Hacker News new | past | comments | ask | show | jobs | submit login
uBlock Origin works best on Firefox (github.com/gorhill)
1595 points by anonymfus 27 days ago | hide | past | favorite | 506 comments

Wow, what an awesome dive into some of the technical aspects behind one of my favorite tools for using the web. And I do think of it that way these days, it's fairly stunning on some sites to switch off all the block and see how they become genuinely unbrowsable. I remember seeing Gorhill discuss a few times over the years some of the reqs for uBO during certain times (like why it could no longer work with Safari following changes Apple made a while back), but so cool to have it all collected in one place.

Having said that I've also been fairly stunned recently to see how much difference a simple DNS blacklist system can make too. Not because it's a big technical achievement but because it isn't and in principle seems relatively trivial to work around. But as I've been switching all my routing from UniFi to OPNsense, I've gone ahead and tried out Unbound's basic built-in blacklisting. While it's no uBO, it works on every single device and browser including in apps and it seems like it really shouldn't, that more parties would just be proxying ads through their own infra and DNS. Been kind of an interesting illustration of technical vs economic influences in an ecosystem. I can see how proxying would add complexity and cost to setup so it must just be that few enough people do it the ad industry can't be bothered.

But should that ever catch on (and it could, Raspberry Pi seems fairly well known) I expect uBO to be able to keep up with the cat-and-mouse long after DNS has been left behind. This piece helps underline how incredibly important maintaining a critical level of diversity in the browser ecosystem is. Just shortly ago there were a bunch of complaints again about Apple not allowing Chrome to be on iOS because it "holds back the web", but what "holding back the web" looks like is certainly a matter of perspective...

Funny, I see the possible future differently. I am inclined to predict that the option to use ad blockers may come to an end because browsers and other software financed with online ad-derived revenue have full control over what extensions users are allowed to run. They have full control over that system for extending the functionality of their software.

Whereas the system for supplying software with IP addresses should continue to remain controllable by the user.^1 The online ad ecosystem has never had full control over that system.

1. If they so choose to exercise said control. As cited, probably most users are not currently exercising that control. This allows online ad tech to operate with relative ease, at relatively lower cost.

As much as anyone loves their ad blocker (to be clear, I think they are great), we really cannot dismiss the role of DNS in ad blocking. After all, it is DNS that is being used to bypass uBO on browsers other than Firefox. The only reason uBO can achieve a 70% success rate^2 blocking CNAME-cloaked ad/tracking on Firefox is because Firefox has a "DNS API". As such, uBO can check the results of DNS lookups for ad/tracking server hostnames/IPs.^3

Of course, a user who blocks ads/tracking outside the browser by controlling her own DNS lookups also has access to those results. No API needed. (Although I think it's a great project, I personally do not use Pi-Hole. I was using DIY DNS (without dnsmasq) long before Pi-Hole.)

One solution I can see to a future where ad blocking extensions are banned is a user-controlled proxy that performs similar operations, but outside the browser.

(I make most HTTP requests for recreational web use outside the browser, through a proxy I control. For recreational web use, I do not use a major browser to make HTTP requests to the proxy. The programs that I use have no financial dependence on online advertising/tracking/data collection like the major browsers and many mobile apps do.)

2. According to the paper cited on Github page that comprises the OP.

3. According to some uBO users sometimes the uBO-triggered lookups are undesired, e.g., when using proxies/VPNs.

> I am inclined to predict that the option to use ad blockers may come to an end because browsers and other software financed with online ad-derived revenue have full control over what extensions users are allowed to run. They have full control over that system for extending the functionality of their software.

I have a feeling that if Chrome (for instance) went that route it would quickly become Internet Explorer'd. If you recall, IE was the Chrome of its day for a good while until it slowly eroded away all its goodwill.

That worked back then. Ten years ago, browsers were, compared to today, ridiculously simple and thus could easily be replaced. I wouldn't be surprised if today's Chrome had more LoC than Linux in 2010.

Also, the mobile platform might be a good indicator of what ordinary people are willing to put up with. Chrome doesn't support extensions there, so everybody and their uncle is browsing the web with the full ad experience. I've never seen a non-tech savvy person use Firefox, or just anything but chrome (or the system browser), on an Android device, which easily allows to install uBO. Yet on the desktop somehow even those people somehow learned to install uBO or ABP. It appears that "apparently you cannot do this on your phone" is an acceptable answer to most people.

Let's get that quantified:

Chromium LoC: 34,900,821 [1]

Linux 2010: about 12 million [2]

It appears that Chromium has more LoC than Linux. (With LoC being a bad measure, Linux being GNU/Linux, blah). Browsing is hard.

[1] via Google since OpenHub appears down [2] https://commons.m.wikimedia.org/wiki/File:Lines_of_Code_Linu...

I'm afk so I can't check the current numbers, but as of a year ago Linux was up to 27.8M loc: https://www.theregister.com/2020/01/06/linux_2020_kernel_sys...

It would be hard to write a browser from scratch now that had the features of a modern browser, but creating a first-class browser is much easier than it has ever been because of Chromium and Firefox.

I agree that mobile is the direction many things are headed, but currently it's very easy to install any number of (sometimes shady) browsers from the Google app store that include ad blocking.

But don’t forget Microsoft let IE rot for years and that is what drove the interest - and the protest - for alternatives and helped Flash thrive.

Today Chrome is a fairly good platform, tons of support for all sorts of html extensions, and a very strong commitment to security.

It’s a really nice product, except for the strings attached.

Alphabet should be broken up and Chrome (OS) spun off into its own business; the tracking should be made completely transparent and optional on a subscription base.

Interestingly, this type of perspective is only gained in hindsight.

For example, I could see a future, say in 10 years, where we have a vastly better way to browse the web and then we will look back on today and think that Chrome(ium) was coasting on its past success and only providing minor new features (while ensuring that ads continue to be as profitable as possible).

I definitely remember takes in the genre of "who cares if IE is never updated. What else could you possibly do on the web?" back when websites were mostly static, JavaScript was still a toy, and all the people who could imagine better were trying to convince everyone to switch to [Phoenix, Firebird, Firefox]. Microsoft had the inspiration for XMLHttpRequest right there and couldn't see past its Windows-centric strategy.

There's an alternate timeline where Microsoft leaned on anyone implementing it. We never would have gotten as far as Sun suing Google over the Java API because no one crossed Microsoft.

No AJAX. No web 2.0. No SPAs. It would be a different world.

> No AJAX. No web 2.0. No SPAs. It would be a different world.

Is it better this way? I'm not so sure.

Uh? Did you even remember IE? How are the two scenarios even remotely comparable? It was abandon-ware, after Netscape was crushed Ballmer couldn’t imagine anything useful for IE.

Broken up by politicians? Ya, hard no. Just stop using it! Stop forcing your choices on people. No one has to use chrome, google search, gmail, etc. There are alternatives to all your problems, open source ones too.

The government is chosen by the people and enforced by their choice to make decisions. A company without control is cancer. Just look at Nestle, Facebook and Google and plenty of others abusing their size and that people are NOT rational entities en masse. A government should (and they are the only thing that can) step up against these abuses.

Products are chosen by 'the people' (consumers) too.

Products are chosen by a weighted sample of the people, according to how much money somebody has access to. "Vote with your wallet" means that different people have different sized votes. "Vote with your wallet" is an inherently anti-democratic phrase.

How much money somebody has access to is directly correlated with how much time (of which everybody gets the same 24 hours a day) they spend on trying to earn money. People who care less about money will earn less and that is their own fault.

The same is true in politics. Those who shout the loudest, win. A big wallet helps too. Ever heard of lobbying?

Factually incorrect. Some people have different hourly incomes, by several orders of magnitude. Some people have passive income, which no longer requires any time input. Some people have inherited wealth, which is entirely uncorrelated with their own efforts.

While I can see some benefits to having a proportional vote that can be allocated to different issues, money isn't such a vote because it isn't equally distributed. Between this and your reply to kaba0, I have a very hard time believing that you are arguing this in good faith.

There's no such thing as passive income; there's only delayed income. You're not getting paid for nothing; you're getting paid for putting in the work ahead of time. What's wrong with that?

I never claimed everyone has the same hourly income. Nor should they. Some people work hard (on their career - not necessarily at their current job!), others take it easy. Both are valid options, but there will be consequences for the respective groups (both good and bad).

If you're against inherited wealth, I expect you to leave none to your own children. Respect if you actually go through with this.

Again, incorrect in every way.

> There's no such thing as passive income; there's only delayed income.

Wrong. If you have $500k in assets, that yields an average of $35k/year, market average over interest. You get paid money for already having money. This is not additional work. This is additional money as a result of having money.

> Some people work hard (on their career - not necessarily at their current job!), others take it easy. Both are valid options, but there will be consequences for the respective groups (both good and bad).

The difficulty of work is absolutely unrelated to the amount paid. Many low wage jobs, such as customer service, landscaping, or meat packing are absolutely ruinous on one's physical and mental health. They are high effort, and low pay. Other jobs are low effort and high income.

Edit: For comparison, Jeff Bezos is 57 years old, and has $192.5 billion. If he were working 24/7 throughout his entire life, that comes out to $107/second. That is 53,140 times the minimum wage. There is no humanly possible amount of effort that is 50 thousand times harder than a minimum wage job.

> If you're against inherited wealth, I expect you to leave none to your own children.

Complete non sequitur. Inherited wealth is an example of how money, time, and effort are absolutely uncorrelated.

Following up on that non sequitur, though, there must be limitations to inherited wealth such that society doesn't separate into a landed gentry. You are also ignoring the middle ground between being against a generational aristocracy and forbidding inherited wealth altogether, such as an estate tax. Even if somebody is morally against inherited wealth, it is not inconsistent to still give wealth to their children, such that they can use it to lobby against inherited wealth. It's the same reason why I donate money to groups pushing for economic and tax reform, rather than deliberately paying more than the current tax rate. I still spend what I consider to be my fair share supporting society that way, and it goes toward making sure that others do as well.

It's interesting that you always preface your arguments with a conclusion. I wonder if that's how your thought process works as well.

You get paid for already owning money... that you had to earn previously. There are many other examples of something similar. If you do a really good job on a particular month, you might still get the same wage at the end of the month. But you might get a bonus at the end of the year. Or you might be promoted next year when a position becomes available. However, you will not get a bonus and will not get promoted if you quit your job/get fired in the meanwhile. Do you also consider this unfair?

I never talked about the difficulty of doing a particular job, be it meat-packing or customer service; I meant the emotional difficulty of leaving a bad job and the mental difficulty of making the right choices and being excellent in what you do. Working not for others, but for yourself.

If there are indeed 'low-effort, high-income' jobs, why isn't everybody doing them? Why don't you personally those low-income workers that investing in the stock market (to give an example) is 'easy' and 'guaranteed' to yield high returns?

In fact, many manual jobs are already being replaced by robots/AI. Yet people are complaining about losing their jobs. If you took my high-effort, low-income job away, I'd be eternally grateful.

In the case of billionaires, they don't get to spend all their money, so the comparison between them and a minimum-wage earner is not apt. Jeff Bezos is surely holding lots of paper, but until he spends it, it has no value. Do you have proof his spending is out of line? Besides, when you're rich you overpay for everything, which means higher income (with arguably the same amount of effort) for those who provide goods and services to you.

And I've never heard of children using their inherited wealth to... lobby against inherited wealth. If anything, they'd be more in favor of it. But I see the point you're trying to make. You're not part of the 'aristocracy' (whatever you mean by that word), which you means you hold a grudge against them. Little do you know that people poorer than you hold a grudge against you too (you're considered relatively well off) and would use the first opportunity do redistribute your wealth amongst themselves.

Dude, you're the personification of the bad-faith meme: Mister Gotcha.

While I entertained the idea of arguing with you, there is simply no point and I've come to the conclusion there are better uses for my time.

I'll just burn some points to point out how disagreeable I find your position.

Thank you for posting this, both for the support against his disagreeable position and for the reminder that engaging with people isn't always the best option. Sometimes I start by wanting to make sure that an abhorrent viewpoint has at least a visible reply, so that any readers don't see the comment as evidence of a community consensus. But that leads to me getting emotionally invested in an argument, trying to address whatever tangential non-arguments get pulled back in.

Partly, the interface of Hacker News or any vote-based commenting system makes it hard to track comments overall. I can look up comment trees relative to my own posts, but that doesn't show me that the user "ilovepitchdecks" has been arguing along the same lines with multiple other people in sibling comments. Their viewpoint isn't in any way a community consensus, and is being soundly addressed by the community, but that wasn't readily visible just from one thread.

All in all, a bit of a ramble, but I wanted to say thank you for posting this and that sometimes I need to just downvote and move on.

Well, your motivation is my motivation too, we just happen to have a different idea of what is 'abhorrent'. I'm just tired of seeing these kinds of political comments go unchallenged. It was my interest in tech that made me come on HN (I don't know about you) and I didn't expect to see so much one-sided political rhetoric here.

Who exactly is part of this 'community' you speak of? This site is on the public internet and open for anyone to join. I don't remember being asked to accept some political ideology when registering.

And this is exactly the problem with consensus: There never is one. Just because nobody speaks up, doesn't mean everyone agrees with you. Nor should they. I have been to those kinds of meetings where the majority of people don't voice a dissenting opinion or, in fact, any opinion at all. To interpret silence as agreement is just bad faith.

In fact, your narrow definition of 'community' is elitist and closely mirrors its use in the mainstream press (such as in 'international community', which just means 'the West').

So, this is against my better judgment, but I'll try to give a bit more description. You sound earnest here, and heck, you remind me a bit of myself from 15 years ago. That said, I want to focus entirely on the meta argument. I don't think there's any use in going further on the argument itself. To caricature our positions, at the end of this conversation, you can still think of me as a liberal communist who wants to tax away all of John Galt's hard-earned money, and I can still think of you as an idealist libertarian who thinks their lottery ticket into capitalism will pay off. But hopefully we'll be able to have better conversations in the future.

Many of your arguments are insufficiently defined. You make a statement, and then force others to assume what you meant from it in order to have any further conversation. When people do, you instead say that there was a different intended interpretation. For example, in the thread between you and me, the ambiguity of what you meant by time and effort earning money. Or, in your thread with "teddyh", your ambiguity about what you would like done to government.

In other cases, you ask questions that have obvious follow-ups or obvious follow-ups. They don't function as rhetorical questions, because the obvious follow-up works against the point you are making. Instead, they come across with the impression that you are deliberately wasting somebody's time by requiring somebody else to give the bare background information on a topic. For example, when you ask "If there are indeed 'low-effort, high-income' jobs, why isn't everybody doing them?". To me, the obvious follow-up is that there are structural imbalances that allow access to those jobs only to subsets of the population. We can talk about what those structural imbalances are and how they manifest, but needing to first establish that different people have different opportunities available to them is one step removed. That is what makes people feel that you are arguing in bad faith, because it makes the argument be on something that had been taken as given when entering the conversation.

Another part is that it is just so damn hard to tell the difference between earnest people and trolls. I know people personally who have your views. Heck, I had pretty close to your views for a while after reading Terry Goodkind's "Faith of the Fallen". But this is also the internet, where I don't know people other than by the few words in an individual comment, or a single comment thread. And depending on how far off somebody's views are from the Overton window of any particular forum, they can easily be the troll positions taken in order to rile up a crowd for their own amusement. Some people become desensitized to these attempts, and then assume that anybody with those views is automatically a troll. (See also, Brandolini's Law.)

I do honestly hope that you are sincere, and that this helps you to better express and examine your views in the future. It's hard to have conversation in a text-only medium, both because it is asynchronous communication, and because it doesn't have the side channel information of tone or facial expressions. Hopefully in the future, we can have more productive conversations and both come away the better for them.

You're welcome. I chose to earmark my dissent precisely for the same reason you ch engaged. I'm pretty done with the "silent majority" argument, but otoh I cannot drown myself in every quicksand :)

have a good one...

I didn't know that meme; it's actually funny. What's wrong with asking people to put their money where their mouth is? I thought engineers are not like these managers/salesmen/'talkers' that say one thing on the TED stage, then go do something completely different IRL and find that A-OK.

Don't argue with me then - but you should at least explain how anything I've said was in bad faith if you accuse me of that.

Nobody in this discussion has said they're against inherited wealth. Just that its existence is one reason to favour "one person, one vote" over "one dollar, one vote"

Wow.. so how many hours Jeff Bezos’s day contains? I’m fairly sure a low level worker at amazon spends much more time on work than any of the billionaires.

A low-level worker made that career choice themselves. They were well aware they wouldn't become rich by working in a warehouse, no matter how many hours they worked. They still have their life in their own hands: They can look for another job.

Jeff Bezos sure worked like crazy to get Amazon to where it is now, so he has every right to take it easy now that he's 'made it'.

Thank you, I prefer not being brainwashed into actually believing that billionaires’ success has anything to do with hard work over plain old dumb luck and not being absolutely trash at what they do (and a “small” few million dollar from daddy here and there).

There's an unstated premise here that the market doesn't force some people's choices on other people. I doubt that that's true - especially when competition is limited. There are limited alternatives currently, and this discussion contains plausible scenarios by which huge companies could use their power to limit even further those alternatives, and the choice available to us.

Can you name a few consumer-level boycotts in, say, the last 50 years, which actually accomplished their goals?

They didn't suggest a boycott. Each individual consumer decision makes a difference in aggregate. Every failed business in history is a result of consumer decisions away from what they have to offer, so I don't particularly understand that rationale.

People are “easy” to manipulate, especially when your control reaches basically every aspect of their life. Hiding/downplaying few articles here, shoving another into my face there with an opaque algorithm will achieve basically anything over a long time.

Also, you underestimate the effect of laziness. A company really has to do some atrocious thing to result in people leaving its services. Like, what would make the average person change from Gmail? He/she may not even know that 1) it is part of google which should be avoided now 2) what are alternative email providers 3) the whole change requires quite the technical know how.

It is simply naive to expect that “the market will solve it” to work in the general case. Competition only works when there are strict rules. Otherwise, the strongest/least fair player wins, and that’s why monopolies have to be broken up.

I'm going to rephrase my original comment, which got flagged: There's inherent hypocrisy in having the biggest monopoly of them all regulate smaller monopolies. Because they're 'monopolies'. Right.

As if “hypocricy” was the worst possible offense. If you remove government, who will then stop other monopolies from forming in their place? Government is what all governed people, in aggregate, decide should be common principles. If they are not to your liking, then you can either leave or advocate for (often slow and gradual) change. It is often said that people get the governent they deserve; i.e. the problem (if there is one) is with people, not government. I would argue that you can’t really abolish government, any more that you can have a structureless organization:


Yes, but I wasn't advocating for the abolishment of anything; I was merely pointing out that there's a double standard. To rephrase your words, don't the people get the 'monopolies they deserve'? After all, neither the CEOs nor the employees of these entities are aliens from space.

You can't just leave a government the same way you can leave a job (and become unemployed) or a product (become a non-customer); you can only switch to another one. Why don't you try parking a vessel in the international waters and see how long it takes before it's sunk.

> Yes, but I wasn't advocating for the abolishment of anything;

You advocated for the government to be broken up like a monopolist would be. I can’t really interpret that any differently.

> I was merely pointing out that there's a double standard.

Yes, it’s a double standard. Now, why do you imply that this is bad? Don’t you have to have special rules for the top level? Like, the root directory is its own parent directory, but nobody complains about “inconsistency” in file systems.

I was merely following kaba0's reasoning. If you're going to advocate for the breaking up of monopolies, why pick only the low-hanging fruit?

Your comparison is not apt. The root directory is merely a container for its subdirectories. In that way it much more resembles geography (a country being subdivided into regions, for example) than a government.

