I did this for the longest time until I realised that because AdGuard works best as a virtual VPN, it is unable to run alongside an actual VPN. Luckily my VPN (and many others) support ad blocking too.
That’s not what I’m talking about. I meant to say that AdGuard on mobile (Android) runs by pretending to be a VPN in order to intercept all connections and filter the ads out of them. This works great to remove ads in apps, etc.
However, because it hooks into the VPN interface you can’t then run another VPN (for example Proton VPN) because Android only allows one VPN to run at any time.
Oh you’re talking about AdGuard VPN not solely the main AdGuard product. Definitely not ideal. It doesn’t offer the same level of features as my current VPN who offers ad blocking anyway. Not to mention a few suspicious quotes from their website:
AdGuard VPN protocol uses the most secure and fast encryption algorithm to date – AES-256
From the very outset, we resolved to develop and deploy an in-house VPN protocol instead of picking a canned solution — that’d be too easy
We are going to make our protocol implementation publicly available in the future. Sadly, right now we don’t have enough time to prepare the project
we collect data about how you interact with our services, how much traffic you’ve used, and for how long have you been using our services
ADGUARD SOFTWARE LIMITED is a company registered in Nicosia, Cyprus, registered office is at Klimentos 41-43, KLIMENTOS TOWER, Flat/Office 25, 1061, Nicosia, Cyprus and acts as the data controller when processing your data
Considering Cyprus telecommunications laws it doesn’t seem like the safest place to headquarter a telecommunications privacy company.
Adguard has been a trusted company in the adblocking space for a very long time, and their CEO and company is quite openly active in the privacy and cybersecurityrealm, so that’s important.
That said, their VPN is a really new product, so there’s a lot of room for improvement.
They do have the best adblocking solution, in my opinion, so if VPN is also needed, they give you something for that. The alternatives are often messy or not totally compatible.
For me, it works great for bypassing geo restrictions, but my threat model isn’t on the extreme end. I got a plan really cheap, so it saves me money over PIA and Windscribe, which i used previously (and sucked for streaming).
I do suggest that everyone find a solution that works for them, regardless of who they go with.
If I had to pick only one of the two, I’d prefer local blocking because it cannot only not load ads, but also remove the placeholder/frame the ad would’ve been in. It’s also better at circumventing anti-adblock scripts.
That being said, DNS-based blocking is great outside of browser use, and it blocks many ads and tracking attempts in mobile and desktop apps.
A combination of both is best, really. I use uBlock Origin in the browser (or AdGuard Pro with Safari on Mac and iPhone) and then NextDNS. NextDNS is configured rather conservative though, because it can cause things to break otherwise, and that’s hard to manage when you’re not the only use of your network.
Another benefit of using uBlock Origin is the ability to use the cosmetic filters so you can remove elements from the page that aren’t served as ads in the typical sense. As an example when you’re reading an article and there’s an obnoxious box half way through that says CONSIDER SUBSCRIBING etc. It’s not loading any external resources, it’s just inlined HTML. But you can enter element picker mode and if you are able to uniquely target that element you can filter it out.
DNS-based blocking more complete for your whole network, independent of the device settings for tech-avers users/kids. DNS-based blocking is less flexible for all users in the network - especially when you need to make exceptions for certain sites. They are also limited to your home network, unless you have a VPN server.
Therefore, for mobile devices app-based blocking is the main way to go.
Consequently, both make sense and your use case is relevant.
For android, you can enable the private DNS function (DNS over TLS) and specify a custom DNS server that has ad/tracker blocking without having to install any apps. That also has the benefit of encrypting your DNS lookups so nobody can spy on it.
I do this but one thing to note is that it can break some wifi capture portals and auth loops, so you might have to disable specified Wi-Fi, connect, and enable. Some wifi has private view DNS records for their capture portal or auth server like clearpass. Additionally, if your phone switches days to WiFi, but you need data to query or resolve your DNS provider and Android doesn’t have it cached, then it can also fail.
I’m using the https://rethinkdns.com/ app, which also gives me a firewall. You do not have to use the app though, you can configure a set of blocklists through their webpage, then add that to Private DNS.
Sounds like it’s pretty much the same as NextDNS this way. Did you ever use NextDNS? If the answer is yes: What made you go with RethinkDNS over NextDNS?
Edit: I just checked it out since it’s free. It’s probably great in combination with their app but without the app you lack a custom white- and blacklist and a query log. Means if you don’t wanna use the app then you can just manage your filter lists but that’s it. And there’s only an app for Android so it’s not very attractive to use on non-Android devices.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !privacyguides@lemmy.one
In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.
This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.
You can subscribe to this community from any Kbin or Lemmy instance:
Check out our website at privacyguides.org before asking your questions here. We’ve tried answering the common questions and recommendations there!
Want to get involved? The website is open-source on GitHub, and your help would be appreciated!
This community is the “official” Privacy Guides community on Lemmy, which can be verified here. Other “Privacy Guides” communities on other Lemmy servers are not moderated by this team or associated with the website.
Moderation Rules:
We prefer posting about open-source software whenever possible.
No soliciting engagement: Don’t ask for upvotes, follows, etc.
Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
Be civil, no violence, hate speech. Assume people here are posting in good faith.
Don’t repost topics which have already been covered here.
