Any website you visit could have been compromised and serving malicious content. Upon first visit to a website, I block all connections to domains not in the address bar, then go back in and add rules to allow connections as needed. It doesn't address malicious activity by the site directly, like a server compromise, but does limit non-addressed connections, including ones to local addresses.
For example, a compromise of .google.com which leveraged assets/code from .googleusercontent.com wouldn't initially be able to run, unless I added a rule to allow the connection. Likewise, a compromise of *.discord.com that made a connection to localhost:8983, then tried to send that data to someserver.ru would get blocked and logged. Where this can't protect me is if the server sends the mined data back to itself, then forwards that data on using its own connection.
Ad networks sell to anyone. Malicious content can be injected almost anywhere. Its happened before; it'll happen again. This web browsing hygiene has protected me enough times for me to make it my standard practice.
Candid question: why do you block those?
One word answer - security.
Any website you visit could have been compromised and serving malicious content. Upon first visit to a website, I block all connections to domains not in the address bar, then go back in and add rules to allow connections as needed. It doesn't address malicious activity by the site directly, like a server compromise, but does limit non-addressed connections, including ones to local addresses.
For example, a compromise of .google.com which leveraged assets/code from .googleusercontent.com wouldn't initially be able to run, unless I added a rule to allow the connection. Likewise, a compromise of *.discord.com that made a connection to localhost:8983, then tried to send that data to someserver.ru would get blocked and logged. Where this can't protect me is if the server sends the mined data back to itself, then forwards that data on using its own connection.
Ad networks sell to anyone. Malicious content can be injected almost anywhere. Its happened before; it'll happen again. This web browsing hygiene has protected me enough times for me to make it my standard practice.
Centralised assets beget cross-domain fingerprinting and tracking. The extension DecentralEyes tackles precisely this problem.