It's bad, because it's a blind spot. Governments, despite being at the top-level, have consistently grown since their inception. I'd expect the top level to be the leanest, not the fattest.

Decentralization and secessionism are highly unpopular ideas that don't look like they'll ever get mainstream acceptance. If anything, it looks like exactly the opposite trend is taking place (take the EU, for example).

Every day you read about new legislation being proposed and introduced. How often do you read about outdated legislation being abolished? Never. It's like writing an app and constantly adding new features but keeping all the existing ones. We all know how well that works out.

Even though HN shouldn't be about politics, when political rhetoric does get posted here (and it's far more common than one would expect), it's extremely one-sided.

It sounds like you would like to advocate for revolution; I can understand that point of view. The problems of government are certainly great, and I would be the first one to agree with you about its many problems, excessive size and growth. But when you seem to advocate for its removal in entirety, that’s when I stop being able to happily cheer you on.

I’m fairly sure I have no say in google’s politics, but I do have a (limited) say in my country’s. Also, the two don’t even play in the same field. The government is more like the referee in a sport.

Oh, but you do have a say: You can work for Google! It's the same as moving to a different country and becoming a citizen to be eligible to vote.

Referees, in comparison to governments, can be fired for doing a poor job.

> You can work for Google

Yeah and I will simultaneously work for google to not fk up the open web, for facebook to not disrupt democracy, and nestle to not goddamn force breastfeeding mothers on their shitty product.

How do you imagine a world without governments? The first thing they will do is put cocaine in their special food so you get addicted, add cheaper and more unhealthy components, even toxic ones, etc. Companies after a quite small size becomes the stereotypical paper clip AI, but instead of paperclips, it optimizes profit over everything else. A well functioning government with separation of power and without much corruption is good - it protects us from the cancerous outgrowth of companies.

Unfortunately we live in a world were society does need to legislate morality. Slavery or child labour weren't ended by consumers voting with their wallet.

>Stop forcing your choices on people

This will never stop, and essentially defines the realm of "politics". Either you and people like-minded that share your views collectivize to protect your preferences from others forcing theirs upon you, or you lose.

This includes monopoly corporations that acquire power to restrict your ability to choose. And just wishing it weren't so, or asking people to stop achieves nothing. People won't, so your only choice is to protect your own turf however you can. "Libertarian" style abstaining from this fight ensures you lose, so is an impotent strategy.

If a browser bans ad-blockers and people start to fiddle with DNS, wouldn't it be easy for a browser to use it's own DNS system? If a browser turns hostile there is nothing you can do.

Yes. Golang actually encourages developers to use their own resolver in applications instead of the system one. Google itself uses its "Public DNS" cache addreses in software and hardware it distributes. Neither decision may have been made with the intent of thwarting DNS-based evasion of ad/tracking, however, the resulting consequences may well be the same.

"... there is nothing you can do."

I am typing this comment through a text-only browser. HTTP requests, with a bare minimum of HTTP headers, are being sent from a proxy I control, not the browser. Yet the comment looks no different than any other comment. It works. I have freedom to choose whatever software I want to make HTTP requests.

I try to avoid any software (not just browsers) that access the internet and bypasses the system DNS settings. The word "hostile" is a good choice of words I think to describe such programs.

>Yet the comment looks no different than any other comment. It works. I have freedom to choose whatever software I want to make HTTP requests. //

I mean, sure there is, some form of DRM is possible. It might be circumventable, but it would be a PITA.

Is any browser written in Golang?

Go's UI tooling is... not great. It's more aimed at server side and CLI usage. In those niches it is awesome though

> Go's UI tooling is... not great.

Hopefully https://gioui.org/ quickly fixes that.

IIUC that's what DNS-over-HTTPS is trying to do, methinks.

Exactly. Same for the nextdns.io service which I'm happily subscribing to.

> Funny, I see the possible future differently. I am inclined to predict that the option to use ad blockers may come to an end because browsers and other software financed with online ad-derived revenue have full control over what extensions users are allowed to run. They have full control over that system for extending the functionality of their software.

They are starting to do that. Therefore, better web browser must be written, with the user having full control, and not having things that the user cannot override (assume the user knows what they are doing; you must have enough ropes to hang yourself, and also a few more just in case).

It's ironic that the browser that presents the biggest red flag for removing user control of DNS is Firefox, with their push for DNS over HTTPS. It's true that you can turn it off (for now), but until Firefox baked DoH in, DNS was a sacrosanct user control switch mostly unimpeachable by corporate meddling.

So long as DoH servers are configurable, why is it a problem?

I use /etc/hosts daily to access computers with only an IP address and no DNS entry, or to override them for testing.

I don't want to have to self host a DoH server when it's so easy to edit a test file.

Furthermore, until every ISP has its own DoH server we are centralizing control of the basic internet infrastructure even more than now.

I don't know the internals of Firefox, but keeping DNS support alive seems like a fairly small patchset. I'd think that someone would provide a fork if Mozilla decided to drop support.

Firefox cannot remove that option to use system-provided DNS API instead of own implementation of HTTPS DNS. Doing that will prevent using it with intranets.

System DNS should always be used (unless the user configures it otherwise, e.g. by using a proxy for all connections). If you want DNS over HTTPS, this should be implemented as part of the system DNS, so that it can be used with any program that accesses the internet, rather than only the web browser.

DNS also leaks your domain lookups to anyone and everyone. If you make it opt in, then opting in becomes incriminating in some contexts. IDK, this sounds very much like a problem specific to people who don’t need to worry about the state controlling their internet access.

Dns blocking is limited, very annoying advertising such as in video ones needs scripting to get around

As long as there remain viable open-source browsers there will be forks allowing ad-blocking.

The only danger is Google switching Chrome to closed source and adding lots of complex extensions that get widely adopted faster than they can be reverse engineered, but this seems an unlikely scenario.

The other danger would be general purpose computers or smartphones no longer available, but that also seems unlikely.

The final and most plausible danger is different and it is advertisers switching to ads that cannot be reliably distinguished from the rest of the page (currently it seems they don't do it because that removes any direct access to analytics by the advertiser and thus requires them to trust websites and they don't trust them).

I guess the issue with proxying is that the ad provider has less control/data and can't be sure whether views are genuine.

Unless the ad provider proxy the site instead of the ads. That way they get more control/data.

It's only a matter of time before someone develops a wasm browser engine that renders to canvas and provides "trusted" delivery of ad assets over a websocket.

How could that be any more “trusted” than doing it without wasm and websocket?

As long as the user still has control over their machine (i.e. the browser) this approach doesn't work very well. You can't really run trusted code on an untrusted machine.

No, it does work well. When they deliver the website as obfuscated binary code, it's much harder for user to change its behavior. Notice parent quoted the word "trusted" so you disagree with something other than they meant.

That would be nice since you could just block canvas by default and only allow it for a few site that have legitimate use for it.

like AMP

That’s great if you’re right, because it means it is a fundamental limitation that can’t easily be worked around.

They will work around it by being your DNS provider and proxy for your site.

I think the future is machine learning based blocking.

Ads are obvious, they have to be for users to see them. You could probably use text classification and object recognition to filter ads effectively. And you could do it from the view layer where nothing on the page can tell they've been blocked.

This is also my tinfoily theory for why Chrome restricts the API's used by ad blockers. It's to prevent more effective blockers from being developed.

I don't think so. Machine learning is generally poorly suited to dealing with an intelligent adaptive adversary capable of an unpredictable universe of inputs.

Text classification might be very good at identifying ad text. There's a popular fake news dataset where models hit 85% accuracy https://link.springer.com/chapter/10.1007/978-3-030-68787-8_...

Ads are highly tuned for click through rates. Even if the model isn't 100% accurate, it would force advertisers to use less effective ad text to avoid filters.

> it would force advertisers to use less effective ad text to avoid filters.

That seems counterproductive to me. I mean, ads would still be annoying. And that’s why we block them.

I decline to accept ads because I don't want professional manipulators tricking me into acting against my best interests. I consider myself fairly good at resisting manipulation, but these are highly skilled experts backed by the full power of modern neuroscience, and they aim to catch me off guard. Adverts are hazardous to view, and you should not do so without utmost mental focus and discipline, which is impractical during general browsing.

The avoidance of annoyance is a just bonus.

"Tricked by professional manipulators". I like that phrasing over what I've tried to use: "mind control". Makes me sound like a conspiracy wacko.

> Ads are obvious, they have to be for users to see them.

I'm not so sure about that: https://static.seattletimes.com/wp-content/uploads/2020/10/g...

(See also: "native ads".)

>This is also my tinfoily theory for why Chrome restricts the API's used by ad blockers. It's to prevent more effective blockers from being developed.

In general, we've been engineering around bad user software install decisions for decades. Windows spyware, toolbars, spammy mobile apps, for example. The apis needed by an ad blocker are exactly the kinds of APIs that would be coveted by and used by nefarious ad products. In fact, the Firefox ecosystem took a big hit when Mozilla shut down a bunch of APIs that allowed for some pretty amazing ad blocking a few years ago. So why did they have to take those APIs out of the product?

Nefarious products that used those APIs. For example, on of the first things that happened with the original AdBlock was it was cloned and used to deliver and rewrite ads by a scumware company. All the warnings and pop-up scary messages in the world don't stop users from making bad decisions, and that at Google scale, may actually be a bigger problem. Ad Blockers may simply be collateral damage as the cost of dealing with app-drive ad fraud is petty staggering compared to the small number of ad blocker users.

That said, I'm on the side of giving users the power, even if they occasionally shoot themselves in the foot.

Theres another option. Better vetting for apps and extensions that use dangerous API's.

It's disingenuous to say "these API's are too dangerous to use" when the browser itself does all the things the API could. Why should people trust Chrome or Firefox more than their extensions?

Google/Apple got themselves in this situation by having their official stores. People assume it's on the store, it's safe. Now they take away API's because they don't actually police their stores, they just made them to have a captive market. Now they blame extension developers and take away API's because they don't want to admit they don't police their own stores enough.

Before the days of official stores most people were careful what they downloaded. And they would be again if it wasn't in these companies perverse interests to convince users that store apps are safer than non store apps. Because people would stop using the stores and take away the money train.

The right way to fix this would never happen. Decentralize the stores and let users make their own decisions. And take away all the api restrictions because once people realize the risk they'll be more careful. PC's are and have been an open market for decades, yet getting viruses is rare. I have no reason to believe it would be different for phones and extensions

Not everything has to be done with machine learning you know.

Such a shame uMatrix was discontinued.

uBlock Origin comes close, and surpasses in some ways (I used both for that reason) but lacks separate control of cookies, images, scripts, etc. So you can't accept a particular third party's images without also accepting its scripts, cookies, etc.

I mention it mainly in the hope that we can popularise its maintained fork 'nuTensor'.

After trying uBlock (as in attempting to also cover what I used to use uMatrix for) for a few weeks I think it's insufficient and nuTensor is the better option for me, but it quickly won't be if ~nobody uses it and it falls by the wayside.

Alternatively uBO could support the few details it lacks from uM? It seems like the problem basically was difficulty/time constraints in supporting both.. but I don't know why they were ever separate? There's plenty of overlap. If uBO had uM's granularity in 'advanced mode', that'd be perfect.

I'm in the same boat. My main objection to uBO is the cryptic UI. I have no idea what the two columns to the right of a domain are as there's no column headings, or the two nested buttons in each column, one of which is grey (where I'd assume there'd be green to counter the red?), or the "+"/"++" that sometimes appear over said buttons... Or the green bars that creep in from the far left over the domain names, at staggering lengths.

The uMatrix UI on the other hand was incredibly intuitive, and more granular. Then again, maybe that comes down to me not understanding what the hell is going on with uBO's UI.

All your questions can be answered by reading over the documentation in the uBo github wiki.

With the uMatrix UI, the answers were immediately obvious without reading a wiki.

Well-designed software shouldn't require the average user to read documentation to understand basic features

Doesn't that UI only present itself if you declare yourself an advanced user?

Yes exactly. If you don't understand the controls, reading the linked FAQ is really worth it and doesn't take that long.

Having the exact same issues. If someone could clarify that would be awesome.

That panel is described in some detail here [1], though even after reading it the click behaviour is very unintuitive. It's explicitly an advanced-user thing, though, and only shown if you click "More" on the basic popup.

[1] https://github.com/gorhill/uBlock/wiki/Quick-guide:-popup-us...

That link doesn't seem to actually describe the advanced mode panel in any detail at all. The link that does is https://github.com/gorhill/uBlock/wiki/Dynamic-filtering:-qu...

> So you can't accept a particular third party's images without also accepting its scripts, cookies, etc.

It's a clunky interface with poor discoverability, but with the uBO logger open in a browser tab you can click on any request right beside the timestamp and define a new rule with the desired granularity. In the URL Rule tab, the unmarked left column sets the allow/noop/block behavior.

Edit: Found the wiki page: https://github.com/gorhill/uBlock/wiki/The-logger#creating-f...

But this is something I do on a good chunk of websites the first time I visit them. (Not all, because my base - allow first-party, allow all css, allow all images, block all cookies - is also often enough.)

It's just too painful to open a logger, find a request, craft something manually, etc. uMatrix is point and click and it's right there in the toolbar.

> but I don't know why they were ever separate?

I also wonder about this. I still run both side by side. (I haven't noticed any problems with uMatrix so far ...) All I really use uMatrix for is quick coarse grained 2D filtering of various content types. I don't understand why that couldn't be implemented as an optional "first pass" filtering layer in uBlock.

I realize uBlock can mostly already do what uMatrix does, honestly I just find the 2D UI to be incredibly convenient and intuitive.

I find ublock much more granular than umatrix. It can block all js and allow a particular one, block just a segment of inline scripts.

It can block separately a single script, image or any other request. I find it much better than umatrix which can't do many things that ublock does. If someone wantd to they can just install it and forget it also. Much more versatile.

I agree it's a shame, and I hope there is a legit replacement. However, it continues to work for me, so far, without issues.

I too use umatrix, but someone said ubo had an advanced setting that was like umatrix, so I was thinking about switching.

Is this true or not?

wait, here it is: https://news.ycombinator.com/edit?id=25920135

That comment:

> umatrix is built into ublock origin now, just enable advanced mode in ublock.

I have advanced mode enabled and don't see anything remotely resembling the uMatrix source vs type grid. There's a couple overly cryptic { allow block other } columns with rows corresponding to the source and that's it as far as I can tell. No { css image frame etc } columns in my UI.

On the uBO popup, if you click "More" on the bottom left a few times, you eventually get a uMatrix-ish grid on the left side of the popup. (Not 100% sure if that's what you're looking for.) I agree with other commenters though that I don't really understand the uBO grid and found the uMatrix grid much more immediately accessible.

Yeah that's the grid I was referring to. It isn't the same as the detailed 2D breakdown that uMatrix gives you. Instead it simply has a blanket { green grey red } for each source.

(Also I can never seem to remember precisely what each unlabeled colored box does. I never have that problem with uMatrix.)

The uMatrix 2d grid is a vastly superior UI than anything uBO offers for the same functionality. I keep using both because of that. uBO for blocking ads and hiding elements, especially on my phone, and uMatrix to selectively block JS and everything else.

Yes, that's what I tried switching to using (from uMatrix + 'simple mode' uBO for cosmetic stuff only before).

It's just not as granular - you lose the 'type of thing to allow/block' dimension from the uMatrix matrix.

> except you have to write them by hand

Well yeah, no, I don't want to do that. That's why I always ran both, (uBO in 'simple mode' cosmetic blocking only) and now nuTensor seems like a better option than diving into uBO alone. I gave it a go.

nuTensor would be a lot more accessible if it were a signed extension. Having to sideload it is a non-starter for most people.

>At browser launch, Firefox will wait for uBO to be up and ready before network requests are fired from already opened tab(s).

>This is not the case with Chromium-based browsers, i.e. tracker/advertisement payloads may find their way into already opened tabs before uBO is up and ready in Chromium-based browsers, while these are properly filtered in Firefox.

>Reliably blocking at browser launch is especially important for whoever uses default-deny mode for 3rd-party resources and/or JavaScript.

Oof. TIL. That makes blockers kinda crippled in chromes, if you expect them to actually block things.

Google has an obvious incentive to make life hard for ad blocking extension developers. Chrome and chromium exist because their business model is showing ads in it. That's the only reason it exists. Everything else it does is there only to convince users to use it and thus get exposed to ads and tracking. That includes performance work, UX work, etc. that Google puts a lot of time and money in. It makes Chrome really nice to use.

Mozilla and Firefox exists because it's developers wanted to create the best browser possible. That's why it had extensions before Chrome was even a thing and that's why ad blocking extensions exist almost as long as extensions have been a thing. Adblock emerged somewhere around 2002 which was very soon after the first OSS releases by Mozilla reached the 1.0 stage. Also Phoenix, Firefox' ancestor became a thing around that time. Tabs and extensions were some of the early things that made that popular. Ad blocking always was the #1 use case for extensions.

Ironically, that's why Chrome has extensions. The only reason it supports extensions is that not having that would have made it impossible to grab market share from Firefox (and Internet Explorer). Having support for both extensions and ad blocking were a hard requirement for Google despite its business model. But now that it is the dominant browser, that feature is no longer as important as it once was. So, Google has been slowly making it harder for extensions to interfere with their ads and tracking. They can't make it too hard or their market share will evaporate. But they don't have to be particularly good at it. And now that they have Android, they don't have to worry as much about losing market share. Android exists for the exact same reason. Chrome is losing relevance as a revenue stream as users consume more content on Android via "native" apps running in a virtual machine compiled against mandatory proprietary ad & tracking technology.

Reminds me of cable television: the TV shows exist to keep people watching the ads.

Either I'm understanding it wrong or you're way overestimating this issue. Unless you close and open your browser between every single website you visit, this impact is probably negligible. Most people don't even close their browser windows ever between computer restarts.

And when you do restart, every single open tab will/might be able to load everything, unblocked and unfiltered, in the period between Chrome starting, and starting the extension.

Absolutely correct but I guess many innocent souls here will still think of it as a minor inconvenience, so let me explain:

For some people it is not just about annoying ads; for those people paid or unpaid work (or something else, I'm not here to judge) takes them to sites where you'd rather not be surfing with js enabled.

Remember: Client-side JS is a way for whoever controls the server side to execute code on your machine. Disabling JS instantly removes whole classes of nasty exploits.

I have used Chrome for years with uBlock and I have not once since a single ad go through during launch. So realistically this "window" is most likely negligible, which make sense given how efficient and fast uBlock is. Maybe if you're running on a potato.

On the other hand, I don't want random extensions, which could be misbehaving or poorly coded, to be able to indefinitely delay the browser's launch, even if it comes at the cost of one ad making it through. Imagine having dozens of extensions and trying to figure out which one is slowing down your launch because there's a bug.

Try on youtube, it loads ads on chrome startup that ublock usually blocks.

I love Firefox and I use it on principle. I don’t think I have a worse web experience, although that wouldn’t stop me.

What does break websites is turning on anti-tracking measures. The number of times a site won’t work till I enable third party cookies shows the sad state of the web. Developers, do you only test in Chrome on Windows with default settings or something?

"Whatever gets my jira from the left side of the board to the right side of the board."

I've hated my experience with resistFingerprinting enabled. I can't get dark themes, my clock and times are always wrong, you're locked to en-US, no WebGL, etc.; basically any feature that could make the web nicer and have content tailored for be is now weaponized for fingerprinting. I've recently switched off fingerprint resistance and moved to a script blocker as the sites I do trust do offer a nicer experience I've been missing out on.

> I can't get dark themes

I really hate that firefox sets prefers-color-scheme: light with resistFingerprinting [0] even if the site is implemented in such a way that the color scheme selection provides no information to the server (no JS, no external resources loaded dependent on the color scheme). Even using no-preference would have been better - then the site could at least choose to make a dark theme the default.

