Saturday, October 11, 2014

Fear and Loathing mpsnare.iesnare.com

Since people are freaking out about privacy concerns re: Support Live Chat  I decided to post something that should be a bit more concerning to you.


mpsnare.iesnare.com

more specifically the file : http://mpsnare.iesnare.com/snare.js .

The company behind it: https://www.iovation.com/





What is this simple little file?  Surely nothing to worry about..

"Identifying the device used to commit fraud is an effective way to root out fraud — and one that iovation has offered its clients for years. What is new in the fight against fraud is device reputation, a new layer of defense that builds upon device identification and available exclusively from iovation. The only solution on the market today that takes an in-depth look at not only the device but also its history when used online, creating a reputation score"

Well,  isn't that nice.   I can see why most online gaming companies now rely on such a service..   The issue lies in HOW they do this.


This particular script is loaded into flash,  and provides to the company a means of identifying your specific PC configuration.   This may not sound scary, as what do you have to hide? ..

Those of you sharing accounts, or running multiple accounts against TOS,  yep they know.  I do not have access to the reportinig data provided to Kixeye, but based on your machine code generated by this script they can tell.

If you think it's isolated,  think again..  I blocked this domain from loading ANYTHING,  it prevented login to my bank account (even though BP did load.. oddly enough.)  And links below show that this little tidbit is used by Zynga as well.


So this 3rd party company that you have no business with is tracking what you do,  which sites/games you visit in the name of "security".   Standard methods of detecting/monitoring this do not work as it uses a special connection between flash and the webserver.  (those that know a bit about security/networking can find it fairly easily.)


Point being,  your security/privacy is lost if you do anything online..  This live chat is nothing new, nothing special.   Either give up and get off-the grid or quit whining about things because they :"seem" bad to you.  

We are in the internet age,   people can and do track you for "security" and primarily for profit.




Some additional "Features" of this service:

  • Unmask proxies to find where transactions are originating to know where your users are really coming from.
  • Block fraud from any Internet-enabled device including PCs, smartphones, tablets, laptops and even consoles.
  • Analyze trends and report on effectiveness through scheduled and on-demand reports and by working with your client manager.







For further follow up, if you would like to see what others have to say about it..
http://mafiawars.wikia.com/wiki/Iesnare
http://www.blackhatworld.com/blackhat-seo/black-hat-seo/12822-mpsnare-iesnare.html
http://forums.irowiki.org/showthread.php?t=24315
https://www.mywot.com/en/scorecard/mpsnare.iesnare.com
http://www.housepricecrash.co.uk/forum/index.php?/topic/115396-your-lack-of-online-privacy-iesnare/






2 comments:

  1. set files and folders view to see hidden files and folders and drives. Navigate to C:\windows\system32\drivers\etc

    open "Host" file with notepad (run as administrator)

    below the coments copy and paste this

    127.0.0.1 iesnare.com
    127.0.0.1 www.iesnare.com
    127.0.0.1 mpsnare.iesnare.com
    127.0.0.1 ci-mpsnare.iesnare.com

    save host file and reboot, now the system bypasses the dns lookup routine and always goes to 127.0.0.1

    safty first. save a copy of the orig Host file and if you run into probs just put the host copy in the etc folder, do your banking, then put the edited Host file back

    Enjoy and thanks for all the good BP info

    "Rat Out: Peace live long and not be tracked"

    ReplyDelete
    Replies
    1. Yep, that's what I did to block it on mine.. the question is tradeoffs.. For those that coin they may encounter issues if they block this

      Delete

Note: Only a member of this blog may post a comment.