Ekansovi exploit on Sup Forums

it's most likely another """ad""" company

some Sup Forums developer simply added the js script tag to the site
if it was an exploit it would have already been removed a week ago

posting personal pictures is now a bannable offense on r9k

things are getting spooky

Ekansovi is showing up in noscript as untrusted and I have blocked it. Am i safe?

Isn't it only on a few boards?

People already know I browse Sup Forums, I openly talk about it all the time.

I'm not personally concerned of any repercussions, but this shit does still need to be fixed

For those wondering why the 1x1 gifs are present

browserleaks.com/canvas

It's a (((feature))) in JS that records how a certain image looks on the local machine and backs it up via AJAX/xhr as a identifier for browser fingerprinting.

for now yes, but they could easily integrate it into the JS/xhr via Sup Forums.org/* and 4cdn.org/*

why is umatrix interfering with thread refresh (Sup Forums x), captcha and board theme and how do i fix it

I have cookies enabled to use legacy captcha

Thank you friend

>for now yes, but they could easily integrate it into the JS/xhr via Sup Forums.org/* and 4cdn.org/*
They who? Mook or Ekans?

Are you logged into social media while browsing the internet? The majority of big websites have a bunch of small scripts that behave like those "X of you friends already liked/shared/retweeted this", but they're kept hidden and are trivial to mine actual profiles out of.

>hiroshimoot
It's (((them)))

ekansovi isn't even listed in NoScript.
My DNS logs don't contain it either.

Maybe because 4chanpass?

it's a cookie. look to find it

You're dumb as fuck shut up

>forgetting to add the First Son in Law aka Jared "smug kike" Kushner who owns the fucking newspaper swaglord works at

You do realize Sup Forums is a giant honeypot right?
Are you guys really oblivious to this?

Good thing I don't use kikebook.

It's a cookie which tries to look up a domain.
But I checked and there is nothing

B-but lord emperor would never let a traitor anally obliterate his daughter.

It is just speculation at this point.
At some point it might happen though.

Melly sure didn't like the weather in Israel

Does that mean that phoneposters are the safest?
Clover doesn't run JS, and even if it did there would be no way of accessing my data thanks to Android sandboxing.

>his trophy bimbo is getting BLACKED by some security bull right now

>get owner who is known in the first place for having sold 2ch user information to companies
>be surprised he is doing it on Sup Forums too
Too many newfags. Summer is real.

o fuk

I've said some racist shit, I've been exposed

exploit implies exploitation
gookmoot intentionally does this

>implying there's anything wrong with that?

we don't know.

It could either be an admin or hiro, it could be US law enforcement forcing them to install a tracker, or a third party offering it to the administration for extra bux

Oh my God, don't tell me the world will find out that I pretend to like Apple products online to make Stallman fans angry on the Internet! It would literally ruin my life.

Hmm... then again... the anti-Semitic stuff I wrote on Sup Forums could offend my Jewish aunt, if she ever finds out... nah, she's too old, she'll never find out.

>It could either be
it's jews.

Suprisingly accurate

thanks based floens
ekans is dead and bankrupt
littlecupfags on suicide watch

Here I am wondering about how many times I have written the word n*gg*r on this site and while using Gboard, and if it will jeopardize my future career somehow?

>Go to interview
>>Our data shows that you displayed racist behavior for 10 consecutive years
>Never work a day of your life, after

Clover users don't have this problem. :^)

...

It was all a matter of time. Its common knowledge that the us govt sells data collected from its population anyways. If it didn't happen now it would've happened eventually.

>Go to interview
Here's your first mistake, wagecuck.

I invested early in crypto-currencies so I can say Nigger and Kike all I want, wherever I want, to whom I want.

until (((they))) seize your BTC wallet

Can anyone in the US check if that domain "ekansovi.com" is shown in µblock origin? I got nothing here, and I don't know whether that domain is among the things µblock blocks.

Pic related.

non-us here, i've never seen that domain pop up

I'm out

Nobody ask shitworld countryman
Get the fuck out of my board

East Europoor here, doesn't show up.

