Hosts: DigiKey Blocked?

Thanks Sameer @sameer.

Ping Daniel @lightswitch05 – can you advise? Thanks.

@sameer the actual website of DigiKey (https://www.digikey.com) is not blocked and you can browse it freely if that is your concern. The domain in question is most likely some tracker that has nothing to do with DigiKey the electronics component distributor.Even if it does something to do,it does not affecting browsing,purchasing or whatever else you need to do on their website.

Can you post a link that you have problems with the mentioned domain being blocked?

@sameer the actual website of DigiKey (https://www.digikey.com) is not blocked and you can browse it freely if that is your concern. The domain in question is most likely some tracker that has nothing to do with DigiKey the electronics component distributor.Even if it does something to do,it does not affecting browsing,purchasing or whatever else you need to do on their website.

Can you post a link that you have problems with the mentioned domain being blocked?

[sameer@pc ~]$ nslookup digikey.com
Server:         8.8.8.8
Address:        8.8.8.8#53

Non-authoritative answer:
Name:   digikey.com
Address: 204.221.76.76

[sameer@pc ~]$ nslookup www.digikey.com
Server:         8.8.8.8
Address:        8.8.8.8#53

Non-authoritative answer:
www.digikey.com canonical name = northamerica.digikey.inscname.net.
northamerica.digikey.inscname.net       canonical name = pciins-046.inscname.net.
pciins-046.inscname.net canonical name = a-digikey-001-gyf12.insnw.net.
Name:   a-digikey-001-gyf12.insnw.net
Address: 159.180.84.23

The line www.digikey.com canonical name = northamerica.digikey.inscname.net. is why I believe it to be blocked.

When I curl their site, I get

[sameer@pc ~]$ curl -I digikey.com
HTTP/1.0 301 Moved Permanently
location: https://www.digikey.com/
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

So the www variant shouldn't be blocked.

Sameer @sameer, northamerica.digikey.inscname.net is not a digikey domain. It's a subdomain of inscname.net.

Closing.

Sameer @sameer, northamerica.digikey.inscname.net is not a digikey domain. It's a subdomain of inscname.net.

Closing.

Why would the CNAME for only www.digikey.com resolve to that?

Sorry @sameer forgive me for not fully reading the nslookup output.

Re-opening.

There is some history on this one, the logic to add a wildcard block of insnw.net and inscname.net and be traced back to https://github.com/StevenBlack/hosts/issues/801#issuecomment-431848855

Those domains are owned by InstartLogic - which is basically a RootKit company designed for the web. They exist to bypass traditional ad and tracking blocking. No doubt digikey's decision to host their entire domain within InstartLogic is an effort to bypass ad and tracking protection.

Whats the general feel on this one? White list this specific subdomain? Or should insnw.net and inscname.net be moved into the aggressive list?

Edit: I had linked to the wrong comment

There is some history on this one, the logic to add a wildcard block of insnw.net and inscname.net and be traced back to #801 (comment)

Those domains are owned by InstartLogic - which is basically a RootKit company designed for the web. They exist to bypass traditional ad and tracking blocking. No doubt digikey's decision to host their entire domain within InstartLogic is an effort to bypass ad and tracking protection.

Interesting, I guess we can only expect this to happen more.

Whats the general feel on this one? White list this specific subdomain? Or should insnw.net and inscname.net be moved into the aggressive list?

Edit: I had linked to the wrong comment

Not sure what's appropriate here. If everything for DigiKey is coming through InstartLogic, it would make sense to rely on uBlock Origin and the like to detect and block content on the page. It will be a hassle if more prominent sites begin to operate like this.

Unfortunately uBlock Origin is also unable to correctly sort through the junk coming from InstartLogic. They designed it specifically with that type of software in mind. I'm not joking when I compare it a web based Rootkit because that is exactly what it is:

A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or areas of its software that is not otherwise allowed [1]

If uBlock origin added a feature to block off of headers too instead of just URL, then there might be a solution. But at the moment nothing can be done

If uBlock origin added a feature to block off of headers too instead of just URL, then there might be a solution. But at the moment nothing can be done

In this case then, is the best course of action just to boycott sites doing this? I can use Arrow and other distributor sites instead.

Those domains are owned by InstartLogic - which is basically a RootKit company designed for the web. They exist to bypass traditional ad and tracking blocking. No doubt digikey's decision to host their entire domain within InstartLogic is an effort to bypass ad and tracking protection.

Whats the general feel on this one? White list this specific subdomain? Or should insnw.net and inscname.net be moved into the aggressive list?

Thought:
If companies are deliberately using these kind of services, they just don't want you on there sites... And by that kind of bad behavior there are to be locked as aggressive.
Personally I would never do any business with this kind of companies, for whom your privacy is nothing but there's, turning you into a zombie/slave.

My conclusion:
Move both insnw.net and inscname.net to the aggressive list

Edit missed a `

Just to make it clear, my aggressive list is not in this project. So if I moved these domains to my aggressive list - it would effectively be unblocking them from this project. And perhaps that is the right choice.

While agree that InstartLogic is shady as hell, and the engineers at the companies using their services should be questioning the ethics of violating their user's choice to not be tracked. I also don't want to break things for a bunch of people, and this list is used by a bunch of people.

Hi @lightswitch05

I understand you situation of _why_ and _why not_ , however to me this is a simple choice, "You wanna mess with me, your out of business"

For your:

I also don't want to break things for a bunch of people, and this list is used by a bunch of people.

Who is it that breaks up there domains.... isn't it the site-owners choice to limit access to there sites, by using very shady code?

Based on what you say, Daniel @lightswitch05, leave it in, and leave it blocked here.

We have to stand on principles.

If someone takes their potentially good brand (ike DigiKey) and hitches it to something sketchy, they don't get a free-pass.

I think it is fair to leave InstartLogic on the list. I wasn't aware why DigiKey was blocked. Maybe it should be moved if more sites start to be affected?

Based on what you say, Daniel @lightswitch05, leave it in, and leave it blocked here.

We have to stand on principles.

If someone takes their potentially good brand (ike DigiKey) and hitches it to something sketchy, they don't get a free-pass.

Agreed. I didn't know why it was blocked, but now I do, I'm fine with not using their site.

Thanks Sameer @sameer and sorry again for being careless and prematurely closing the issue because I didn't fully consider your valuable input earlier.

And thanks everybody, let's stick with what we've got.

Closing.