Canadian TV, Computing and Home Theatre Forums banner

1 - 5 of 5 Posts

·
Registered
Joined
·
67 Posts
Discussion Starter #1
I discovered a few days ago that facebook had made some changes that were, to say the least underhanded. It seems that under facebook's privacy setting there is a option (preselected by facebook) that effectively lets them gather and send out information about you/sites you visit etc.

This "option" appears under Web & Apps and is called Instant Personalization.
I went to CNN's site (they have an embedded link to facebook) and I got a pop-up "xd_proxy.css and static.ak.fbcdn.net". I then went to Portland State University's web-site and was "blocked". My I.P. had been blacklisted for the following reason, as I had been informed by CBL.Abuseat. <you have an open proxy used for spamming on that IP, or
- you have a NAT firewall, and one or more machines behind it have an open proxy used for spamming.>

I am really angry with facebook....again!
 

·
Registered
Joined
·
628 Posts
Instant personalization came in spring 2010.

What makes you think that affects the blocking of your IP? That could be an error on the site's part, someone previously had your IP and they were a spam-bot network, etc.
 

·
Registered
Joined
·
67 Posts
Discussion Starter #3
I could be wrong? The blocking coincided with the appearance of the Proxy warning message that I received from a couple of sites that I went to, were facebook had an embedded link. While instant personalization may have been around for some time, this was the first time that I ever saw that warning, and after deselecting it, I no longer get that warning.

I am using a Rogers Rocket stick, and I did speak to Rogers about the blacklisted IP address. The tech person that I spoke to, either did not know what I was talking about or did not care. He sent my concern up to the 2nd level, and it was apparent, that Rogers was not concerned at all about the integrity of their IP address. They did suggest that, for an additional cost, I could have a private IP address.......

I am not sure if this is an issue that CRTC is or has looked into?
 

·
Registered
Joined
·
626 Posts
First of all this has nothing to do with facebook and as much as I don't like them myself I can say they are not to blame for this. It's just a coincidence and/or mis-understanding of the data you are interpreting.

The CBL (Composite Block List) is a site that,
"lists IPs exhibiting characteristics which are specific to open proxies of various sorts (HTTP, socks, AnalogX, wingate etc) and dedicated Spam BOTs which have been abused to send spam, worms/viruses that do their own direct mail transmission, or some types of trojan-horse or "stealth" spamware, dictionary mail harvesters etc."
In other words if an IP address is found to do any of what is quoted above it gets listed in the CBL. Servers, almost exclusively mail servers can check an IP address against the CBL before accepting a email. If it's listed the email is blocked. It's a Spam/Virus/Trojan prevention measure. I use it on my mail server as one of many defences against that sort of thing.

Because the IP address you are assigned is dynamic all this means is that someone who had the IP address before you was probably running a compromised machine that was sending out Spam that was caught in one of the CBL honeypots and the IP address was blacklisted.

Now, it's unusual for a web site to use the CBL to block visitors, as I said it's usually only mail servers that make use of it, so what you are experiencing is very unusual. If anything, using the CBL to block web site visitors is a mis-use of the CBL and, in this case, the blame should squarely be put on the site admins of the web site you are visiting. About the only thing you can do is to disconnect/reconnect the Rocket Stick so it gets assigned a new IP address that is not the one that is listed. The other thing you could do is use the CBL Lookup and Removal but that will take too long. It's much quicker to just get a new IP address.

Rogers tech support won't be able to do anything for you which is why they reacted the way they did. They are not going to keep track of everyone who was assigned that IP address before you and try and figure out which one was the compromised machine.
 

·
Registered
Joined
·
67 Posts
Discussion Starter #5
Thank You for a very informative reply! I guess in some sort of facebook loathing way, I was perhaps a bit too quick to blame them. I guess that it was just coincidence that I started to get a "proxy pop-up" when visiting CNN's site, and the pop-up made included "fbcdn" in the string. I have since learned that the CNN issue had to do with Instant Personalization, which I think facebook must have made some changes to.
 
1 - 5 of 5 Posts
Top