Update (2021-09-29): Reading over Hacker News, I was not previously aware of server-side tagging. The engineers working for that Mountain View, CA business are clever bastards, I will give them credit for that. The emergence of this technology illustrates their disrespect towards those who wish not to be tracked and their determination to impose themselves by any possible means. I will do my best to circumvent server-side tagging, also. Surveillance capitalism must not succeed. In the meantime, I encourage the use of Gemini in place of the WWW.
If you are a computer hobbyist and are displeased with Google and Facebook nonconsensually tracking your every digital move through websites and applications not under their direct control, I encourage you to consider using sirubo, a project that I felt was imperative for me to build and release to the public under a permissive license.
In essence, sirubo is a POSIX shell script that leverages:
whois, to perform a query for autonomous system, or AS, prefixes, such as
nftableson Linux and
pfon OpenBSD, to impose firewall rules that reject outgoing traffic to IPv4 and IPv6 addresses associated with the aforementioned ASN prefixes.
I've been experimenting with sirubo during the COVID-19 pandemic, and while I plan to write a manpage and continue to address possible programmatic imperfections within sirubo's source, I believe this software is generally ready for production use on personal Linux and OpenBSD systems.
If interested, within a shell...
- Clone the sirubo repository:
% git clone https://git.sr.ht/~speguero/sirubo
% cd sirubo % make install
AS15169 # Google AS32934 # Facebook
% sirubo -c > retrieving asn prefixes from: AS15169 AS32934 %
nccommands; Google and Facebook outbound traffic should now be rejected:
% nc -vw 1 google.com 443 nc: connect to google.com (0.0.0.0) port 443 (tcp) timed out: Operation now in progress nc: connect to google.com (0.0.0.0) port 443 (tcp) failed: Connection refused % nc -vw 1 facebook.com 443 nc: connect to facebook.com (0.0.0.0) port 443 (tcp) timed out: Operation now in progress nc: connect to facebook.com (0.0.0.0) port 443 (tcp) failed: Connection refused
% sirubo -s
% sirubo -r
Principally, the purpose of this software is to reclaim your privacy from these Silicon Valley conglomerates. It must be noted that businesses such as Google and Facebook are fundamentally of the advertising industry. Particularly, in an era of personalized advertising, and considering the measures necessary for such an idea to be feasible, businesses such as Google and Facebook ought to not be trusted.
To conclude this first blog post of mine, I wanted to make note of some good, old-fashioned Northeastern American sarcasm that I injected into the sirubo source code (at line 14):
1 #!/bin/sh -ue 2 3 # .__ ___. 4 # _____|__|______ __ _\_ |__ ____ 5 # / ___/ \_ __ \ | \ __ \ / _ \ 6 # \___ \| || | \/ | / \_\ ( <_> ) 7 # /____ >__||__| |____/|___ /\____/ 8 # \/ \/ 9 # v0.3 10 # 11 # ASN prefix (big tech conglomerate) 12 # outbound traffic blocker. 13 # 14 # "Special shout-out to Google and Facebook!"
Silicon Valley, allow me to toss in your direction a friendly vernacular phrase from my hometown of Boston: