Folks:
The analysis of the APT techniques used by Kissmetrics (at
http://www.wired.com/epicenter/2011/07/undeletable-cookie/) is interesting
if thin, and suggests one way that Squid might be leveraged to interfere
with such tracking: deleting the "Etag:" header from request replies.
I know having the proxy fiddle with HTTP reply headers is against the HTTP
protocol, and that the reply_header_access option only allows fine-grain
manipulation of registered HTTP headers, and that this is fraught with the
potential for devolving into a game of whack-a-mole, but it seems to me
that this should at least be explored, and may be an argument for opening
the reply_header_access option up to fine-grain manipulation of any
arbitrary HTTP header.
I do know that right now I would sure like to be able to do:
reply_header_access Etag deny all
without hacking the Squid sources to add the "Etag" header...
Comments?
-- John Hardin KA7OHZ http://www.impsec.org/~jhardin/ jhardin_at_impsec.org FALaholic #11174 pgpk -a jhardin_at_impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 ----------------------------------------------------------------------- If guns kill people, then... -- pencils miss spel words. -- cars make people drive drunk. -- spoons make people fat. ----------------------------------------------------------------------- 3 days until the 276th anniversary of John Peter Zenger's acquittalReceived on Tue Aug 02 2011 - 20:39:57 MDT
This archive was generated by hypermail 2.2.0 : Wed Aug 03 2011 - 12:00:02 MDT