Ad blocking done right

Why Adblock Plus isn’t good enough

Adblock Plus isn’t perfect. I don’t just mean its blocking abilities; the filter lists are very good. The problem is we are filtering content at our web browser. This impacts Firefox’s overall responsiveness, it is detectable (Adblock doesn’t replace ads, only removes them), and it is not very cross-browser. My Adblock Plus on Firefox and Adblock Plus on Chromium are not synchronized. If I block some content on one, I must either devise a system for them to automatically share filter lists (a waste of time) or manually synchronize them (a bigger waste of time).

It also is antithetical to what a web browser should be doing: browsing the web. Not filtering content. Filtering is simply not the job of the browser.

Moreover, I cannot implement Adblock Plus in any sort of gateway format. Maybe this doesn’t matter to you, but it impacts one of my future projects: my plan is to eventually use a powerful single-board computer in conjunction with a pair of Ethernet switches, openvpn, DNSMasq, and iptables to create a powerful, centralized filtering service for my network traffic. This lets me offload filtering services from my main computer, which needs its CPU power to compile things and crunch numbers with mathematica, not filter, secure, and log network traffic.

This is why Adblock Plus on Android is implemented as a local proxy and not any other design choice. It is simply more powerful that way, and it means Adblock does not care what the web browsers are doing, and the web browser does not care about the logic of the content filtering service.

A better adblock

I use a localized privoxy for my filtering. It is customizable and uses powerful regex-based filtering like Adblock does, but it is wholly separated from the guts of your web browsers. This means you can share the filter lists between browsers, choose which browsers use it and which don’t on the fly, use the same popular filter lists from Adblock Plus, and much, much more.

All content that enters your web browser is now at the mercy of your filtering software. This includes cookies, HTTP headers, and even DNS requests if you’re willing to go the SOCKS route.

Privoxy is completely customizable, in all of these areas, from both simple and well-documented configuration files or a web interface that is disabled by default. It offers multiple levels of default configurations, from basic, very safe settings to filtering-rich configuration to all-out complete control over HTTP behavior.

To use it, you just start the service, then change your browser’s proxy settings to point HTTP and HTTPS traffic to

localhost:8118

Then you will want to edit the configuration files. Then, to configure blocking, you can use privoxy-blocklist.sh and set it as a cronjob if you want regular updates. Otherwise, Privoxy provides great defaults at the medium level of filtering, and user customizations can be added in the file

/etc/privoxy/user.action

in the form of regex + actions as documented in the default action file. Ideas can be found in the various adblocking filterlists out there, but the final decisions are yours.

This is the method I use, since it forces me to regularly spend time in the privoxy configurations, tweaking and improving the more advanced features that are provided. I suggest playing around with Panopticlick and wireshark to get an all-around idea of how your browser is behaving, then adjusting the privoxy settings to taste.

If you are not willing to tinker with this software, then the improvement gained over Adblock Plus is worthwhile but minimal. But for the power user or system administrator, the difference is huge.