Most active commenters
  • michaelmrose(6)
  • vvanders(4)
  • Fnoord(4)

←back to thread

Block Ads in Apps on Android

(unlikekinds.com)
182 points whalabi | 15 comments | 20 Feb 19 14:27 UTC | HN request time: 3.616s | source | bottom
Show context
Fnoord ◴[20 Feb 19 15:35 UTC] No.19208623[source]
I'm using Pi-Hole on an Ubiquiti router together with WireGuard and DNSSEC. My Synology NAS is backup (with regards to the DNS-based Pi-Hole blocking) taking the adblocking load off the router (there's no redundancy for WireGuard endpoint though). I don't (need) to use a RPi anymore. It works extremely well for me, and all my clients also get to connect to Nextcloud running on the Synology.

My setup does far more than just blocking ads, and works transparent as long as the client is connected through WireGuard (which works seamlessly over LTE and public WiFi).

That being said, I really like how Blokada and DNS66 are available in F-Droid [1] [2], and require minimal technical knowledge to set up. The more [ad blocking], the merrier.

As a backup measure I use Firefox with uBlock. The only machine I don't use uBlock is on Kali because I want to see the website exactly as it is being served.

[1] https://f-droid.org/packages/org.blokada.alarm/

[2] https://f-droid.org/en/packages/org.jak_linux.dns66/

replies(5): >>19208826 #>>19209399 #>>19209864 #>>19210109 #>>19214442 #
DFXLuna ◴[20 Feb 19 17:35 UTC] No.19209864[source]
I've been considering setting up pihole on my home server for a while but I've always been worried that it would break a website for a non-technical family member while I wasn't there to fix it. How has your experience with website breakage been?

Also, how has your experience with wire guard been? I've been using my vpn's default client on all my individual devices out of convenience but after looking at the wire guard website I can see the appeal.

replies(2): >>19210073 #>>19210366 #
1. vvanders ◴[20 Feb 19 18:17 UTC] No.19210366[source]
The only site I've seen break was Burrow ironically enough, couldn't get through the checkout flow which is pretty darn stupid for a purchased product.

Our solution is simple, we've got two SSIDs, one w/ PH, one without. They route to separate VLANs and each VLAN uses a different gateway+DHCP with pihole or standard DNS. Fixing a website that doesn't work is simple as hopping over on another SSID.

We're using UniFi gear for the wifi, they support 4 SSIDs(8 if you split 2.4/5Ghz) per access point and USG made it trivial to setup multiple gateways(now on pfSense but that's a whole nother discussion).

replies(1): >>19210469 #
2. michaelmrose ◴[20 Feb 19 18:24 UTC] No.19210469[source]
Regarding the web, browser based blocking still makes more sense. If I have 2 tabs one which works with adblock and one which does not I can simply click an icon to enable ads on the one. Changing networks seems like a pain in the neck.
replies(2): >>19210806 #>>19211871 #
3. vvanders ◴[20 Feb 19 18:54 UTC] No.19210806[source]
On the flip side I've got 4 different devices across 3 operating systems, but putting it at the DNS layer it just works.

FWIW I've been running pihole for almost a year, aside from the issue with Burrow and some social media redirect links used to track(that I want to block) I've not had any other false positives.

replies(1): >>19210892 #
4. michaelmrose ◴[20 Feb 19 19:03 UTC] No.19210892{3}[source]
Firefox + ublock origin works on mac/windows/linux/android/bsd/some more unusual OS

On almost any machine you could have save for ios.

replies(1): >>19211147 #
5. vvanders ◴[20 Feb 19 19:29 UTC] No.19211147{4}[source]
Yeah, and as much as I love Firefox, the android implementation just isn't up to the level to where I can use it as a daily driver.

I've got nothing against browser blockers, I just prefer something that works in a unified way as a network policy.

replies(1): >>19211412 #
6. eropple ◴[20 Feb 19 19:59 UTC] No.19211412{5}[source]
What's not up to par for you? Before I went back to iOS (where I use 1Blocker as a content blocker for Safari), Firefox for Android plus uBlock Origin did pretty well for me.
7. dfxm12 ◴[20 Feb 19 20:54 UTC] No.19211871[source]
I think pihole makes it reasonably easy to disable for some amount of time or until you switch it back on. I know "reasonable" has different meanings to different people though.