> you're locked to en-US

Ugh, this will only lead to even more websites ignoring the Accept-Language header and just guessing based on location derived from the IP address.

[0] https://bugzilla.mozilla.org/show_bug.cgi?id=1540726

100% I hate getting targeted based on my IP -- especially using a VPN. I happen to speak and prefer "en-US", but I don't think it's good for the internet in general.

> The number of times a site won’t work till I enable third party cookies shows the sad state of the web. Developers, do you only test in Chrome on Windows with default settings or something?

Well, Chrome is removing 3rd-party cookies by next year, and they are disabled by default in Safari already (well, sort of, ITP is weird). So many problems which used to happen to very few users are now being quickly prioritized. There are lots of use cases for third party cookies (example: you have a centralized management platform for lots of websites which have unique mapped domains, and you want to be authenticated against all of them at once), so it’s not surprising that critical features can be broken. It’s very much backwards incompatible.

But I agree, overall removing 3rd party cookies is great. Though, it’s important that whatever advertisers think of next isn’t just as bad.

the tab containers are amazing

I would use Firefox + uBlock Origin over other browsers even if it was half as fast.

You'd loose all that performance gain to ads anyway. I'm truly shocked how horrible the experience is whenever I see someone browsing the web without it.

It's absolutely wild, I have Chrome Canary installed w/o any addons because of some bleeding edge WebBluetooth stuff I'm working on and occasionally I'll forget which browser I'm using and visit a site with it. The web without adblock is basically unusable, it's legitimately completely insane that people will put up with it.

I've said it before, but the entire ad business is a cancer. Every minute of the modern human experience is exploited for maximizing profits. I've read an interview recently with an journalist / documentary film maker (forgot his name) where he was talking about "bullshit jobs" and for most people, their actual function is to consume. That's why ads are penetrating every last part of our private lives, greatly accelerated by modern consumer electronics. Want me to disable adblock to look at your side? Fuck you, I'll never visit again. Youtube video with forced ads at the beginning? Instantly closing it, never to visit again. All my devices have some kind of adblock mechanism, my "smartphone" is rooted, my "smart TV" will never have any internet connection, my browser will always be the one working best with adblock technologies.

Sorry for the rant.

Don't be sorry friend. You are correct and I hear your frustration, and while we're at it most SaaS is just as vile as advertising. I fear that this is the inevitable conclusion of unfettered capitalism and perhaps individual refusal to participate is one of the few ways we can begin to turn the helm on a world that worships unfettered greed.

I think that was Jaron Lanier in The Social Dilemma.

People don't put up with ads. They are forced upon them. Many of them with no knowledge of how to block them.

To them, ads are part and parcel of "using the internet". Some of them hate ads. But not for technical reasons though.

Outside of complaining why they hate that annoying ad from company X, most people probably won't be motivated enough to actually do anything about it. For some, this is just how they expect the "internet" to work. An ad-free one would feel broken to them.

Ads are not a bother for most casual people.

I remember going to my parents before I set them up with ublock, I thought they had some kind of malware before I realized "Oh this is just what the internet looks like, now"

In what way is Firefox not fast? I typically run it right alongside Chrome (Firefox for personal stuff, Chrome for work) and don't notice much of a difference switching between them. If anything, Firefox is faster.

In benchmarks Chrome is usually slightly faster on average than Firefox. Really not something you would notice with normal use.

I see quite a big difference for sites that rely heavily on JS, especially on MacOS.

On Android as well. Quite useful!

I can say, that is not true for me :-/

Since a few weeks I use two 4k displays with my work laptop running Windows 10 and I with 4k it seems that Chrome is quite a bit faster than Firefox on Windows. With the FullHD resolution I used before I never noticed a huge performance difference. I don't know what causes it and on my private PC (different hardware) running Linux I never experienced performance differences of that dimension, but currently I have fallen back to using Chrome on the work laptop :-(


> The Firefox version of uBO makes use of WebAssembly code for core filtering code paths. This is not the case with Chromium-based browsers because this would require an extra permission in the extension manifest which could cause friction when publishing the extension in the Chrome Web Store.

Anyone know what this extra permission is and why requesting this extra permission would cause friction?

UBlock already had a new version rejected a while ago. Big HN thread at the time.

Presumably they are just really careful to avoid giving Google any excuses.

My guess is that it’s much harder to review WASM bytecode to make sure it doesn’t do anything sketchy.

The approval process differs for extensions published to the Firefox and Chrome stores.

When submitting to the Firefox store you need to send them your un-minified, un-obfuscated source, along with step by step instructions on how to build. If you get big enough they do review the code in surprising depth. The hash of the compressed file pushed for release, also needs to match that of the compressed file the reviewer can build.

When submitting to the Chrome store this is not the case. You can push up minified, obfuscated code and that's what the reviewers have to work with.

I'm not familiar with why WASM needs extra permissions for Chrome extensions. It might be that the increased complexity of reviewing bytecode does indeed introduce more risk for the user. The permission request might just be the Chrome store pushing acceptance of that risk to the user?

> You can push up minified, obfuscated code and that's what the reviewers have to work with.

Minified maybe, but obfuscated is against the rules, for over 2 years now: https://www.zdnet.com/article/google-to-no-longer-allow-chro...

Chrome also does check the code manually, not sure if it's on the same level as Firefox though.

yup, you're absolutely right [1]

  Code Readability Requirements:

  Developers must not obfuscate code or conceal functionality of their extension. This also applies to any external code or resource fetched by the extension package. Minification is allowed, including the following forms:

  - Removal of whitespace, newlines, code comments, and block delimiters
  - Shortening of variable and function names
  - Collapsing files together

The whole point of WASM bytecode is that it doesn't need to be reviewed. The worse it can do is "stealing" your CPU time, but WASM was specifically designed to safely run third-party programs in the browser

Surely the ublock devs are not writing WASM directly? It would be possible to have the source code available for audit with some way of proving it generates the assembly that is being shipped.

Sorry anything is possible, but your comment is a bit hand wavy.

Reproducible builds are non trivial.

And then what - the reviewer is now supposed to build your software and verify some Hash?

Or were you thinking something else?

> Reproducible builds are non trivial.

That's true, but they aren't rocket science either. It's perfectly reasonable to require them for browser extensions.

>And then what - the reviewer is now supposed to build your software

I believe that is standard operating procedure for the chrome store.

Yeah that one sounds like a negative being described as a positive.

I wouldn't say that. Using WASM is legitimate and will certainly give a performance boost at the very least. I'm just curious about the nuances of having it included in Chrome.

Presumably one that allows the extension to run Wasm code

If extension requires new permission it wouldn't automatically update anymore until you allow it. It's enough friction for such an extension I guess, personally installed it for countless of people and most of them would just ignore updating it.

I can't live without uBlock Origin and uMatrix, and was sad to see uMatrix archived [0]. Still works great, but I'm wondering what will happen long term. Anyone also use both and since drop uMatrix for something else, or just uBlock? How is it?

[0] https://news.ycombinator.com/item?id=24532973

It's been really interesting to watch recent gorhill tweets where he describes some laboured efforts to type in rules to block content in ublock that you can do in umatrix with the click of a button.

I don't understand it, but I agree that unlock+umatrix on desktop and mobile has been the best thing about browsing for years.

I think maybe he wants to consolidate Dev effort and I completely understand. He's probably the only person I'm patriotic about right now.

uMatrix is so fundamental to my web experience, I dread the day it stops working.

As I remember it, you really shouldn't be using both at the same time. Don't remember why, only that it's a bad idea. And you can set up uBlock to do most of what uMatrix does anyway.

It's because there was some overlap in their functionality.

What I did was disable the overlapping functionality in uBlock Origin, and let uMatrix handle the rest.

FWIW, I use uBO together with NoScript, on both desktop and on mobile (Android). I've never used uMatrix, and I've been told by others that it was a superior experience, but if you want a combination that is still being supported, I can recommend this combo.

I really, really wish Apple would update Safari for uBlock Origin. I’m about to publish a Safari extension (a NoScript equivalent) and the content blocking APIs are so limited. iOS is even worse than the Mac, too. On iOS AFAIK you can’t even reload the page for the user.

That will never happen. Apple moved several years ago to the “content blocking rules” mode on iOS, where all that any blocker can provide is a set of rules to match URLs with (to put it in simpler terms). Safari would lookup every request against the rules and block requests without the extension getting any information about which URLs were visited, which rules matched, and which ones were blocked. More recently, it moved to the same model in desktop Safari too (there’s a detailed post on the uBlock Origin issues/forum about why there will never be a uBlock Origin for Safari even though the browser has started supporting WebExtensions).

The way uBlock Origin and similar extensions on desktop browsers like Firefox work is by intercepting all requests, which means it can exfiltrate your browsing behavior and/or sell that. I’m confident that uBlock Origin doesn’t exfiltrate data, but the same cannot be said of other extensions in this space.

Apple, with its already restrictive content blocking model, will not allow a way for extensions to look at requests or manipulate requests. Chrome’s Manifest V3, whenever it’s adopted on the release version of Google Chrome, will also kill uBlock Origin (it allows requests to be seen, but not intercepted/modified).

Keep in mind that on iOS you have no browser options AT ALL. You get Safari or skinned Safari.

Per the Apple app store rules, no one may publish a browser or javascript engine and any app that browses the web MUST use safari's webkit.

This is by design so that web feels very bad on iOS compared to native apps, so you'll keep using native apps and Apple will get their 30% of whatever you buy in app.

> This is by design so that web feels very bad on iOS

The reason is because the WebKit engine on iOS is heavily optimized for battery life and can make use of private APIs that further that goal.

Safari and Chrome are essentially the same engine under the hood, the web wouldn't "feel" better if you had one over the other.

> The reason is because the WebKit engine on iOS is heavily optimized for battery life

I'd add security too here. Also, if they allow native Chrome on iOS, Google domination in web standards would be complete and irreversible.

