Most active commenters

    ←back to thread

    Ask HN: What ist your AdBlock strategy?

    99 points laserstrahl | 13 comments | 28 Oct 24 12:16 UTC | HN request time: 1.82s | source | bottom

    Hi, Just installed OpenWRT. Which solutions for ad blocking and other trackers would you recommend? Pi-Hole is not a option, since I don't have one laying around.

    So anything else I can try which will work out of the box? For links and guides I'd be happy. PS: I got dual antennas what would come into your mind to do with it?

    1. newscracker ◴[01 Nov 24 03:32 UTC] No.42013807[source]
    Whatever you end up using, make sure that there is an easy way to turn it off and on from each client device. A network wide blocker could cause issues with some sites (like banking, as an example).

    Tangential topic: I see some suggestions for NextDNS here as an additional layer. I can’t speak for Android, but if you’re looking for iOS/iPadOS/macOS/tvOS, note that NextDNS does not work well on these. The app hasn’t been updated for several years and toggling on the app does nothing (I like the app because I can quickly switch it off and on when needed, which cannot be done with a profile). Most of the time the test page at test.nextdns.io shows as “unconfigured”. Even the profile installation approach does not work on Apple TV (I’ve tried this a few times). Overall, the NextDNS servers around the world exist, but there is zero support and maintenance on the client side for the platforms I mentioned. The community forum has posts about issues that the founders don’t respond to.

    At least on macOS, I have Little Snitch that acts as a system wide blocker (one can subscribe to blocking lists just like in uBlock Origin).

    replies(5): >>42013960 #>>42015039 #>>42015072 #>>42015089 #>>42016466 #
    2. blacksmith_tb ◴[01 Nov 24 04:03 UTC] No.42013960[source]
    I use NextDNS for adblocking on Android via the Private DNS Provider setting, which works nicely. For a while I'd have to disable it to use the Wells Fargo app, but they finally removed whatever dumb dependency (Firebase?) that was breaking that.
    3. tricked ◴[01 Nov 24 08:33 UTC] No.42015039[source]
    NextDNS does support creating a profile, you can just install that and it does the dns configs for you etc that method seemed to work fairly well for me.
    4. SSLy ◴[01 Nov 24 08:42 UTC] No.42015072[source]
    ControlD is now replacing nextdns apps and functionality
    5. Havoc ◴[01 Nov 24 08:46 UTC] No.42015089[source]
    If an ad blocker causes issues with banking sites then you either need a new blocker or a new bank
    replies(2): >>42015679 #>>42016425 #
    6. hypercube33 ◴[01 Nov 24 10:54 UTC] No.42015679[source]
    Delta airlines site absolutely flips out when using uBlock and or Privacy Badger
    7. __jonas ◴[01 Nov 24 12:47 UTC] No.42016425[source]
    Bit of an unrealistic comment, this might be a choice you can make for yourself, but most people don't live alone and share their internet connection with others – I doubt telling your partner or housemates to get a new bank because of the DNS ad blocker you set up on the network will go down well.

    Ad blockers pretty much all rely on community-maintained block-lists, there are always going to be mistakes in those that break some sites, or some sites might not act well when unable to send ad/tracking events. I recently had an issue booking a train, which was because of this, turned off the ad blocker and it worked fine, not something that's as easy to do with network level blocking, especially if it was set up by someone else and you're not a technical person. Not booking the train because their site is bad is not a realistic option.

    replies(1): >>42018225 #
    8. corobo ◴[01 Nov 24 12:53 UTC] No.42016466[source]
    As a possible counter to

    > but if you’re looking for iOS/iPadOS/macOS/tvOS, note that NextDNS does not work well on these

    If your situation supports it I've had zero issues (since May 2021) using NextDNS via tailscale[1] on all of the above devices[2].

    I do realise it's not feasible to ask people to set up a VPN just for some adblocking but it's a decent option if you were going to do it anyway :)

    [1]: https://tailscale.com/kb/1218/nextdns

    [2]: Yes even tvOS: https://tailscale.com/kb/1280/appletv

    9. Havoc ◴[01 Nov 24 15:54 UTC] No.42018225{3}[source]
    > Bit of an unrealistic comment

    For other sites agreed, but a bank that can’t coexist with an adblocker you really have to ask yourself wtf said bank is doing.

    Everything on that site should come from ad free reputable domains.

    Also wouldn’t hurt if said bank tested their site with common browser configurations like ublock

    replies(2): >>42021491 #>>42035187 #
    10. LVB ◴[01 Nov 24 20:58 UTC] No.42021491{4}[source]
    Aren't banks sort of the poster children for legacy practices though? Only works with this or that browser, here are some weird password rules, yes I have an SVGA monitor, no I can't search older than 90 days, etc. I'm used to turning off my modern expectations and just getting into the 20 years-old flow for the time I'm logged into the average bank. No, I don't want to switch banks (where my mortgage and dozens of ACH linkages are set up) to have better ad blocker compatibility.
    replies(1): >>42027846 #
    11. mixmastamyk ◴[02 Nov 24 17:40 UTC] No.42027846{5}[source]
    Thankfully legacy practices didn't include advertisements in paid sites, i.e. where you are the customer.

    If you value your finances at all, you won't allow advertisers into the connection.

    replies(1): >>42032647 #
    12. Terretta ◴[03 Nov 24 12:20 UTC] No.42032647{6}[source]
    They aren't using advertisers. They're incorrectly* using user behavior instrumentation for diagnostics and anti-fraud, especially blocking on login if tracking is disabled as they are trying to prevent credential stuffing bots.

    * Bug, or feature, many fail if the tracking is blocked, due to other code that assumes it's there or depends on it. They fail closed instead of fail open.

    13. _boffin_ ◴[03 Nov 24 18:50 UTC] No.42035187{4}[source]
    Sorry, but I laughed at your comment. Didn’t mean to be disrespectful, but it is laughable.

    Banks and other financial institutions have a duty to prevent fraud and their malicious actors. Could they do better, yes. They still have a duty nonetheless.

    Adblockers do more than just domain blocking, such as anti-fingerprinting, bot detection—which includes a lot of, sadly, invasive checks against the browser.

    UBlock has annoyance lists, tracking lists, and others and others…

    From what you’re telling me, you’re wanting a bank that’s protecting their clients or at least attempting to. Ooookay