disable Rules menu -- but that won't stop your web browser from loading things from markmonitor.com's servers if and when you visit pages that refer to content that's hosted on those servers. It will just stop HTTPS Eveyrwhere from rewriting that access to take place over HTTPS URLs. -- Seth Schoen <sch...@eff.org> Senior Staff Technologist https://www.eff.org/ Electronic Frontier Foundation https://www.eff.org/join 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107 -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
