What is your approach to Ad blocking and URL filtering?

Hi, 

When I was on windows I used to switch from uBlockOrigin to AdGuard extension (and back), but after I discovered NextDNS and ControlD Free with malware and adblocking and I switched to Linux Mint I am using different profiles (on my Chromium based browser Brave) to deal with adblocking and URL filtering

In my work profile
1. I have all Brave Shields disabled and all
2. Site permissions on default

3. Using NextDNS for DNS over HTTPS with (in my free NEXTDNS account)  with all security features enabled and only allowing TopLevelDomains which I need for work (disabled all other Top Level Domains) and only OISD filter enabled for privacy

In my personal profile
1. I have Brave adblock shield on standard, except for my bookmarked websites (which are running Adblock Shield in aggressive mode)

2. Site permissions are on block or deny except for: (ask) camera and mic, (allow) images, scripts, sound, V8 optimizer (do not  allow using JIT on HTTP://*)

3. Using ControlD with AdGuard DNS adblocking for DNS over HTTPS https://freedns.controld.com/x-adguard

4. Made a private version of Osprey with only GDATA and Norton (mini-version) and  Potentially Dangerous File Extension Blocker (alo warining foir some Linux file types)

5. Enabled medium blocking of uBlockOrigin in UblockOrigin Lite with some custom DNR rules (allow NL, BE, DE, UK, CO, EU, com, edu, io, net, org TLD's) with all filter lists disabled (using it as script firewall, not as adblocker)

I am wondering what your approach to adblocking and malicious URL's is?

Edited by Kees1958, 07 August 2025 - 10:12 AM.

Edited by Sampei_Nihira, 07 August 2025 - 10:42 AM.

@Sampei_Nihira

You are correct about the performance impact, that is why I only disable it on insecure HTTP websites because of the security benefits

@Kees1958

1. Almost no one here probably knows the purpose of using different profiles in Chromium-based browsers.
2. Potentially Dangerous File Extension Blocker should probably be highlighted with a link.
3. The private version of Osprey should be shown in the dedicated thread because, apart from me, no one else probably understands what you mean.

Debian with Brave as my primary browser. Brave settings are restricted much like yours plus I have Brave clear cache and cookies and history on shutdown.

I did have Privacy Badger and uBlock Origin as extensions and system installed. Since the grand Google corp is slamming both of those extensions from the EFF, I removed them as extensions but still have them installed system level. Since I removed them as extensions I've installed Privoxy and Portmaster. Portmaster is available for Windows but Privoxy isn't.

I shy away from browser extensions because so many of them can be compromised which in turn can compromise the browser and, the Operating System, to a limited degree even Linux.

I used to use the hosts file. I have a BASH script built that downloads, concatenates and cleans up extraneous lines from a good handful of online hosts files before updating my hosts file. The problem with that approach was that my hosts file grew so large that on low end PCs the browsers slowed way down. I've debated on using just one online source, the Steven Black source, but there are so many other solid entries in the other sources I just can't leave them out. So, what I did was switch to Privoxy which uses DNS sources to filter and Portmaster which augments the firewall. And I enable the ufw with default settings on every fresh install.

Thanks for your replies.

@pSCHYOtRAL I always prefered DNS level caching over HOST-files. Also I am with Peter Low (a small blocklist works as good as large blocklist). In advertising the number one (Google) has a marketshare of around 40 percent, Facebook the number two hits the 20% mark while the number three (Comscore) just has a little over 2.5% marketshare. Just have a look at the usage statistics of W3tech website (also check the analysis and tag managers) see https://w3techs.com/technologies/overview/advertising.

A study performed by Brave browser seems to support above claim: QUOTE "WE FOUND THAT ONLY 201 RULES ACCOUNTED FOR 90% OF THE BLOCKING ACTIVITY" (see https://brave.com/the-mounting-cost-of-stale-ad-blocking-rules/). That is why I am using free ControlD (malware blocking) with AdGuard DNS blocklist as DNS-over-HTTPS (ControlD privacy policy looks good to me).

I am using GuFW with Opensnitch and have the same hesitation about adding to much extensions. Also some (although a few) stories about extensions changing owner and going rougue, made me decide to use only open source extensions, which I have downloaded as ZIP and checked (and adopted the code as explained below) myself. Nowadays with AI you can ask any AI-agent to check the javascript on suspicious connections, code or obfuscation constructions (when you ask Leo, Brave's AI-agent, to be in the role of a security specialist with extensive javascript coding experience). 

Downside of having your own local unpacked extensions is that I have to enable developer mode in Brave (which seems to lower some security checks some say). That is why I have enabled the flag PartitionAlloc with Advanced Checks to mitigate Use After Free bugs (which represent according to AI for nearly 70% f the bugs) and block javascript execution in FILE:///* and block use of V8 optimizer for HTTP://*  and am I using Ublock Origin Lite as third-party javascript blocker (simular to https://www.wilderssecurity.com/threads/ublock-origin-lite-nice-adblocker-for-modern-challenges.454317/page-4#post-3237031 but I am only blocking javascript and have allow rules only for HTTPS websites). 

@ Sampei_Nihira 

You are right Potentially Dangerous File Extension Blocker  https://chromewebstore.google.com/detail/potentially-dangerous-fil/biaiklkognaclgklcdlpgiajdgjofoai  I added 5 file types listed in the background.js VAR blocked table. 

