Hacker News new | past | comments | ask | show | jobs | submit login

Someone correct me, but can’t ad blockers just be installed through the OS and not be dependent on the browser?

I recall this is what I had to do for Safari since there wasn’t a supported extension for the new browser yet.

This would lessen our dependency on a browser for ad blocking in this ongoing browser war.




You can block the network calls to ad networks on the OS level by intercepting the DNS requests. That's a lot cruder and less flexible than the fine grained control over the DOM provided by a browser-based ad blocker though. If DNS level ad blockers became prevalent websites would also move to circumvent them, which would be a lot easier than with browser-based ad blockers.

It's better to just not let a browser that's user hostile enough to prevent ad blocking win a browser war.


That doesn't get you close to what umatrix offers.

I can throw facebook's servers into my hosts file, but what if I want to permit connections to facebook servers if and only if I am on facebook.com? uMatrix makes that trivial.


That can only do blocking at a coarse dns level. The browser extensions do a lot more. If you want to do everything at the OS layer without browser extensions, you'll have to MITM your ssl connections by trusting your CA and set up a parallel engine that does what extensions do right now.


Congratulations, you have correctly identified the reason Google is pushing DNS-over-HTTPS via Chrome.


I think it can be done through /etc/hosts or similar yes? The downside is maintaining the blacklist, but I believe it’s still doable.


how does this interact with TLS, particularly DNS over TLS? An OS level http proxy would have to MITM the TLS stream.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: