Network specialists warn about the rising popularity of “CNAME cloaking”, that big advertisers use to get past user-tracking restrictions and third-party cookie blockers by web browsers and extensions.
CNAME cloaking isn’t a new technique, but its effectiveness is becoming more potent despite the various approaches developers of anti-trackers have taken to tackle it, resulting in increased adoption rates by marketers.
Network security company Palo Alto Networks has created a CNAME cloaking scanner to gauge the extent of the problem and reports that a large percentage of new domains are using the anti-blocking technique.
Cookies and CNAME Cloaking
First-party cookies are generally considered essential for ensuring users’ stable and satisfactory browsing experience, so these are excluded from blocks.
Third-party cookies, on the other hand, are loaded from websites outside the domain visited by the users, and their goal is to track them for purposes of targeted advertising.
These third-party cookies are blocked either by comparing the origin resource of the cookies to the active domain or by using blocklists.
To bypass these blocks, CNAME cloaking uses DNS query-resolving pathways that aren’t scrutinized by the browser to make it appear as if the external resource is a subdomain of the website the user visits, and hence its cookies should be allowed.
How CNAME cloaking works
Palo Alto Networks
The result is to allow advertisers to determine if a visitor is returning or new, assign unique IDs for persistent tracking across websites, retrieve browser information, measure the frequency of visits, and more.