Google has gotten a bad reputation as of late for being a bit overzealous when it comes to fighting ad blockers. Most recently, it’s been spotted automatically turning off popular ad blocking extension uBlock Origin for some Google Chrome users. To a degree, that makes sense—Google makes its money off ads. But with malicious ads and data trackers all over the internet these days, users have legitimate reasons to want to block them. The uBlock Origin controversy is just one facet of a debate that goes back years, and it’s not isolated: your favorite ad blocker will likely be affected next. Here are the best ways to keep blocking ads now that Google is cracking down on ad blockers.
↫ Michelle Ehrhardt at LifeHacker
Here’s the cold and harsh reality: ad blocking will become ever more difficult as time goes on. Not only is Google obviously fighting it, other browser makers will most likely follow suit. Microsoft is an advertising company, so Edge will follow suit in dropping Manifest v2 support. Apple is an advertising company, and will do whatever they can to make at least their own ads appear. Mozilla is an advertising company, too, now, and will continue to erode their users’ trust in favour of nebulous nonsense like privacy-respecting advertising in cooperation with Facebook.
The best way to block ads is to move to blocking at the network level. Get a cheap computer or Raspberry Pi, set up Pi-Hole, and enjoy some of the best adblocking you’re ever going to get. It’s definitely more involved than just installing a browser extension, but it also happens to be much harder for advertising companies to combat. If you’re feeling generous, set up Pi-Holes for your parents, friends, and relatives. It’s worth it to make their browsing experience faster, safer, and more pleasant.
And once again I’d like to reiterate that I have zero issues with anyone blocking the ads on OSNews. Your computer, your rules. It’s not like display ads are particularly profitable anyway, so I’d much rather you support us through Patreon or a one-time donation through Ko-Fi, which is a more direct way of ensuring OSNews continues to exist. Also note that the OSNews Matrix room – think IRC, but more modern, and fully end-to-end encrypted – is now up and running and accessible to all OSNews Patreons as well.
My pi.hole is still holding up to the task. Cannot recommend it enough.
Sysau,
I suspect the day is coming when everyone, including pihole users, will wake up and find that access to content has been withheld.
We should agree on the fact that they don’t need control over your user agent or dns resolver in order to detect that the user agent is blocking ad requests. Since it can be detected, it follows that they can instruct their servers to deliver content only for those who haven’t blocked the ads. Google has been testing this in limted rollouts already and some of us have already seen it in action. Presumably the plan is to turn it on for everyone once they are comfortable with it. Pihole users are likely to find themselves in the same situation.
Thom Holwerda,
I wouldn’t be so confident about that. It’s not that hard to detect blocked requests. I have little doubt in google’s ability to block pihole. Most application & web developers failed gracefully when ads were blocked, which adblockers (including pihole) have been able to take advantage of. But this is quite easy to “fix” from a development standpoint. A user agent fails to download the ad for any reason at all could block the content.
Future adblockers could be forced to waste bandwidth downloading ads even if they end up deleting/hiding those ads inside the client. Pihole can’t do this, it becomes obsolete.
I agree with you. The best way to block ads is at the browser level, where the adblocker can see all requests and unencrypted data.
DNS-level blockers are nice because they provide some adblocking capabilities to all devices in the network, however they are very limited in what they can do as they only block based on the hostname. If the ads are served by the same domain as the content they are useless.
miceliux,
Yeah, if you can’t use a browser based adblocker, then DNS can be better than none, but it cannot match the granularity of what a browser extension can do. As one example, I block the google sign on tracker & popup, which gets injected into thousands (millions?) of websites.
This works because it blocks the google’s 3rd party javascript resources specifically without blocking the entire accounts.google.com domain. I have tried that but it breaks logging into normal google accounts, which I need for work. Sometimes you really need more granularity than DNS blocking offers.
Also, more browsers have been switching to DNS over HTTPS, bypassing local DNS altogether. We can still set this back for now, but if google really wanted to they could remove support for local DNS in chrome altogether. I don’t know whether they would do this, but if they did pihole might immediately become unworkable. The point being, external devices that only see encrypted network traffic are not as intrinsically future proof as people seem to think they are for adblocking.
I use Pale Moon, which will never be implementing manifest V2 or V3 or any of that nonsense. There’s no reason for ad blockers to ever stop working with Pale Moon.
You should concede that the potential problem with Pale Moon lies with not manifest this or that, but some sites deciding to stop working on nothing but chrome et al.
I love Pale Moon btw. It’s awesome on a 2 gb VM running win7, and I use it 7/24. I only hope that it will not stop working on the sites I use it for.