Why are these APIs private, then?

Webkit and blink have diverged significantly

I agree.

Recently Safari on iOS has changed how the back button works so pressing back now takes me to the top of the previous page rather than the location I was at before I linked away.

More recently Firefox on iOS also behaves this way.

The irony is that this is the model the new Chrome API was going towards, and Apple has been using it forever, but when Google goes to do it, everyone has tinfoil theories about how Google is specifically doing it to kill ad-block extensions, but when Apple does it, very few people complained.

Realistically, it's probably more security and battery efficient. I doubt they'll undo it.

To be fair the ad-blockers available for Safari are severely limited compared to what can be done in Chrome. Things like YouTube ads for example aren't blocked reliably in Safari in my experience.

That was my point exactly, and no one ever claims Safari's model is done for bad reasons, but if Google were to do something similar to Safari, they would get a ton of hate.

The other side of the coin of content filtering is the possibility of snooping and data exfiltration.

> The other side of the coin of content filtering is the possibility of snooping and data exfiltration.

I am relatively naive in this realm, but this is why I chose Firefox Focus as my iOS Safari context blocker.

Firefox Focus also seems like a great browser to have set as the default in apps like Apollo.

On iOS, the content blocking model has never exposed one’s browsing history to the blocking extensions. Whether it’s Firefox Focus or some other content blocker enabled in Safari settings (you can enable more than one), the extensions can only provide a set of URL patterns that the underlying Safari browser engine (used by Firefox Focus and every other browser on iOS) will match with requests and block. No information —about which URLs were visited or matched with the blocking rules or which ones were blocked — is ever known to the content blocker app/extension.

You should give Insight Browser on iOS a chance. It’s literally safari + ad-block and some other goodies bundled up under a nice to use interface.

Literally all browsers in iOS are safari + some other goodies. But thanks for the suggestion, it seems to have some useful extensions!

> you can’t even reload the page for the user

Can you explain why you'd want to do this? At first blush it seems like a terrible idea to allow extensions to reload pages.

On the ublock origin UI you can click a little icon in the toolbar pull up the settings for that page. There is a little icon you that shows you whether it is enabled or disabled both in the toolbar and in this settings page. Clicking it in the settings page toggles the state for that page which is retained next time you visit.

When you change the state a little refresh icon appears right behind the status icon indicating that the state of the page as shown doesn't match your setting. Clicking it reloads the page.

You could reload it automatically at state change but this might break whatever the user is in the middle of doing.

You don't have to have this feature but it is handy that the reminder that the page is out of sync is a button to fix this and that it is half an inch from your current mouse position.

I created an extension that flushes all cookies and local storage for the current domain; it then reloads the page so you appear to be a fresh new visitor.


It's called "Howdy Stranger", it's listed in both Firefox and Chrome official add-on stores.

You just got yourself an install. The VMware partner portal is so buggy i need to do temporary containers all the time, but this is nice. Thanks mate!

I've been a daily user and advocate of Firefox since Opera changed to using Chromium. But recently I've grown tired of their privacy hypocrisy and company decisions that I've uninstalled it and started to try out Edge/Brave/Vivaldi as my daily. It has pained me to do this as FF was my last safe haven away from Chromium.

If you dig into some settings and follow tech news, I have begun to question some of Mozilla's controversial settings, deals with 3rd parties and their political blog posts. I also have a problem with the CEO making $3m per year yet a continued market share decline since she came on.

Just a few of the things off the top of my head that I feel betray my trust of Firefox (all of these pertain to default Windows install):

1) Enabled by default all of your website DNS requests going to Cloudflare with a "promise" this information is not being used or sold. We all know how solid this promise has been for other large tech companies. All under the promotion that DoH protects you from your own ISP.

2) Upon install, FF installs a scheduled service that runs daily. From what I've found out, that service is sending back to Mozilla what your default browser is on YOUR PC (why is that their business). This scheduled service remains on your PC even after uninstalling Firefox and continues to run daily.

3) Enabled by default are Browser Studies and testing a clean install one is already installed and active called "F100 Snippets". Studies allow the Firefox team to install stuff right to your browser whenever they want, to gather telemetry .

4) "Recommended extensions" enabled by default. Got a nag for a recommended extension after few days of browsing. So FF must be scanning your browsing history in order for this to work?

5) this result: https://brave.com/brave-tops-browser-first-run-network-traff... . While it was from 2019 so needs to be updated, but upon first-run I was shocked at the results for FF here.

6) Firefox on Android has a known tracker embedded and enabled by default called Leanplum. From Mozilla's own website they state "Leanplum is a mobile marketing vendor"

I'd love to support and use FF solely again, but I think they need some serious shaking up, starting with a new CEO (who allows this stuff).

I don't have the background behind all of those and I'm sure not everything is rainbows and butterflies (especially Firefox for Android has some iffy stuff, I think), but for a couple of your points...

> 1) Enabled by default all of your website DNS requests going to Cloudflare with a "promise" this information is not being used or sold. We all know how solid this promise has been for other large tech companies. All under the promotion that DoH protects you from your own ISP.

AIUI, this is only in the US, where for practically everybody the alternative is indeed that they're going through your ISP, with a promise that the information is being used and sold. Kind of a rock and a hard place situation.

> 4) "Recommended extensions" enabled by default. Got a nag for a recommended extension after few days of browsing. So FF must be scanning your browsing history in order for this to work?

To clarify, it's not the extensions themselves that are enabled, but the recommendations, right? If so, yes, Firefox is analysing your usage, but that is your local Firefox install, i.e. the thing that already has and uses your full browser history. AFAIK the rules for when to recommend what are the same for everyone and run just on your computer.

> 5) this result: https://brave.com/brave-tops-browser-first-run-network-traff... . While it was from 2019 so needs to be updated, but upon first-run I was shocked at the results for FF here.

The article states: "Firefox remains one of the chattiest browsers during a first run. At 117 requests, it lead the pack with individual requests. It should be noted, however, that this isn’t the browser itself making all of these calls, but another page that is present during startup."

So it seems that the initial page is the thing making most of the network calls, and not the browser itself. Wouldn't this mean that we can simply disable the wi-fi/internet temporarily to load the browser initially, closing unnecessary tabs, and customizing it as we needed?

In general, this seems like a good practice for opening up apps in general, even though it's a minor inconvenience and we theoretically shouldn't have to do this. Anyway, I don't mind the telemetry if it will help and not be used against us.

Yeah that's all true maybe but the other vendors are far worse AFAIK.

> Upon install, FF installs a scheduled service that runs daily. From what I've found out, that service is sending back to Mozilla what your default browser is on YOUR PC (why is that their business). This scheduled service remains on your PC even after uninstalling Firefox and continues to run daily.

This is shocking to me. More information, if anyone is not aware yet: https://firefox-source-docs.mozilla.org/toolkit/mozapps/defa....

> The Default Browser Agent is a Windows-only scheduled task which runs in the background to collect and submit data about the browser that the user has set as their OS default (that is, the browser that will be invoked by the operating system to open web links that the user clicks on in other programs).

Isn't default browser usage potentially useful statistical information? What's the worst that will likely happen if people have that data?

It being useful does not mean that Mozilla has any right to collect that information without informed consent. Leaving behind a telemetry service when uninstalling the software it came with is certainly scummy.

I have no issues with Brave after disabling all of their crypto stuff and widgets. It's safer, smoother, and much better at ad-blocking than bare Firefox. I don't care about CNAME-uncloaking by uBlock Origin, because that's already being taken care of by NextDNS at OS level.

Slightly off-topic, but it was Firefox's Total Cookie Protection recently that finally got to me to switch from Chrome as my daily driver.

Don't get me wrong, I miss Chrome as it just felt like a_smoother_ user experience, and I fear for Firefox replaying Opera's history given that the rest of the industry has standardized on Chromium... but I love how pro-privacy Firefox is.

I always have the opposite idea, Chrome is a total mess for me when it comes to UX. Probably just what you are used to first.

I disagree. I’ve been using Firefox as my primary browser for at least 3 years now and still, whenever I have to fire up Chrome for some reason, my first impression is “ahh, this is sadly still so much smoother.”

i disagree. imo peak browser-ux was around 2005 with the original opera. pre-quantum firefox was ok-ish but already part of the decline.

I started using Brave in addition to Firefox recently and I was curious if it supports this. Seems like it does (https://brave.com/privacy-updates-6/) and uBlock origin was the inspiration for that feature.

I never used uBlock, but I did use uMatrix (discontinued, but still working) which allows you very fine grained control over scripts and other resources based on the domain. Unfortunately it was a pain to get some things to work with that, especially online payments which use many subdomains and redirects. Paying for anything online was a game of enabling 10 domains on average, reloading the website, re-inputting payment info, etc. Some websites (like twitter) simply didn't work even if one enabled all the domains which appeared in the matrix.

Brave is pretty decent at blocking JS. Not as fine grained as uMatrix, and it apparently doesn't remember that you enabled things (at least in private browsing). I think it doesn't perform what uBlock calls HTML filtering, because it still makes requests to websites which were completely neutered by uMatrix. All in all it's more pleasant to surf using Brave than Firefox, because fewer websites are broken by the blocking.

I wasn't pleased with Safari's native tracking protection + a simple Safari blocking extension which only looks at URLs. Websites work the best, but it's making requests to many unwanted domains still. Maybe it's blocking cookies and scripts, no idea, but I'm not happy even with the simple requests for resources going through.

Brave is Chromium-based and suffers from all of the limitations stated in the parent article.

(Except for CNAME cloaking. However, their CNAME uncloaking only applies to their built-in tracking protection. AFAIK, if you use uBo on Brave it will be still unable to uncloak CNAMES.)

> Brave is Chromium-based and suffers from all of the limitations stated in the parent article.

