I just read the following Blog entry: Lies, Lies and Adobe Spies which mentioned Omniture 2o7.net cookies.
So I decided to block that domain.
Applications besides browsers seem to use 2o7.net. A quick search on Google showed a lot more applications using that spying domain than I expected. This means that disabling those cookies in your browsers is not good enough. So I tried to deny all access to 2o7.net with a Little Snitch rule.
This does not work however if you allow an application unrestricted access. In my case FireFox is allowed to do pretty much everything. And by design Little Snitch considers this a more specific rule which has precedence. It would be nice if Little Snitch would add Global rules for these kind of use cases.
This makes me pine for my old Sygate Personal firewall still running flawlessly on my old Windows machine. In Sygate you could have Advanced rules overriding the application rules.
As a workaround I created an entry in hosts like this: 127.0.0.1 2o7.net. Hopefully advanced rules of some sort will be added to Little Snitch, because altering your hosts table for this is just stupid.
KnobsLeversButtons 
truth is, this kind of method is frequently used and provides no threat to the customer. in fact, this is a benefit to the customer, as business can now better optimize as they do with the web the customer experience with applications. having a simple ping to a server doesn’t provide information on what was drawn, coded or published but simply what was clicked, for how long and how many times, “user interaction” – that’s all. working with web analytics, i myself have deployed an array of solutions like this and given omniture offers the manipulation of process of the data as part of the service, its a lot cheaper for a company to utilize this option versus building it themselves. its essential data needed ‘bottom line’ to help provide better products for the customer and poses no threat.
Can’t you just add this rule in the terminal? Type (without quotes) “sudo nano /etc/hosts”, then after localhost add (without quotes, indeed) “127.0.0.1 2o7.net”, type ctrl+O and save.
PaulStar:
?? Yeah isn’t that what I said? How you edit your hosts is up to you.
You’re right, I scanned your text to quickly. I apologize 🙂
That won’t actually work reliably – OS X uses an additional layer on top of /etc/hosts called NetInfo
my typical approach is:
cd /etc
sudo vim hosts
sudo niload -v hosts / < hosts
the last line will ensure that the NetInfo database is up to date – I’m unsure of the specifics, but without the last line things can get unstable, and may require a log out or reboot before changes are made
(for those that don’t know, “sudo” temporarily grants you administrator privileges _if_ you are an admin user – don’t be freaked out when it asks for your password)