Install OpenVPN Connect on your iPhone and connect to your new server and bam, you have an awesome VPN and ad-blocking combo.
(Full disclosure I make an iOS app that is also likely going to be affected by these rules, so I am triggered)
Apples policy may be burdensome and unwelcome, but I'm not sure a product called "Adguard Pro" can't be said to advertise ad blocking functionality...
The difference is that AdGuard works like a watered down little snitcher — letting you control specific network connections that your phone makes. And the filtering works within and without Safari.
I use it for monitoring the servers that various apps reach out to. Unlike Charles Proxy AdGuard does not allow any insight into contents.
It’s sad how far backward things have gone that we aren’t allowed even that modicum of control of a device we purportedly own. (Absent use of homemade VPN proxy or pi hole.)
This about face for Apple is the first time I’ve seriously considered going to back to Android. Google’s walled garden is much more porous, but it’s really a fool’s errand to look for a smartphone that treats its user with any respect.
> [...] it is advertised nowhere that it can [use a VPN profile or root certificate]
Seems to be the issue isn't "blocking ads" but "you can't do it in $THIS way" with Apple misunderstanding that the app doesn't do $THIS, it actually does $THAT (using NEPacketTunnelProvider.)
I got the free version of AdGuard, which just creates a plain Safari content filter from DNSBL lists you specify yourself, and it works great. Very happy.
Or rather, because this is Verizon.
The Apple policy here is you can't use the VPN APIs to implement a content blocker. Or more generally, you're not supposed to use the VPN APIs to implement something other than a VPN, although they seem to be ok with some limited exceptions such as Charles Proxy. If the VPN itself offers other features, that falls outside the purview of Apple's policies.
I realize the line is fuzzy here between "using a VPN to do ad-blocking" and "adding an optional ad-blocking feature to a VPN", but they are different concepts. Verizon's VPN appears to be a real VPN that simply has an optional ad-blocking feature. Perhaps the optional nature of the ad-blocking is important? I don't know.
If Google could do it all over again they would emulate iOS with their walled garden. I am sure of it.
Google does do everything in its power to prevent me from using Firefox though.
No, it only supports ad blockers, dubbed 'content blockers'.
It is not free, however, but I believe they offer a trial still.
On my last Android device, after months of usage, I was blocking on average about 40% of all traffic on my phone -- most of that to trackers and ad networks. On Android it seems like most every app is sucking away at your device, almost none of the tracking and ad network activity is voluntary or opt-in.
The app is also available from Fdroid . It isn't available from the Play Store, since Google has banned ad blockers.
Also, you don’t have to worry about a third party ad blocker having access to your browsing history.
Apple allows content blocking in Mobile Safari. There are some limits to the APIs they've provided, and one can quibble about how complete they are, but Apple has literally made an ad-blocking API.
AdGuard Pro's "local VPN" trick was basically a way to be able to block not only ads in Safari, but ads everywhere, including applications that are connecting to ad networks. And I'm pretty sure this is what Apple is ultimately trying to stop here.
You can argue that ads are just absolute evil everywhere and that the distinction between in-app ads and web ads is arbitrary. And, I guess, maybe? Maybe we should have the absolute right, as the device owner, to say to app developers, "Hey, if you were stupid enough to make this app free and try to get money from it by showing me ads, tough cookies for you."
But, as the device owner, you also have the absolute right to, well, choose what apps you run, in a way that really isn't true for web sites. I mean, yes, you have the choice of which web sites you visit, but in practice it's way harder to say "if you don't like web sites with horrible, intrusive ads, just don't visit them" than it is to say "if you don't like ad-supported apps, don't download them." And while this is absolutely a subjective perception that may apply only to me and no one else, it would feel just a little bit sleazy to me to use an ad-supported app for free while blocking the ads. If I like the app, I'll pay to make the ads go away if that's an option; if the ads can't be turned off and they're too intrusive, I'll simply stop using the app.
I do gather that app security and isolation are better in iOS than in Android. And that dropping AdGuard Pro is actually evidence for that.
Well of course. Snark is just snark -- it's hardly intended as a supported argument. It's a chuckle & wink to the like-minded.
AdGuard didn’t, so Apple stopped them.
Absolutely no surprise here.
I agree on the no surprise aspect. Adguard allowed users to expunge ads, Apple has many policies to prevent ceding such control to mere consumers.
But using a third party VPN that intercepts all of your internet traffic to protect your privacy seems like it’s defeating the purpose.
Especially seeing that third party content blockers on iOS have no access to your web browsing history.
How is that ‘enforcing the delivery of ads?’
Because you can’t block ads in apps, only the web?
Any DNS based blocker could trivially track much of what you do both browsing and in apps. And that’s the kind of privacy risk Apple tends to try to fix.