{twittery announcement is clicky-here}
NEW THING! - there's now a parallel, dedicated forum thread here for the more philosophically-driven critiques of TrackerSmacker... take a look, if that's where you'd like to dip an oar (so to speak). Thanks!
Since we moved from years of study and admittedly obsessive analysis, and into providing our own cryptostorm-maintained Domain Name Service (DNS) resolver architecture - which we named deepDNS (because we got tired of referring to it in our team discussions & IRC chat as "the in-house cstorm DNS resolvers") - we've been breaking new ground in exploring all the ways that doing really good DNS resolution service can improve network security for our members and for the wider community online.
That's really no surprise... but it's still a little bit surprising just how powerful deepDNS really has the potential to be. After all, DNS is one of the fundamental building blocks of internet functionality: there's no internet without DNS. Plus, DNS itself is notoriously riddled with all sorts of security issues, known vulnerabilities, and all but uncountable ways that it can be attacked successfully and with devastating effect (see also: Dan Kaminski
). So, doing DNS better - not perfectly, mind you... but still better than it is normally done - for our members and the community can really be a Good Thing. It is, actually, a Good Thing; we've already seen that, in how we enable things like transparent .onion/i2p access, and how we implement DNScurve and DNSchain protections. Which is all... really good. 
But wait, there's more. Turns out, there's the possibility to do alot more.
In recent discussions amoungst our core team, the idea of doing DNS-based ad-blocking came up. This isn't a new idea, to be clear: it's been done, and discussed, and explored by other smart folks and it's not something we came up with out of thin air (nothing really is, because any really good idea has already been noted by researchers long before it's ready to implement by a team such as ours - by definition). Once we started kicking the idea around, however, we immediately saw how powerful it could be in the context of our network itself.
This isn't the right place to do a full analysis of the various ways adware/crapware and ad-tracking spyware breaks the internet, hammers privacy, enables spy agency surveillance, and also makes all sorts of routine daily 'net activities slow, dysfunctional, and generally awful. We all know this is true; what used to be a sort of marginal concern (mostly related to security/privacy damage) has become really mainstream in terms of why ad-tracking crapware is evil. If for no other reason, all this tracking stuff that adware uses to throw more and more targeted ads at us makes a big chunk of websites on the internet so bloody slow as to be all but useless. Plus, it straight-up causes browsers to crash when some ad-heavy websites are visited... and that's the legitimate news websites! (try visiting some tracker sites, or "adult" sites, and they simply refuse to load no matter how fast a 'net connection one might have). Then there's the huge impact this garbage has on smartphone-based web browsing... basically, the list of bad things coming from ad-tracking crapware is really long, really deep, and impossible to ignore nowadays.
So, unsurprisingly, there's all sorts of counter-tech that exists out there. Most has the best of intentions... but even with that alot of it has become dysfunctional itself. For example, some long-popular "adblock" browser extensions are nowadays so bloated, inefficient, and complex that they themselves slow browser performance to a crawl... and some even allow ad networks to pay for whitelist status, as a revenue source! We're not passing judgement here, to be clear. What we are saying is that most every approach to limiting this ad-tracking crapware has its own laundry list of unintended symptoms, costs, and frustrations associated with it.
Not using any of it, however, results, in web browsing that's often slow, buggy, rendered poorly, littered with pop-ops, bogged down with crash-y javascript... and of course so not-private it's almost impossible to overstate. So it's a lose/lose sort of decision we all have to make, in terms of what anti-adware tools we use (along with their side effects) versus how much ad-tracking crapware we're willing to put up with (in terms of all the evils it brings).
Blah. That sucks. So we made TrackerSmacker(h/t @FalsNameMcAlias).
Earlier versions of DNS-based ad-tracker blocking required folks to manually set their local DNS resolvers to a new resolver that did the blocking for them. That's fine, sorta... but beyond what most folks want to have to do in order to block ads - also it doesn't always stay working and needs to be done repeatedly in alot of OS contexts, in order to "stick" over time. Since we do this at the deepDNS-resolver level of cryptostorm's network, all that fiddling is simply not needed. Indeed, we implemented TrackerSmacker behind the scenes, last week, without any need to tell folks about how it works in order for it to work.
That's right: since last week, if you're using cstorm, you're hand has already been soaking in the luxuriously adware-filtered softness of TrackerSmacker!
True to form, we've created a new github repository for the deepdns-TrackerSmacker function - and we'll be publishing there the syntax we use to enable it, the whitelist/blacklist exceptions or additions that we make based on community input, and so on. Which is to say: the details of how TrackerSmacker works, and how we've implemented it, are far from secret or nonpublic. We're looking forward to ongoing community assistance in fine-tuning the way we provider TrackerSmacker protection within the deepDNS context.
And guess what? Because we maintain a (not officially announced, but long-since-supported fully) public pool of deepDNS-powered resolvers, anyone who wants to can benefit from deepDNS... even if (for some mysterious reason) they aren't using the cryptostorm network itself. At no cost: free. That requires manually changing local DNS settings, of course... but even so, it's pretty useful, and pretty cool, that anyone can take advantage of TrackerSmacker.
TrackerSmacker is cool, it really is. It makes websites with lots of ads on them load way, way faster - and not be crashy, bloated, and laggy when scrolling. With fine-tuning, it'll continue to improve and to add more benefits for anyone who wants to make use of the deepDNS resolvers. We're not anti-advertising at a philosophical level, nor even particularly obsessive about the privacy impact of ad-tracking crap (which is pretty seriously negative, even in the best of interpretations)... but we have seen this stuff turn into a serious pothole on the internet. And we just filled that pothole, with TrackerSmacker - or whatever metaphor works better than that. Whatever - it's cool.
DeepDNS started as something we created because the alternative tools out there weren't quite up to cryptostorm's standards of functionality, privacy, and security. Since that start a few years back, it's expanded into it's own thing - in some sense, with a broader reach than cryptostorm itself. Who knows... perhaps deepDNS will fly the nest and become a big, cool, standalone success story that overshadows cryptostorm itself. Stranger things have happened, eh?
Meanwhile, we're proud to be where deepDNS started - and where TrackerSmacker got going, too! W00d.
- - - - -
Here begins the gratuitous bits:
<insert gratuitous Wolfmother reference>
<insert not actually gratuitous h/t to our friend ntldr for his help brainstorming the early structure of TrackerSmacker... but this pic is in fact totally gratuitous, so there's that
>
