> It also only takes 2 minutes to change dg3fkn.website.com to 3j4vdl.website.com (Hell, you can probably automate this). We mentioned above how much work it takes to gather all subdomains being used as a front for CNAME Cloaking. Now imagine they change every week, every day, or every hour. It’s just impossible to keep track.
That's fear mongering. The ad company can't pester their clients to make changes to the DNS on a regular basis. I'd say that anything beyond initial setup would be unaccepted to most clients. And clients won't give control of their DNS to ad company, so automation is also not really possible.
Also, because this setup is substantially more friction than a simple 3rd party tracking "just copy-paste this code", I'd guess it will only be used by high profile clients.
This all means that while annoying, it shouldn't be too hard to find and add these subdomains to the ever-updating ad url blacklists.
>The ad company can't pester their clients to make changes to the DNS on a regular basis.
Many DNS providers have APIs.
>And clients won't give control of their DNS to ad company, so automation is also not really possible.
Sure they will. Or they'll use another party that does it. They already add JS from the ad provider that does god knows what to all their pages, and give full control over their content to Cloudflare. So why wouldn't they give an ad provider API access to their DNS?
That's fear mongering. The ad company can't pester their clients to make changes to the DNS on a regular basis. I'd say that anything beyond initial setup would be unaccepted to most clients. And clients won't give control of their DNS to ad company, so automation is also not really possible.
Also, because this setup is substantially more friction than a simple 3rd party tracking "just copy-paste this code", I'd guess it will only be used by high profile clients.
This all means that while annoying, it shouldn't be too hard to find and add these subdomains to the ever-updating ad url blacklists.