Ebay is port scanning visitors to their website - and they aren't the only ones
submitted 3 years ago by whistlepig from (blog.nem.ec)
[–]magnora7 7 insightful - 1 fun7 insightful - 0 fun8 insightful - 0 fun8 insightful - 1 fun - 3 years ago* (0 children)
TIL about website-based port scanning... nice post.
[–][deleted] 3 years ago (1 child)
[deleted]
[–]Jesus 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 1 fun3 insightful - 2 fun - 3 years ago (0 children)
Ebay owned by a billionaire left-Wing Zionist.
[–]Newmug 5 insightful - 1 fun5 insightful - 0 fun6 insightful - 0 fun6 insightful - 1 fun - 3 years ago* (3 children)
What does this mean? What is "port scanning" and why is it bad?
[–]magnora7 5 insightful - 2 fun5 insightful - 1 fun6 insightful - 1 fun6 insightful - 2 fun - 3 years ago (2 children)
Basically your internet connection has "ports" and different ports are used for different communications between things. So browsing a web browser is one port, torrents are another port, OS updates might be another port, etc.
So what ebay does is when you connect, it looks at every single port you have open (and there are like 36000 total ports on every computer that could be open) and if some of them are open, it could be a potential vulnerability for them (or whoever they sell the data to) to gain entry to your computer system.
[–]Newmug 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 0 fun3 insightful - 1 fun - 3 years ago (1 child)
Fuuuuucccckkk! Surely that's illegal or something?
[–]magnora7 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 0 fun3 insightful - 1 fun - 3 years ago (0 children)
Apparently not
[–]night 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 1 fun3 insightful - 2 fun - 3 years ago (4 children)
This is scary. Is there anything users can do to prevent this from happening?
[–]whistlepig[S] 3 insightful - 1 fun3 insightful - 0 fun4 insightful - 0 fun4 insightful - 1 fun - 3 years ago (3 children)
I'm no security expert.... but the best I can think of is to always run browsers inside of a VM.... which would definitely be a hassle.. but I guess not so bad once I get it setup and in the habit of using it. Just a matter of leaving one running with a browser inside it. Not sure how well video will work inside it.
I do run only linux and have for a decade+... so there is that, but even if they're not running their script on linux machines now doesn't mean they won't later.
I also typically use noscript on firefox and it looks like (just checked) I never allowed scripts from that ebay-us.com domain so I'm good on that front in regards to ebay, but who knows what other site is doing the same thing.
The openbazaar.org project is really starting to mature. I'll try to use my ebay anger to help motivate me to start using that site more.
[–]magnora7 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - 3 years ago* (2 children)
Good suggestions, I also think running a VPN would be a good idea, so they'd scan the VPN ports rather than your computer ports. But I guess it depends if the port-scanning script is run server-side or client-side
[–]whistlepig[S] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 0 fun3 insightful - 1 fun - 3 years ago (1 child)
nah.. correct me if I misunderstood the article.. but I'm pretty sure the script is running on your computer locally.. so it isn't scanning anything other than the computer that is running your web browser. so basically.. a vpn wouldn't have an affect on this issue.
I read the article now.
A bit of Javascript code can wrap that into a package and allow any site to scan a user’s internal network, determining which IP addresses and ports have services running.
Yeah you are right. That's pretty crazy.
[–]whistlepig[S] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 0 fun3 insightful - 1 fun - 3 years ago (0 children)
Really in depth article. Some interesting points are how it seems to not run if browser in on linux and some significant effort at obfuscating the code. Definitely put a whole lot of effort into not getting caught. And it looks like this has been going on since at least 2013.
Also theorized that ebay is just one of another 30,000 websites doing the same thing and adding the data to the same database.
[–]Jesus 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 0 fun3 insightful - 1 fun - 3 years ago (6 children)
And will a good VPN stop this behavior?? Or an alternating dns?
