Consider adjusting the heuristic for sites that exist across many ccTLDs

[pde]

Looking at #1251, and the entries for Yahoo, Google, and Amazon in src/multiDomainFirstParties.js, it seems that an issue we can expect to see over and over again is a company's CDN domain being blocked because they have company.com, company.co.uk, company.jp, company.fr, etc.

We could probably just adjust the counting measure for our heuristics to only count company once, and that would prevent this from recurring. We could wildcard this across all public suffixes, or just ccTLDs.

It shouldn't prevent us from catching any real trackers.

[jawz101]

My gut reaction is I'm hesitant to the implications.

[ghostwords]

I like it, and I think this is the proper fix for #1251, given the snitch map:

badger.storage.snitch_map.getItem("r9cdn.net")
["kayak.com", "kayak.com.au", "kayak.co.uk"]

[jawz101]

Is it possible to confirm matching SSL certs or owner info something? Call me ignorant but this makes me think of cybersquatting. Are there security implications by assuming hello.us is the same as hello.uk, hello.mx, etc.?

[jawz101]

While the list is ugly, there are relatively few companies which own a bunch of country domains. Most own different secondary domains if anything. I'm trying to wrap my head around if this would assume something not secure.

[ghostwords]

The security implication is that Badger may incorrectly consider example.com and example.net to belong to the same party (it's not guaranteed, just reasonably likely), and so may undercount a third-party domain it saw perform tracking on both example.com and example.net by one (it will take one extra sighting to start blocking this third-party).

[ghostwords]

This doesn't seem worth doing at this point. MDFP entries are typically a mix of country code domains, and domains that are not obviously associated with each other; it's rarely country codes alone.