Actually I thought the Pale Moon devs have been doing an outstanding job of keeping up and being able to render a very high percentage of sites, well above 99% of all sites. Which is pretty good when you compare it to Chrome or Firefox, which regularly receive huge numbers of complaints about sites not working. I’ve said before that you won’t find a site that is troublesome for Pale Moon that doesn’t also have many reports of not working for users of Chrome and Firefox. I think that is probably still true today.
Eventually, it is easier for Google ea. to block the Pi-Hole than to block a browser that is designed to block ads but is able to work around detection of blocking. We will just need more ad-free browsers, and I think this is a trend.
It may not be long until it becomes standard practice to gate the loading of page content behind a successful completion of helper scripts having flagged the successful display of advertising content.
If things get really bad, I will just st
Enturbulated,
Indeed. Right now most services fail gracefully when ads fail to load by displaying the content anyways, but it wouldn’t be hard for developers to make content fail when the ads fail.
Adblockers could evolve to set all expected flags while not displaying the ads in the client. Google knows this, and it’s been their motivation for insisting everyone switch to their less capable blocking engine manifest v3. By forcing adblockers to use manifest v3, they will stop all future adblocking innovation and ensure no more adblocking evolution can take place. This is the future of chrome and edge. For it’s part FF faces an uncertain future. Mozilla needs their new ad business to pull through and it’s hard to say they won’t impose their own manifest v3 mandate out of desperation.
DNS based adblocking using hosts lists might help… for a while at least. At the end of the day though this is so very much a regulatory problem. There need to be actual consequences for the corporate mass surveillance, the dark patterns, and the rampant malvertising. If there are no consequences, nothing will change.
^^^ This is another reason I support the DOJ’s decision to crack down on Google specifically. It really could not come at a better time IMO.
Also just an addendum about that last bit, the malvertising. The last company I worked for had a big problem with it. Employee’s machines would frequently have to be reformated due to insta-pwning by malicious ads – always in Chrome or Edge, frequently with no user interaction. The vaunted sandboxing did jack shit, and usually neither did the corporate antivirus trash. Some of the instapwn ads were on the sites of our corporate clients, even.
IT were finally able to reduce malware instances to almost zero by deploying aggressive ad blocking across our entire network. And that was that. And will be… until Google and co complete their wrecking of current adblocking tactics, at which point the problem will no doubt recur.
That is the thing: even if you accept the moral premise of ad driven business (and I don’t), even if you accept surveillance capitalism (and I absolutely don’t), even if you don’t care at all about end users (and I do), the malvertising needs to stop. It is a huge burden on the corporate world as well as end users. It’s a big part of how we got a ransomware epidemic. Even if you’re a complete sociopath who only cares about The Economy and shareholders making money, you have to admit at some point that the current system is unsustainable, because the criminal costs of advertising are that big a burden.
I am a big fan of the NextDNS.io service, unlike pi-hole it also works on your mobile devices away from home. It’s easy to configure on android, no app just custom DNS provider. The only thing that does not work is the hot spot access, so you have to turn it off to turn that on but the connected device can still have NextDNS configured.
I feel like trust (specifically, lack of) would be a huge factor in that setup. You are essentially trusting a faceless corporation with the entirety of your internet traffic, a man in the middle you pay for. That’s a ton of risk to avoid seeing ads, but I guess one should weigh the pros and cons themselves. I certainly wouldn’t trust it though; it’s bad enough your ISP has access to all of your traffic by necessity, giving all of that valuable data to a third party and paying them on top is bonkers to me.
Morgan,
These are valid points. Users should be aware that many browsers use DNS over HTTPS now, sending DNS lookups to a 3rd party by default. Firefox uses cloudflare.
Google has a public DNS over HTTPs, and I’m guessing this is what chrome uses.
https://developers.google.com/speed/public-dns/docs/doh/
I just wanted to point out that those who don’t change their settings may already be sending DNS lookups to centralized 3rd party providers. While this doesn’t imply they’re logging your requests, it still comes down to a matter of trust. They may be obligated to log your traffic per court orders regardless of their privacy policy.
I suppose we all concede that eventually Pi-Hole might hit some hurdles, but given the relatively low cost and high performance of the setup it seems worthwhile even in the short term. As an aside, it may well be easy to identify the network effects of Pi-Hole, but I have to wonder if the more simple attempts could have unexpected consequences on the functioning of certain legitimate subnets. To me that means the solution has to be more complex, and that then imposes a minimum value on the effort. That probably requires a bigger potential gain than subverting Pi-Hole can offer.
I may have to finally relent and give Pale Moon a try.