[–]whistlepig[S] 4 insightful - 1 fun4 insightful - 0 fun5 insightful - 0 fun5 insightful - 1 fun - 3 years ago (5 children)
I wouldn't think it would stop anything.. as long as the script runs on your computer it will be able to scan the ports that can be seen from the browser. The only way I can think to stop that is to either stop the script from running or hide your computer from it by putting the script/browser inside a vm or sandbox in some other suitable way.
If you're not familiar I'd start looking at virtualbox. Find some pre-made vm's and start there.
There is also noscript and similar addons on firefox, but how are you going to know which domains are hosting this kind of script?
[–]danuker 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 0 fun3 insightful - 1 fun - 3 years ago (1 child)
I second the sandboxing. Check out Qubes OS.
Agree. I've downloaded it and such a while ago, but haven't had the chance to really devote time to it yet.
[–]Jesus 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - 3 years ago (2 children)
True, and what is to say that the script has to run in order for the website to work?
[–]whistlepig[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - 3 years ago (1 child)
It doesn't need to run for the web site to work. I've been using noscript for well over a decade and have had the ebay-us.com domain blocked using noscript for a long while and it hasn't affected the functionality of the site at all.
[–]Jesus 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - 3 years ago (0 children)
Glad to know.
[removed]
[–]whistlepig[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - 3 years ago (0 children)
So we have to care about our privacy on our own.
I remember that that was definitely a very common statement in the 90's and into the early 00's. Unfortunately, the more the normal population got online the more that sentiment got ignored and drowned out.
But to be honest, I don't see this particular issue to be a part of that sentiment. We're looking at a business we choose to do business with in good faith actively and secretly attacking the security of our computers in a manner unrelated to the business we are conducting with them. I've been a customer for a long time and I'm pretty pissed about it. Openbazaar has become pretty functional these days, I think I'll be looking there first next time I need something.
use the following search parameters to narrow your results:
e.g. sub:pics site:imgur.com dog
sub:pics site:imgur.com dog
advanced search: by author, sub...
~0 users here now
A sub dedicated to one of the most beautiful places on earth, be it digital or analogue: a private one.
[–]magnora7 7 insightful - 1 fun7 insightful - 0 fun8 insightful - 0 fun8 insightful - 1 fun - (0 children)
[–][deleted] (1 child)
[deleted]
[–]Jesus 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 1 fun3 insightful - 2 fun - (0 children)
[–]Newmug 5 insightful - 1 fun5 insightful - 0 fun6 insightful - 0 fun6 insightful - 1 fun - (3 children)
[–]magnora7 5 insightful - 2 fun5 insightful - 1 fun6 insightful - 1 fun6 insightful - 2 fun - (2 children)
[–]Newmug 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 0 fun3 insightful - 1 fun - (1 child)
[–]magnora7 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 0 fun3 insightful - 1 fun - (0 children)
[–]night 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 1 fun3 insightful - 2 fun - (4 children)
[–]whistlepig[S] 3 insightful - 1 fun3 insightful - 0 fun4 insightful - 0 fun4 insightful - 1 fun - (3 children)
[–]magnora7 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - (2 children)
[–]whistlepig[S] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 0 fun3 insightful - 1 fun - (1 child)
[–]magnora7 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 0 fun3 insightful - 1 fun - (0 children)
[–]whistlepig[S] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 0 fun3 insightful - 1 fun - (0 children)
[–]Jesus 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 0 fun3 insightful - 1 fun - (6 children)
[–]whistlepig[S] 4 insightful - 1 fun4 insightful - 0 fun5 insightful - 0 fun5 insightful - 1 fun - (5 children)
[–]danuker 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 0 fun3 insightful - 1 fun - (1 child)
[–]whistlepig[S] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 0 fun3 insightful - 1 fun - (0 children)
[–]Jesus 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - (2 children)
[–]whistlepig[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - (1 child)
[–]Jesus 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - (0 children)
[–][deleted] (1 child)
[removed]
[–]whistlepig[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - (0 children)