Tuesday, 21 January 2014

Ghostery app's new WiFi Protection feature

I'm a fan of the Ghostery apps and plugins - they allow one to keep an eye on just how many other people are trying to snoop over my shoulder when I'm on the web.

The latest version of the iOS Ghostery app (v1.4) mentions a new feature called 'Wifi Protection via proxy automatic file (aka PAC file)', but with little explanation as to what it is... I took a look at this new version at it seems they've come up with a way to add tracker blocking for ALL apps when connected to WiFi. They have done this by creating a custom PAC file which you need to copy and paste into your WiFi setup which then provides for filtering (in Javascript) of trackers for all connections when on that WiFi network (you will need to copy and paste the PAC file for each WiFi network you connect to for it work on all WiFI networks you connect to). To enable it you click on the WiFi button in Ghostery and follow their instructions.

If you're paranoid you can download their Javascript PAC file and host it on your own server (and modify the PROXY entries so it uses your own server to return 'HTTP/1.1 204 No Content').
This looks like a pretty nice feature, though they caution that one should use Chrome or Ghostery as Mobile Safari may be a bit slow.

One thing that comes to mind is that us of PAC files could provide for a nasty security hole as you can basically fill them with an arbitrary JavaScript function that could do all sorts of fun stuff like redirect your more sensitive web visits elsewhere. This is not to say Ghostery is doing this but it just brought to mind the possibilities - so beware of random PAC files.