I think this has the same effect as umatrix denying it
when it doubt, firewall

youtu.be/6KFz9WRRNpk

It does for me, central Europe.

Left Firefox, right Chrome.
I am using Sup Forums-x in Firefox.

>domains connected
>5 out of 8
>open umatrix
>Sup Forums.org allowed
>4dcn.com allowed
>google.com allowed
>gstatic.com allowed
what is connecting to me?!

are both loading the same page on the same board?

Don’t block them, it creates mustard gas.

This thread, yes.

someone just watched southpark, at worst they get your ISPs IP address...

not seeing anything unusual

>falling for the umatrix meme
>not knowing that he's literally serving botnet tier software

Didn't show up in firebug Net tab, so OP image is lying.

>uMatrix (9.3.6) doesn't show ekansovi (Chromium 55)
>install a new browser (Iridium 58)
>ekansovi is now shown (1.0.0)
wtf did this shit bypass uMatrix on my other browser?

It shows on Sup Forums but not here.

?????????????????????????????????

------------The solution to this problem-------------

1. install GNU IceCat, which protects you from shit javascript, man in the middle attacks, and all browser fingerprinting
2. write a new, less bloated front end for Sup Forums using the webExtensions Add-on API
3. Ask for it to be put up here:

addons.mozilla.org/en-US/firefox/collections/NateN1222/librejs-compatibility-add-ons/

Huh, it doesn't show it for me either in Firefox. Same settings and filters on both, no userscripts or other extensions.

>chromecucks

>they saved images from Sup Forums after the 1st of June

>JS
Canvas is an HTML5 thing my man

thanks, works great.
i'm not getting any requests? is Sup Forums serving these only to specific ips?

what did he fucking mean by this

Maybe Firefox is so shit that it can't even properly download Javascript files. Checkmate, atheists.

lel

So evansoki is setting a cookie and running js? How is this different than what any other ad tracker does?

How would it link you to other websites when same-origin policy is a thing?

>It does for me, central Europe.
>Left Firefox, right Chrome.
>I am using Sup Forums-x in Firefox.
>not seeing anything unusual
>It shows on Sup Forums but not here.
>Huh, it doesn't show it for me either in Firefox. Same settings and filters on both, no userscripts or other extensions.
That's some really erratic behaviour right there. I tried a random thread on Sup Forums and on Sup Forums and got nothing. So most of the time it doesn't show up. If it does, it's on Chrome and/or you're browsing Sup Forums.

Oops, I forgot about blocking all that shit. Good thing I don't post anything offensive and don't save anything illegal.

this, if someone wants to track me down for shit I've said about Nvidia or the Xbox, let them.

Good thing i used privacy browser.

Worst-case, how much can malicious js learn about you?

Thanks to captcha google has been able to link your posts to your gmail account for years. How can this even compare?

My post is likely to be removed and I am likely to be banned from Sup Forums so screencap this

>not using a completely separate browser for botnet features like google and social media

>to your gmail account
>having a gmail account
>being logged in to google

>thinking a different browser matters

Everything.

Never post

The servers were owned by Feds in 2007 transferred to another IS unit in 2008.

Content was being assigned to users identity in 2010 by IS.

Maybe now someones got an exploit too.

So people will know that I browse Sup Forums and often partake in a troll/get trolled activity with people by using racial derogatory terms?
wew lad

Chances are, it'll be on warosu now.

Also I do remember hiro really pushing for his idea of a Sup Forums-wide text search feature. That guy really hit the nail on the head.

For you guys runnin ublock origin, check logger and behind the scene to see wether it's blocked for you or not.

Per default, I think, it does not block these kinds of requests.

Would something like Privacy Badger or Do Not Track fix this?

Oh, and to block it I use this line,

behind-the-scene ekansovi.com * block

>Sup Forums was right AGAIN

maybe it's just like that for those who don't use 4chanx?

But the posts I make on here are jokes and if they link my real identity with then people will think I'm some closet alt-righter

Can't see any difference with 4chanx on or off.