0

edge.activity.windows.com blocked

Microsoft Edge browser requires URL 'edge.activity.windows.com' for sync functionality. 

NextDNS log shows the URL as blocked by WindowsSpywareBlocker list. 

I reported this as a false positive on their github but they deny this URL is in any of their rules. 

Is this a NextDNS bug?

16 replies

null
    • Pro subscriber ✓
    • DynamicNotSlow
    • 2 yrs ago
    • Reported - view

    This isn't a NextDNS bug but ignorance problem with WindowsSpywareBlocker maintainer.

    Just don't use his nonsense list and you're fine.

      • Tabodo
      • 2 yrs ago
      • Reported - view

      DynamicNotSlow I followed it up with a bug raised on WindowSpyBlocker github. They swear black & blue its not THEIR list blocking the URL & advised me to report the bug to NextDNS.

      Easy solution was to Whitelist the URL of course, but who to believe?

      By not following this up I leave the problem open to others. Doing a web search for Edge Browser not syncing produces A LOT of hits.

      How to take it up for clarification with NextDNS?

      • Pro subscriber ✓
      • DynamicNotSlow
      • 2 yrs ago
      • Reported - view

      Tabodo i use (only) OISD list and the domain isn't blocked.

      So, it can't be a problem on NextDNS side, else it would be blocked for me too.

      • Calvin_Hobbes
      • 2 yrs ago
      • Reported - view

      Tabodo there’s always going to be false positives.  You reported it, which is about all you can do (and more than many would do).   Add it to your allow list and move on.      

      • Tabodo
      • 2 yrs ago
      • Reported - view

      Calvin Hobbes I'm responsible for a bunch of BSD & Linux servers & Windows desktops. NextDNS is an excellent convenience for me in blocking unnecessary/resource hog/dangerous DNS queries.

      I will continue to objectively follow up to satisfy myself that things are tuned well for our usage case.  Currently 50.9% our queries are being blocked with no ill effect (except this instance). 

      Taking a look at WindowsSpyBlocker rule sets I see 'activity.windows.com' & 'test.activity.windows.com' being blocked which is questionable and may result in NextDNS incorrectly wildcarding 'edge.activity.windows.com'.

      Then looking closer at the rules I see they are blocking 'time.windows.com'. Designating an NTP server as "spying and tracking on Windows systems" is not just questionable, it's plain wrong

      My assumption is the author of the rulesets is not just trying to block "spying and tracking on Windows systems" but just including every conceivable URL associated with Windows OS, which breaks functionality for Windows OS users and is frankly comletely unnecessary for non Windows systems. 

      I have removed their ruleset from our DNS config as the advice from DynamicNotSlow appears indeed correct. Probably not a bad idea for NextDNS admins to include a caveat that WindowsSpyBlocker rules will break Windows OS functionality. 

      Glad I got to the bottom of it. Thanks to all those who replied.

      • Calvin_Hobbes
      • 2 yrs ago
      • Reported - view

      Tabodo fair enough.  Many people, especially end users, often  to get mired down trying to concoct the perfect system.   Prior to retirement, I was in charge of a the network for a small municipality so I feel your pain.

      I often ask myself how I’d implement NextDNS for a large number of non technical users and I don’t have a good answer.  Prior to retirement I used quad 9, figuring it would (hopefully) stop the worst problems.  I had also used opendns, with just a tiny number of categories (essentially not appropriate for work…porn, violence, etc), and still had to hunt down the occasional false positive.   I’d generally do a manual override (allow list), and report the mistake.  

      NextDNS  is fantastic, but since they rely on curated 3rd party lists, deploying on a large scale would be challenging.  Unfortunately, it’s probably better to do too little blocking than too much unless you have resources to deal with false positives.

      Now that I’m only responsible for my own home network, false positives are merely an inconvenience

      good luck to you 

      • Pro subscriber ✓
      • DynamicNotSlow
      • 2 yrs ago
      • Reported - view

      Calvin Hobbes what's why I wrote about OISD list.

      Give it a try with NextDNS

      • Calvin_Hobbes
      • 2 yrs ago
      • Reported - view

      DynamicNotSlow I use that and a bunch of others.  I’m ok with false positives and I just do a quick disable when needed.  
      I really wish NextDNS would implement a temporary disable switch (30 seconds would probably be enough).  Obviously, that’s not going to work for a network wide solution, but would be great for savvy end users.  
      Thanks for the tip…I’m going to see if it works for the wife :)

      • Pro subscriber ✓
      • DynamicNotSlow
      • 2 yrs ago
      • Reported - view

      Calvin Hobbes using more lists mean more false positives. OISD is specialized for just working without false positives.

      Greetings

      • Tabodo
      • 2 yrs ago
      • Reported - view

      DynamicNotSlow Yes, OISD author takes pride in not having false positives.

      My approach is to enable some of the biggest lists & then compare, prune back.

      Looking at my analytics I see Steven Black as the most blocks.

      Steven Black

      691,029

      NextDNS Ads & Trackers Blocklist

      508,626

      oisd

      497,187

      With this I'm not seeing much problem.

      The two lists causing immediate problems are the afore mentioned 'WindowsSpyBlocker' & the new beta Native Tracking Protection (Windows)

      • Pro subscriber ✓
      • DynamicNotSlow
      • 2 yrs ago
      • Reported - view

      Tabodo be warned with Steven Black lists. He doesn't care about false positives because of fixing "need work & time". He also only uses external lists.

       

      I got most false positives with his list in the past. That's why i disable NextDNS stock list (which use Steven Black and others) and only use and recommend OISD.

       

      Greetings

      • Tabodo
      • 2 yrs ago
      • Reported - view

      DynamicNotSlow "NextDNS stock list (which use Steven Black and others)"

      Respectfully, please cite the source of this claim.

      • Pro subscriber ✓
      • DynamicNotSlow
      • 2 yrs ago
      • Reported - view
      • Tabodo
      • 2 yrs ago
      • Reported - view

      DynamicNotSlow Much appreciated. Thanks 👏

      • Tabodo
      • 2 yrs ago
      • Reported - view

      DynamicNotSlow Taking a look at the Steven Black github it appears actively maintained and responsive to false positives issues raised.

      ° It may not be quite as actively maintained as one would prefer but it is maintained. 

      ° One may not always agree with the decisions made regarding false positives issues reported but they are looked at. I see no justification for the claim 'doesn't care about false positives'.

      ° In any event, it's up to end users to evaluate the effectiveness, or not, of lists. Since it is included in base NextDNS list it must be somewhat reputable...

      • Pro subscriber ✓
      • DynamicNotSlow
      • 2 yrs ago
      • Reported - view

      Tabodo you can take a look at posted issues and his response to that.

      You can use his list if you want. I only got bad experiences and avoid it at all cost.

Content aside

  • 2 yrs agoLast active
  • 16Replies
  • 402Views
  • 2 Following