Osprey Browser Protection (https://chromewebstore.google.com/detail/osprey-browser-protection/jmnpibhfpmpfjhhkmpadlbgjnbhpjgnd) had 16 security services listed (over 4 pages). Enabling just GDATA and Norton provided nearly same protection as when enabling all (because of the overlap) with my limited testing using (URLhause, Malshare, Virussign, Phishtank, Openphish and AA419). GDATA only keeps de-personalized hit statistics of malware URL's blocked for a few months and Norton keeps URL's visited with IP derived location data for 50 months).

Brave shields only influence my speedometer 3.1 test a little: disabled = 18.6.  standard = 18.4 to 18.5 and agreesive 18.2 to 18.3. uBOL takes away another 0.2 of the performance score (Adguard 0,3 and Privacy Badger 0,3 and all other adblockekrs lower the score from 1 to 4,5 full points).

Edited by Kees1958, 09 August 2025 - 10:53 AM.

 

@Kees1958

 

1. Almost no one here probably knows the purpose of using different profiles in Chromium-based browsers.
2. Potentially Dangerous File Extension Blocker should probably be highlighted with a link.
3. The private version of Osprey should be shown in the dedicated thread because, apart from me, no one else probably understands what you mean.

 

Christ. You sound as though you spend more time configuring & securing your browsers than you do actually running them..! 

Still, I guess everybody needs a hobby. They do say that geeks are their own worst enemies.... 

Mike. 

Edited by Mike_Walsh, 09 August 2025 - 10:55 AM.

@Mike_Walsh well some people like to tweak things. 

I have to confess I had a hobby like that. I used to spend more hours repairing and rebuilding my old Laverda motor bike than driving it. I could easily spend a few Saturdays fiddling with needle and nozzle's of the three carburetors, When it finally was in showroom condition I sold it. :-) 

Edited by Kees1958, 10 August 2025 - 02:14 PM.

> I am wondering what your approach to adblocking and malicious URL's is?

When I briefly scanned through what you wrote, I thought, holy crap, I should be asking this guy these questions, at least summarily, about why he does all these things.

I practically use four profiles: one normal (with all the extensions including uBlock Origin, Osprey, Privacy Badger, ClearURLs, and others), one normal-incognito (with a reduced number of extensions), one important (with credential extensions and Privacy Badger only), and one important-incognito (with the same extensions as the previous). The important profiles are used with websites that I normally log into and then definitely log out after I am done. The reduced number of extensions is to minimize the attack surface from malware, rogue, or supplanted extensions. The incognito profiles are used to reduce the number of active extensions and to avoid leaving browsing traces.

Edited by Dill2046, 11 August 2025 - 01:23 AM.

> I am wondering what your approach to adblocking and malicious URL's is?

 

When I briefly scanned through what you wrote, I thought, holy crap, I should be asking this guy these questions, at least summarily, about why he does all these things.

I practically use four profiles: one normal (with all the extensions including uBlock Origin, Osprey, Privacy Badger, ClearURLs, and others), one normal-incognito (with a reduced number of extensions), one important (with credential extensions and Privacy Badger only), and one important-incognito (with the same extensions as the previous). The important profiles are used with websites that I normally log into and then definitely log out after I am done. The reduced number of extensions is to minimize the attack surface from malware, rogue, or supplanted extensions. The incognito profiles are used to reduce the number of active extensions and to avoid leaving browsing traces.

Seems you thought it over well with 4 profile. When you are on Chromium based browser, you could set some site permissions on block or don't allow, When I understand your approach this could be feasible for yor normal and normal incognito profile. In the Normal profile you could block adding protocol handlers, USB devices, Serial Ports, File Editing, HID devices and Payment handlers (for increased security). In the Normal incognito you could additionally add blocking access, to Mic, Camera, Motion Sensors, MIDI divices, Clipboard and Window Management (for increased privacy).

Great setup  

Edited by Kees1958, 11 August 2025 - 05:02 AM.

When you are on Chromium based browser, you could set some site permissions on block or don't allow...

 

Thanks for the tips! I will ponder how I could incorporate those.

I use uBlock Origin and have no ads it's all ya need.

Ublock origin is the best extension for blocking Ads but Chromium browsers do not have access to it in the google store. Brave has a good built in Ad blocker.

What was the reason for Google discontinuing ublock origins ?

What was the reason for Google discontinuing ublock origins ?

In a nutshell In Manifest Version 2 (Mv2) extensions were allowed to use the WebRequest function in Manifest V3 (Mv3) this was replaced with Declarative NetRequest function (or API). Also to the (java)scripts which provided advanced functions needed to run in the background using service workers (which complicated stuff for adblockers) and the format of the block rules changed from AdBlockPlus to Declarative NetRequest Rules (DNR). These DNRules are more flexible. As an example Peter Low's List contains over 3000 ABP-rules but can be implemented with 1 DNR-rule.

The reason for these changes were (according to Google) security and performance, but adblock developers said it was only to make life harder for them and prevent Google losing more advertising income. Initially the new Mv3 limitations crippled the adblockers, but Google has shifted a little towards the extension builders and extension developers have found ways to deal with the manifest 3 limitations, so they were able to provide 95% of the functionality of old Mv2 extensions. AdGuard Mv3 is as good as AdGuard Mv2. 

Chrome started to phase out Mv2 extensions. This is the reason uBlockOrigin does not work in Chrome. Other browsers (Brave, Edge, Firefox) have said they would continue to facilitate Mv2 extensions using the WebRequest API. It is unknown for how long these alternative browsers will allow Mv2 extensions. 

Edited by Kees1958, 29 August 2025 - 12:24 AM.