News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
No help vampires: This is not a tech support subreddit, don’t abuse our community’s willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
No misinformation: Extraordinary claims must be matched with evidence.
Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.
Adguard with DNS + local blocking is the way.
I did this for the longest time until I realised that because AdGuard works best as a virtual VPN, it is unable to run alongside an actual VPN. Luckily my VPN (and many others) support ad blocking too.
Adguard VPN and Adguard (adblocker) can work simultaneously 😀😀😀
The only caveat is that Adguard VPN only works with their servers, so you can’t, for example, VPN to your home or work network.
That’s not what I’m talking about. I meant to say that AdGuard on mobile (Android) runs by pretending to be a VPN in order to intercept all connections and filter the ads out of them. This works great to remove ads in apps, etc.
However, because it hooks into the VPN interface you can’t then run another VPN (for example Proton VPN) because Android only allows one VPN to run at any time.
Right. I understand that.
What i mean is that if you want to run a VPN with Adguard, then Adguard VPN is compatible.
Not ideal, I get it, but if you need to bypass geo restrictions or to keep your ISP from spying on you, then it works great.
Oh you’re talking about AdGuard VPN not solely the main AdGuard product. Definitely not ideal. It doesn’t offer the same level of features as my current VPN who offers ad blocking anyway. Not to mention a few suspicious quotes from their website:
Considering Cyprus telecommunications laws it doesn’t seem like the safest place to headquarter a telecommunications privacy company.
Adguard has been a trusted company in the adblocking space for a very long time, and their CEO and company is quite openly active in the privacy and cybersecurityrealm, so that’s important.
That said, their VPN is a really new product, so there’s a lot of room for improvement.
They do have the best adblocking solution, in my opinion, so if VPN is also needed, they give you something for that. The alternatives are often messy or not totally compatible.
For me, it works great for bypassing geo restrictions, but my threat model isn’t on the extreme end. I got a plan really cheap, so it saves me money over PIA and Windscribe, which i used previously (and sucked for streaming).
I do suggest that everyone find a solution that works for them, regardless of who they go with.
If I had to pick only one of the two, I’d prefer local blocking because it cannot only not load ads, but also remove the placeholder/frame the ad would’ve been in. It’s also better at circumventing anti-adblock scripts.
That being said, DNS-based blocking is great outside of browser use, and it blocks many ads and tracking attempts in mobile and desktop apps.
A combination of both is best, really. I use uBlock Origin in the browser (or AdGuard Pro with Safari on Mac and iPhone) and then NextDNS. NextDNS is configured rather conservative though, because it can cause things to break otherwise, and that’s hard to manage when you’re not the only use of your network.
Another benefit of using uBlock Origin is the ability to use the cosmetic filters so you can remove elements from the page that aren’t served as ads in the typical sense. As an example when you’re reading an article and there’s an obnoxious box half way through that says CONSIDER SUBSCRIBING etc. It’s not loading any external resources, it’s just inlined HTML. But you can enter element picker mode and if you are able to uniquely target that element you can filter it out.
DNS-based blocking more complete for your whole network, independent of the device settings for tech-avers users/kids. DNS-based blocking is less flexible for all users in the network - especially when you need to make exceptions for certain sites. They are also limited to your home network, unless you have a VPN server. Therefore, for mobile devices app-based blocking is the main way to go. Consequently, both make sense and your use case is relevant.
There are services like https://nextdns.io/ that makes it super easy to use DNS-based tracker blocking on most devices.
Mullvad also has DNS with different kind of blockers: https://mullvad.net/en/help/dns-over-https-and-dns-over-tls/ And for the DNS blocking you don’t need an account.
I’ve been using them for over a year and it works very well.
For android, you can enable the private DNS function (DNS over TLS) and specify a custom DNS server that has ad/tracker blocking without having to install any apps. That also has the benefit of encrypting your DNS lookups so nobody can spy on it.
I do this but one thing to note is that it can break some wifi capture portals and auth loops, so you might have to disable specified Wi-Fi, connect, and enable. Some wifi has private view DNS records for their capture portal or auth server like clearpass. Additionally, if your phone switches days to WiFi, but you need data to query or resolve your DNS provider and Android doesn’t have it cached, then it can also fail.
Or install the open source app AdAway that I guess goes over the DNS block of some servers.
You can do DNS based blocking on mobile, I’m doing it right now.
Private DNS FTW!
I’m using the https://rethinkdns.com/ app, which also gives me a firewall. You do not have to use the app though, you can configure a set of blocklists through their webpage, then add that to Private DNS.
Edit:word
Sounds like it’s pretty much the same as NextDNS this way. Did you ever use NextDNS? If the answer is yes: What made you go with RethinkDNS over NextDNS?
Edit: I just checked it out since it’s free. It’s probably great in combination with their app but without the app you lack a custom white- and blacklist and a query log. Means if you don’t wanna use the app then you can just manage your filter lists but that’s it. And there’s only an app for Android so it’s not very attractive to use on non-Android devices.
I have not used Next DNS, before RethinkDNS I was using Invizible Pro.
I’ve been using NextDNS foe a while. They do similar. I’ll check out rethink though. Always. Open to something different
OK, I was thinking of piHole (+ unbound) as local DNS blocker. Sure, there are other ways. Thanks for clarifying that!
OK, I was thinking of piHole (+ unbound) as local DNS blocker. Sure, there are other ways. Thanks for clarifying that!