
No-Ads: Millions of banner ads blocked since 1996 - pqb
http://www.schooner.com/~loverso/no-ads/
======
jasode
A related question for HN...

If I want a _network-wide_ ad blocking device that understands wildcard host
names that's cheap & low-wattage, is a Raspberry Pi with Pi-hole[1] the best
option?

The PAC proxy autoconfig in this article is fine for configuring individual
browsers (especially when browsing on iPad/iPhone away from home such as
airports) but I want a site-wide firewall at the DNS network level to block:

    
    
      - IoT like LG/Samsung tvs sending privacy data
    
      - MS Windows 10 telemetry data
    
      - smartphones/tablets ads where the proxy wasn't set
    
      - ...everything else I didn't think about
    

[1] [https://pi-hole.net/](https://pi-hole.net/)

~~~
joosters
Privoxy - [https://www.privoxy.org/](https://www.privoxy.org/) is a light-
weight HTTP and HTTPs proxy that can be used as a network-wide ad blocking
service, and is small and efficient enough to run fine on a Pi (it's available
packaged with most linux distributions)

For HTTP requests, you can configure lists of URLs (or URL fragments) to
block, allowing for full ad blocking. It can also do tricks like allowing URLs
but blocking or discarding their cookies so the sites are usable but can't
track you via their cookies.

For HTTPs requests, the proxy can't see the URLs so it can't block based on
URL, but it falls back to blocking based on hostname, which is good enough for
most situations.

Browser plugins like 'Proxy SwitchyOmega' (Firefox/Chrome) make it easy to
switch between using the proxy or not if you really need to skip the blocking.

It's also possible to set up privoxy as a transparent proxy, meaning that
everything on your network is forced to use it to communicate with the outside
world, so it can work with any device, not just those that have proxy
configuration options).

I definitely recommend it, it runs fine on my home network. My TV and PS4 work
well with it, for instance. (it's a shame that I have to resort to ad-blocking
my television in order to stop it spying on me...)

~~~
jdironman
What about solutions for larger environments such as education / universities
with 500+ users?

~~~
ktta
You are getting into dangerous territory if you want to MITM so many HTTPS
connections. (You can do anything with HTTP you want. Starting with DNS
blackholing is best)

Note that the software GP linked to doesn't (can't) strip ads off an HTTPS
connection[1]. It can only completely block it. So for ads + content from a
single origin, you can't do anything.

If you really want get into individual HTTPS connections, you'd have to
install a root cert into every single once of the computers and MITM them by
presenting your cert. This is only done in scenarios where one has to control
everything the client machines do. Otherwise you're (much) better off
preinstalling uBlock Origin on all the computers.

BlueCoat is a company which works in this space[2] (it acquired by Symantec
last year). Even then, you risk breaking something sometime[3]

[1]:
[https://www.privoxy.org/faq/misc.html#SSL](https://www.privoxy.org/faq/misc.html#SSL)

[2]: [https://www.bluecoat.com/support-
services](https://www.bluecoat.com/support-services)

[3]:
[https://news.ycombinator.com/item?id=13750379](https://news.ycombinator.com/item?id=13750379)

------
PinguTS
I have recently more problems with sites, that embedded a little Javascript,
which tests if access to these ad farms are blocked and if so, then
redirecting to a site on how to enable ads.

Currently, I set uBlock Origin to block inline Javascript. But it becomes
really messy, as that blocks also valid Javascript for slides show and so on.
Not even talking about those site, which essentially work only with Javascript
enabled at all.

~~~
TrinaryWorksToo
Is it possible to return an empty 200 response?

~~~
jonknee
They're usually not testing if the file loaded, but if the JS responds as it
should.

------
lmm
> This should work in any Gecko-based browser, such as Konqueror in KDE3.

Minor correction: Konqueror was KHTML-based (recent versions use WebKit (edit
to make clear: originally a fork of KHTML) which has essentially become the
mainline of KHTML).

~~~
jlv2
At the time I wrote that comment, I thought it was correct. I'll just remove
the Konqueror reference.

~~~
lmm
If it works in Konqueror that would be good to know. It's still my favourite
browser.

------
piotrkubisa
Personally, I am really satisfied using it in 2017 as a supplementary solution
for blocking ads on my all devices with internet connection, especially which
can't have uBlock Origin.

~~~
jlv2
I'm glad to hear. What devices do you use this on? FWIW, I've personally never
used it on mobile devices, but I'm pretty sure it would work.

(I'm the author of no-ads)

~~~
piotrkubisa
I found your site when I was looking for some adblock my old BlackBerry Z10.
Thanks to your great job I discovered PAC proxy, I get rid of ads in apps and
in the built-in browser, which does not handle extensions. On mobile phones
based on Symbian, BlackBerry 10, Android proxy is configured per network
connection (i.e. single Wi-Fi AP) and it is system-wide configuration, which
has been working flawlessly under all aforementioned platforms.

As developer, I'd like to thank you for discovery of PAC proxy, because it has
helped me many times to mimic or redirect network traffic, i.e when I needed
to connect my phone with laptop using DNS names in the same local network. It
is worth noting PAC proxy is superb to investigate or block traffic to servers
where are collected usage metrics / telemetry on android phones by setting
redirect to your own server.

I would be grateful if you could answer on following question: How do you
debug/test PAC proxy if given pattern works or not? Because I am using the
method known by most of PHP developers - develop, refresh (reconnect) and
check manually by sending request once again if new entry works or not.

------
sametmax
Would it have any pros/cons compared to ublock origin ?

~~~
piotrkubisa
It is system-wide configuration, so also you block ads in apps.