Only for extensions. Brave Shields is implemented in natively compiled Rust and C++ (which is even more efficient than WebAssembly), is able to load rules before making any network requests, uses a compressed filter list data representation, and prefetching is disabled entirely in Brave. The only thing currently missing from that list is HTML filtering, which is fairly rare in practice and generally has fallback rules in popular lists anyways.

And it's still only half as effective as uBO on Firefox. The amount of pop-ups that manage to get through is absurd and it's one of the main reasons why Firefox remains my daily driver.

While uBlock inside Brave suffers from the same limitations as uBlock within Chrome, the more interesting question is if Brave's native blocking makes that irrelevant or not.

Brave does have a few intriguing privacy features, like plugging WebRTC IP leaks while still allowing use of WebRTC (Firefox is off or on while Safari's always on AFAIK), so that's not excluded.

The main problem with Brave is that they're building on a browser which is designed to leak privacy like a sieve. It seems that they're being careful and monitoring all the anti-features Google's adding, but who knows.

It doesn't make it irrelevant. For example, sponsored Tweets on the Twitter web app aren't blocked in Brave (at least the last time I checked).

Brave even openly admits this in that blog post announcing their support for native CNAME uncloaking-

> In version 1.25.0, uBlock Origin gained the ability to detect and block CNAME-cloaked requests using Mozilla’s terrific browser.dns API. However, this solution only works in Firefox, as Chromium does not provide the browser.dns API. To some extent, these requests can be blocked using custom DNS servers. However, no browsers have shipped with CNAME-based adblocking protection capabilities available and on by default.

I made this prediction a little over a year ago: https://news.ycombinator.com/item?id=21506330

> after one year of Manifest V3 actually shipping to users in mainline Chrome:

> - Assuming that Manifest V3's declarative API is not significantly changed from its current implementation.

> - If you visit each of the top 10 publishers in the US (including open publishing platforms like Twitter/Facebook/Youtube) [...]

> - Firefox will block more web trackers (65% likelyhood).

> - Firefox will block more visible ads and popups (55% likelyhood).

It's debatable whether or not the December rollout of Manifest V3 "counts" because Manifest V2 is still going to be available for about a year, but it's also increasingly looking like it won't matter -- the prediction might end up being proven right regardless of whether or not Manifest V2 is removed.

I would probably raise these likelihoods if I were to revisit the prediction today. I think it's reasonably unlikely that CNAME masking is going to go down in popularity, and I think it's reasonably unlikely that Chrome is going to put in the effort to catch back up. The one thing that gives me pause is that the original prediction specified looking at the top 10 publishers, and I'm not sure if any of them are using CNAME masking yet.

I truly hope gorhill is able to continue offering his services to the wider Internet community for a long time still to come.

Our children have grown up on a, largely, ad-free Internet; and it's all thanks to people like him.

Honestly, I can't really browse on my phone anymore. I'm... spoiled by FF + uBlock and I can't tolerate all the distractions.

Will we ever get enough traction on either blocking mechanisms or stop shoving ads everywhere? Will the general public experience the pleasures of an ad-less internet?

P.S. I'm on an iPhone, blockers failed me so far. Thanks for the suggestions fellas.

I can’t look up a recipe for boiled eggs without coming upon a 15 paragraph essay with ads in between each paragraph. It’s so obnoxious now. I don’t mind that people want to monetize, but it’s getting off putting when it is so obnoxious.

On recipe blogs, you are probably not looking at the actual author monetizing. Rather, someone decided to create a copycat website, hire a minimum-wage content writer off a freelancing platform to rewrite the original text so that no copyright violation is apparent, and then they put the copycat website up with a boatload of advertising and SEO. The 15 paragraphs are an SEO trick, as Google gives higher weight to longform text.

This ecosystem is now so advanced that new copycat recipe sites are based on existing copycat sites. You can easily tell if a recipe website is a copycat by comparing the supposed author bio to the quality of the English. If the author bio claims these are recipes by a born and bred Louisiana native who wants to share Southern cooking with the world, but the actual text is full of grammatical mistakes typical of Eastern Europeans or South/Southeast Asians, it is clearly a rewritten copycat site.

Yeah, exactly. Although in addition to the text acting as SEO, the initial reasoning behind all the "recipes-as-blogs" approaches is that recipes are not in general copyrightable, as they aren't generally considered creative works. (Whether the food itself is a creative work is not the question, it's whether the text qualifies as such.) So cookbook/recipe blog writers add enough text to the recipe to make the content subject to copyright protections.

Then, as you note, when people do inevitably copy the recipe, they churn out new replacement text.

You'll notice, for instance, that a recipe 'database' site like allrecipes doesn't have these massive text blocks associated with user-posted recipes, because there's no need or desire to have those be copyrighted.

Great point.

There are fundamentally 2 types of content, although the line is getting blurred : The hobbyist blog, and the publishers magazine.

The first exists for joy, the second only exists to deliver adverts.

THe blurring occurs because some of the blogs became such hot property the founders sold up.

FF with uBlock is available on android.

Alternatively check out "Paprika" which bills itself as a recipe manager but actually will scrape webpages and extract out recipes for you.

And darkreader addon. Addons for firefox mobile is very handy.

I, too, am tired of reading fanfic murder mysteries to get basic recipe information.

I made https://thisfoodblogdoesnotexist.com as satire. It uses GPT2 to generate blog content like those 15 paragraph essays.

Needs more paragraphs. None of them talk about how their kids are doing in school.

2 years from now someone else's AI is generating content based on your content, a year later someone is ripping them off, a year later another script is filtering out the most useful stuff from the second guys stuff and its actually good content.

Some of the recipes seem actually plausible, e.g. https://thisfoodblogdoesnotexist.com/30-Minute-Rice-Pudding-...

The recipes are real and not generated. Feel free to make it!

five cups milk would make rice soup.

You should add your site to the list: https://news.ycombinator.com/item?id=25176101.

The same, I find news articles particularly bad examples. I get advertisments, but news articles with excessive clickbaiity adds (adds not internal links to other articles) really do just make me close the tab down.

If there was some better mobile integration of the extensions or built into the browser itself to be perhaps less intrusive adds allowed it would be appreciated.

From that, are browsers legally allowed to implement an adblock/ublock directly into their browser ? Seems like something that would be considered against fair use or something along those lines.

>The same, I find news articles particularly bad examples. I get advertisments, but news articles with excessive clickbaiity adds (adds not internal links to other articles) really do just make me close the tab down.

Yeah, they follow every dark pattern in the book, especially on mobile. 90% of the time, I'll see a video at the top that autoplays, and then if I scroll down, it will make the video hover over the 75% of the article I'm trying to read. Who is this supposed to benefit?

Comcast and other ISPs who have crazy small data-caps and then bill the consumer 5 times over for used bandwidth and "overages" that might have MAYBE made sense 20 years ago.

that's not to mention the first page of results from your query will be from amzon, ebay, & eggsdirect.com trying to sell you the eggs in the first place.

The. Worst.

I don’t care at all about any of this. Give me the time they boil for ffs.

I don’t know if it’s sites paying by the word, or SEO, or some “value added” psychological trick. It is getting worse.

I bet they've noticed 'more time spent on the page' since they added interesting stories to those recipes! "When I was little, Grandma did this and that and blah blah blah".

Of course, the time spent is cursing, and skimming and hunting to find useful info. No one is finding the story interesting, but it looks good on metrics?

I wonder if the above is accurate or not.

I think the idea is that Google allegedly prioritizes pages by user dwell time, the idea being that if someone spends 10 minutes on your page, it's more relevant than another page where the user only spends 5 seconds before closing the tab.

So forcing you to scroll through an essay on the complete history of nutmeg before you can see any of the ingredients in a chocolate chip cookie recipe may improve SEO

but every recipe site I've recently encountered, had a "jump to recipe" link right at the top

I use https://recipe-search.typesense.org/ for finding recipes, it has scraped over 2M of them. No distractions.

I have resorted to buying books after being burnt by just bad receips floating around on the Internet.

Wow, it's exactly the opposite for me - bought a few cookbooks at ~19-20 years old and used them for a few years. Now it's been a decade since I last touched any of my cookbooks because the recipes are really limited and just not that great compared to what you find on the internet.

I guess I avoid the junk because I have good instinct, I can usually tell if something is going to be bad based on the ingredients. Also if I'm looking to make something "basic" I'll specifically look for Alton Brown's recipe for it or sometimes Chef John's recipe. I also sometimes just use recipes for "inspiration" too - just to get a basic idea of what the ingredients are.

Well, I use FF+uBlock on my phone :) It works super well.

They said they're on iOS, where you can only use WebKit, and therefore extensions like uBO are not possible.

Ah, that was edited in after I wrote my comment, sadly.

I host my own VPN on a raspberry pi at home so I can use my pi.hole even when I'm off my home wifi network. Unfortunately that seems to be the most comprehensive solution I can find for iOS, and sadly Android phones are pretty much all too large for me.

Firefox Mobile + uBlock works great for me.

It works pretty well but Edge/Chrome feel better than FF on mobile. Scrolling performance is probably the biggest difference. I've had issues with using FF as the default webview too.

From my perspective, scrolling performance is a minor annoyance, whereas the inability to block ads is basically a complete showstopper.

Fells better even with all the ads and other annoyances uBO blocks? I've never noticed a scrolling performance issue myself, let alone one worth tolerating that stuff over.

You can always use Brave. Not quite as good as uBO, but it still blocks most ads while being Chromium-based.

Anymore? I don't think browsing on a phone was ever viable. The problems changed over time, but I never found myself using the browser for anything other than absolute necessity. It's sad really.

Back in the day Opera with Turbo (or whatever it was called) was the peak of mobile browser usability for me.

Firefox does support no script on mobile! It's great

FF+uBO works great on Android.

On iOS, Safari with a couple content blockers (like Purify and/or 1Blocker) do a pretty decent job. Once in a blue moon something will get through, but the goal of dramatically improving load times and decrudding pages is accomplished well enough for me.

On Android, Firefox supports a subset of extensions that includes uBlock Origin. Chrome seems to be the dominant browser on Android but regardless of how good it is, I can't imagine not using Firefox there.