For example, I don't think changing networks is a pain in the neck. It's just 3 clicks on my android phone or 2 on Windows 10. This is compared to 3 clicks to turn off a browser based ad blocker.

replies(1): >>19212862 #
8. michaelmrose ◴[20 Feb 19 22:46 UTC] No.19212862{3}[source]
I don't think this is a reasonable analysis.

It takes 3 clicks to disable adblocking for a particular site once ever. Click icon at top of window, click disable, click reload. This takes aprox 2 seconds once ever for each site. If you regularly use 7 sites that are annoying in this fashion you have invested 14 seconds.

By contrast lets discuss switching networks one of which uses dns to filter out ads. If you use one of these 7 sites 3 times per week you will incur a 6 second cost not just to click but to actually authenticate and start receiving data from the new net. That is 468 times in 3 years. This means that while I spent 14 seconds you spent 47 minutes.

This is on top of the 60 minutes you spent figuring out the complex solution that only works on your local network buying hardware, configuring hardware.

On net you will ultimately invest over 400x the time for a worse solution.

Using a solution that relies on a custom vpn is stupid in that it prevents you from using an actual vpn to increase your privacy.

Using custom dns even if there is an easy escape hatch to disable/enable it relatively quickly is STILL a global solution which implicitly requires turning it on and off manually and incurring a small time cost per operation.

In conclusion addressing ads via dns/routers wherein you intend to view some content that requires selectively disabling said feature is a complex and grossly ineffective solution. To avoid ads in apps don't install apps with ads. Browser addons remain the obvious choice. If your mobile platform doesn't allow someone to release such software for your platform use a different mobile platform. Namely ditch IOS for this and other reasons.

Solve fewer non problems.

replies(2): >>19213191 #>>19215623 #
9. vvanders ◴[20 Feb 19 23:36 UTC] No.19213191{4}[source]
> If you regularly use 7 sites that are annoying in this fashion...

I've had one false positive across a year of using pi-hole, so this is a non-issue.

If you want to use an adblocker by all means go ahead, just don't go dumping all over everyone else because your usage doesn't line up with other people's.

replies(1): >>19222849 #
10. Fnoord ◴[21 Feb 19 09:21 UTC] No.19215623{4}[source]
> It takes 3 clicks to disable adblocking for a particular site once ever. Click icon at top of window, click disable, click reload. This takes aprox 2 seconds once ever for each site. If you regularly use 7 sites that are annoying in this fashion you have invested 14 seconds.

Per browser/adblocker.

> If your mobile platform doesn't allow someone to release such software for your platform use a different mobile platform.

This isn't a feasible solution. Why not use DNS-based adblocking instead? It works for my Android TV...

replies(1): >>19222832 #
11. michaelmrose ◴[22 Feb 19 03:19 UTC] No.19222832{5}[source]
ublock origin can sync between machines meaning once ever for an entire range of devices.
replies(1): >>19223967 #
12. michaelmrose ◴[22 Feb 19 03:24 UTC] No.19222849{5}[source]
If you never ever need to selectively disable adblocking dns based solutions only suck in that they either work only in the lan, don't work with vpns, or require rooted devices to work. No downsides to be seen.
13. Fnoord ◴[22 Feb 19 08:50 UTC] No.19223967{6}[source]
How does the sync work? What protocol?
replies(1): >>19228015 #
14. michaelmrose ◴[22 Feb 19 18:56 UTC] No.19228015{7}[source]
Firefox optionally syncs a configurable list of things between installations. It uses firefox sync. All of this is opt in and encrypted so that mozilla can't read it.

https://hacks.mozilla.org/2018/11/firefox-sync-privacy/

replies(1): >>19228117 #
15. Fnoord ◴[22 Feb 19 19:07 UTC] No.19228117{8}[source]
Cheers, I knew about Firefox Sync (I used Weave with Fennec on the N810 back in the days), I knew it syncs addons, but I did not know it syncs addon settings. I'm still unsure how it determines which settings to use.