Firefox is my default browser on Android, and I use Chrome when I need to. It works fine.

I personally tend to use Chrome for "logged-in" internet use, and Firefox for "logged-out" use like browsing, news, etc. True on both desktop and mobile. Partly this is because Google's password vault has great UX across Chrome and Android apps.

You can push to force Apple to allow other browser engines. Firefox on Android supports extensions including uBlock Origin. Firefox on iOS is only allowed to be skinned Safari


>spoiled by FF+uBlock and I can't tolerate all the distractions.

I run FF+uBlock on my S21 Ultra. Works just like the desktop.

Not possible with an iPhone, I presume.

FF Mobile has uBlock

Firefox on iOS does not support extensions, fwiw

As I understand it, it's Apples fault for requiring all browsers delivered by it's App Store to be basically wrappers around Safari.

How has Apple not been strung up on antitrust grounds over this?

Because IOS is a small fraction of the smartphone and PC market.

It doesn’t preclude antitrust investigations.

I don't think it is in violation of existing law but I'm totally for addition protections like the ability of users to install software of their choosing on their own hardware including additional app stores.

That's because it's not real firefox. Apple doesn't allow real firefox / chrome / etc and all apps that browse web must use safari's webkit.

Keep that in mind next time you go to buy a phone!

You can use Firefox Focus as the ad blocker for Safari on iOS

> Will the general public experience the pleasures of an ad-less internet?

Remember how cable was supposed to replace ads on over the air tv? It was about minutes before it was all ads too. Streaming services are starting to get there but then the shows themselves are ads. And you have a scenario where Netflix and YouTube couldn’t exist in scenarios that didn’t rely on our bandwidth models and massive anti-competitive models.

... so IDKMAN... I don’t know how we get to an internet where people making things aren’t expecting to get paid for their submissions, especially now that we’ve jumped in there with both feet.

I personally would pay for a no-bullshit internet, but it’s just cable tv’s promise all over again isn’t it? As great as something would start out, soon would come the influencers and the narrative pushers and the censorship and the “forum sliding” and the downvotes / echochambers / bubbles / power tripping moderation...

I’m wondering if the solution isn’t just to give it all up and use the tools only when you need them. A cabin in the woods, but a spotty dialup connection for when you need to find something.

> would pay for a no-bullshit internet

The money is in selling you ads, on a revolving basis. Not in you ponying up a subscription fee to not see those ads.

If it's not the ads, it's the usual FBI or whatever government surveillance program tracking you.

You are right on the solution however. Some ads and tracking are so pervasive (e.g smart TVs) that the only truly effective way to mitigate against them is to cut down on or eliminate your exposure to these devices.

I use AdGuard pro on an iPhone and generally don’t see any ads at all in Safari. I believe this app will block ads in any iOS browser.

I'd like to switch to iPhone, but the lack of real Firefox + uBO is what keeps me from doing it. It's good to know there are some options there, thanks for the pointer.

If ad blocking is all you’re looking for, I can’t remember the last time I saw an ad in Safari iOS with Firefox focus content blocker, or Wipr content blocker.

I don’t notice any difference between Firefox or Chrome + ublock origin and Safari + Wipr/Firefox Focus.

I was much like you but I can say that AdGuard for Safari on iOS is pretty decent. Sure it isn't as flexible as Firefox+uBO on Android but it does a fine job at blocking ads and doesn't require any tweaking.

The biggest benefit is that as every web view on iOS is Safari it means you get content blocking in all apps that use a web view (providing they don't disable it which I'm sure some do but I don't know of any that actually do it). E.g. in the third-party reddit app Apollo any website you load within the app also has all ads blocked.


I paid for full version of AdGuard Pro late last year after my 6 month Android/Oneplus phase ended and I went back to iOS. It has worked REAL well and allows me to just use native Safari. I'm happy with this setup. I used to use free Firefox Focus as the content blocker before, but it would go long time between updates.

The only annoyance with Adguard Pro on iOS (and probably the same for all app based content blockers on iOS) is it is clunky to whitelist a site as they aren't integrated with the browser. You have to open the app itself, dig into the whitelist area and then manually type in/paste the domain name to add it. Brave and FF Focus you can do it right from within the browser, same as it was with FF/ubo on Android.

Also, AdGuard on iOS doesn't acknowledge specific pages only within a domain. For example; mlb.com is loaded with ads, their highlight videos show a 15 sec ad for literally every highlight. I have AdGuard enabled and the experience is so much better. BUT the "Standings" page doesn't load with AdGuard enabled and I can't just disable it only for that page.

Regardless, the small price to pay for AdGuard on iOS is well worth it.

AFAIK, ads can only be blocked in Safari on iOS. I have Adguard on my iPhone, but it only works in Safari – not Firefox, which is the browser I use. So that's very annoying.

Firefox has an additional app called Firefox Focus which installs a content blocker for both Safari and Firefox.

Also for Safari, Magic Lasso AdBlocker does a very good job.

Edge browser on iOS has an option to make use of content blockers in the same way that Safari does. Last I checked Chrome doesn’t.

I’m surprised to hear that Firefox doesn’t have the option to do so.

I don’t know if it’s just muscle memory, but Safari on iOS is still my browser of choice due to the way you open and close tabs in it.

There are DNS blockers for iOS, which block most ads, including in-app ads. Just need to find the right list.

If Mozilla can continue honing their mobile browsing team and keep alive a mobile web browser with pre-Manifest v3 WebExtension support, then maybe the status quo doesn't have to change. Advertisers can push whatever they want and the 0.1% of users that want to use uBlock can happily block them all. As far as the current landscape of adblocking goes, I have no real complaints.

If people try to encourage too much radical change with how ads are distributed, I fear that the advertising agencies will panic and all start to do what YouTube does, which is to serve the ads from the same domain as the content, rendering all domain-based adblocking useless. At that point, the only thing between the general Internet and ads will be uBlock, and if Google obtains complete control of the WebExtension standards, I'm not sure there would be anything else we could do.

On iPhone you have Safari content blockers. Better Blocker and Firefox Focus are two popular ones.

There's also a Lockdown, an open source firewall implemented using iOS VPN capabilities (though it doesn't send your requests through an external server). Lockdown is able to block trackers in any app, not just Safari.

My iPad Air 1 is aging, slow, and I loved it but I simply won't replace a machine where a publicly-funded news/docs store app in particular gets laden with unskippable ads.

Half a thousand bucks for this frustration, no thanks! No amount of content/entertainment is worth this.

I have good results with AdGuard on iPhone (functions as content blocker in Safari).

It's not perfect and difficult to customize but works well for the most part. It even gets rid of YT video ads (mostly anyway)

I also combine it with NextDNS

Posting this from my oneplus running firefox and ublock origin. Firefox has been my daily driver on mobile for a few years now (since before Quantum) and it's been reliably great.

I run NextDNS on my phone. It isn't perfect particularly because it is an all or nothing type thing which gets frustrating with URL redirects. But it is far better than not.

Firefox with uBlock works fine on my Pinephone ;)

Run pihole or a similar dns solution at the network level, and you can block domains without installing anything on your devices.

Host based blocking is certainly better than nothing, but uBlock offers much more comprehensive and expansive blocking, not to mention cosmetic filtering and other features that you can't achieve with PiHole/NextDNS/AdguardDNS/Blokada etc..

For sure, it's not as powerful as something that can modify the DOM, etc. But, you can also run both, if you still prefer uBlock on your PC.

Yup, I agree. Running both right now, the additional benefit of moving DNS queries away from my ISP (I pay for NextDNS) is certainly a good one too

I use both - uBO at the browser level and a PiHole for DNS. It's "defense in depth" - there's more than one layer of defense for something nefarious to get through.

Give Brave a try on iOS. Besides offering ad blocking, it can block all JS (unfortunately just an on/off toggle, no subdomain specific settings) and this takes care of most annoyances like cookie pop-ups, article count limiters, ads, etc. On the other hand, mobile websites tend to break more often without JS compared to desktop websites.

On an iPhone?

I was a noscript user from 10+ years ago (I guess?) and I’ve been using uBo for as long as I can remember but isn’t Firefox on iPhone just a wrapper? Is it battery efficient?

As a workaround I use a Pi-Hole (except, not on a pi).

It is just a webkit wrapper. At least the last time I looked into it. UBlock Origin isn't possible. You can get some Apple sanctioned Ad-Blockers, but I think most (or all?) of them use a invisible VPN with DNS based ad blocking.

Mozilla has Firefox Focus for iOS, it does Ad Blocking but it's main selling point is No Tracking, No history and No synced bookmarks either

Install Firefox focus, go to Safari settings, add Firefox focus as Content Blocker and Firefox ( Not Focus, the real one) will show no ads anymore. Works, because Firefox on iOS is mandated to use the Safari engine

Nice, never thought to try that. Makes sense though. Thanks!

You are welcome!

This is one of the top reasons I can't buy an iPhone.

I’m using this on iOS https://better.fyi/ I don’t remember last time I saw ads.

Using Adguard on Android for some years. It works really good with Chrome and all other apps. Mobile browsing without any adblocker is a very bad experience.

Blokada for Android is a pretty good DNS-based ad blocker.

Came here to say this same thing about NextDNS. Plus they'll block ads in apps, which uBlock Origin is not going to help you with. It seems like DNS ad blocking is a pretty good solution on mobile, with different pros and cons.

I do also use uBlock Origin on Firefox Mobile though.

You can definitely do better than use Blokada: https://gitlab.com/fdroid/fdroiddata/-/merge_requests/8536

Or, you can just set a DoT server that blocks ads by default.

or if you have root, AdAway can patch your hosts file.

Brave on iOS is great. So is the DDG browser.

I hear you. One of the greatest reasons I miss Firefox on android was because it allowed ublock.

If you have android you can FF + Ublock on android.

Sadly ios devices don't seem to have that option.

Insight Browser. No affiliation, just a very very happy user.

Firefox focus includes a decent safari content blocker

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact