There seems to be a lot of misinformation about Apple’s stance in this thread.
Apple explicitly allows and provides APIs to develop content blockers.
Apple does not allow content blocking through custom VPN implementations, seemingly because these a) introduce a performance impact, b) may be confusing for users as it’s abusing the point of VPNs, and c) may allow more easy abuse, as VPNs can do a lot more than just block content. This is what the article linked as evidence for Apple’s policy covers, and the statement provided by Apple, while not especially clear, does match up with this.
The linked app is a Safari-only adblocker which doesn't cover apps, so I feel the title is pretty accurate. There have been full system ad-blocking solutions developed for iOS and apple refuses to host them, it's a statement of fact.
`a` is permitted for other apps; `b` is, as far as I know, not a criteria anything else gets judged on; and `c` is the point of having a curated store, because any app "may allow [...] abuse".
That's a rather uncommon exception. Very few apps load ads in a web view. Mainly because, imo, the ad platforms want a lot more user data than they'd get that way. And fraud would be a bit harder to detect.
There are two modern web views in iOS. The SFSafariViewController is an out of process view. The hosting app doesn't have access to the DOM or what the user enters. The user has access to all of the same cookies, saved passwords, and ad blockers that they would have in Safari. The other (WKviewController?) is your standard embedded web view. It doesn't share cookies, passwords, etc and the embedded app has more access to the web view.
Why stretch the facts to make it seem like Apple is allowing system-wide ad blockers? You seem to concede repeatedly it doesn't, yet argue that as long as Safari is covered, even when hosted in 3rd party apps, it's the same thing?
How am I "stretching the facts" by stating the technical limitations and benefits of Apple's approach (i.e. not introducing a third party that can potentially track all of your internet activity)?
This isn't theoretical. iOS apps were in fact storing and selling data that went across the ad blocking VPN solutions.
Ad blocking Chrome plugins have a sordid history. Why would I trust them on my phone when I can set up my own solution relatively easily?
The IOS solution for in browser plug ins is more secure and it protects your privacy.
Sure, you also get it in embedded safari views. You still can't block apps in ads, you can just block ads in content your apps show, usually incidentally - those ads in the feedly view are not _Feedly_'s ads.
I can honestly say that I have no apps with embedded ads. If it's an app I'm going to use, I pay for the no-ads in app purchase. If it's an app that doesn't allow me to pay for a no ads version or that's not worth paying for, I uninstall it.
There is one exception. Overcast, my podcast player. There is a no ads in app purchase, but the ads are usually for other podcasts in the same category that I'm listening to. The ads are actually useful.
Only VPN apps doing regular VPNs are allowed, obviously they have a performance impact, but that’s necessary for what they do. Anything using a VPN to implement other behaviour is not. Apps get judged on usability when it comes to system level concepts like VPNs all the time - keyboards are an example where there’s a lot more review for usability and “playing nicely”.
Not quite true. Charles Proxy uses a VPN in order to inspect network traffic, and that was approved. But I think in the general case what you said is correct and that Charles Proxy's approval is an exception.
True. I wonder if that’s because it’s explicitly a developer tool, and developers will understand what’s going on, and the risks/benefits of using a VPN.
I think the main reason they block apps using VPNs for other things is that it’s very easy for them to break internet on the whole phone with buggy software, and Apple don’t want lots of support time at the Genius Bar of turning off crappy ad blocking VPN apps.
It's probably partially that, and partially the fact that the VPN usage here is obviously beneficial. The information doesn't leave the device and it doesn't interfere with the normal workings of the apps (like ad blocking does). There's no reasonable complaint to levy against what Charles Proxy is doing. Versus ad blocking, which many people think is beneficial but which is clearly detrimental to app developers (especially when they end up blocking more than just ads, as sometimes happens).
Sure they do. My Fire HD tablet has a simple option in Settings-->Security & Privacy-->Apps from Unknown Sources. I have a number of F-droid apps installed. I also have the Play Store hacked in, but F-droid only required downloading the app from the web. Standalone APKs can also be installed.
Apple's move against device-level ad-blocking came coincidentally soon after the news regarding Facebook using a non-FB branded VPN to gather user data.
Walking the line between the pro-privacy aspects of VPN ad blocking and the the very anti-privacy possibilities that such functionality enables isn't easy. There's nothing to stop any VPN from scary levels of metadata collection, but Apple did close the door to one way of promoting or selling these services.
App devs hate hearing this, but I've always found it interesting that Apple doesn't try to take a cut of ad revenue that apps receive. And yet they insist on taking a cut of "tips" and pretty much any other revenue stream. I'm glad they don't because it would put them in an adversarial position with privacy.
I guess they tried with iAds, but even that was going to be optional I believe.
> There's nothing to stop any VPN from scary levels of metadata collection, but Apple did close the door to one way of promoting or selling these services.
What I do now -though on Android- is using WireGuard as VPN to my home router which runs basically a Pi-Hole (and WireGuard).
The benefits:
1) I get a system-wide adblocker on top of uBlock Origin.
2) My mobile provider cannot perform DPI (Though its owned by same company as my cable company. YMMV, plus it will work when you roam internationally. Heck, I can perform DPI on it via my router.)
3) When on a public WiFi (e.g. railway station) all my data is encrypted.
4) When I switch networks it automatically swaps connection.
5) Far less performance hit and battery usage than traditional VPNs such as OpenVPN. Home router also barely uses any Watt.
Brilliant software, I can highly recommend. My only beef with it is that a full blown SDN such as ZeroTier is a lot easier to set up.
I recently acquired an Edgerouter-Lite (EdgeOS / Linux MIPS), with a RPi (Raspbian / Linux ARM) behind it also running WireGuard/ZeroTier/Tor (WG in case I need more horsepower on the ER-L). WG works on OpenWRT as well, though ZT doesn't work on EdgeOS (there's an obscure Linux MIPS *.deb somewhere but the c++ lib is too out of date on EdgeOS). [1] OPNSense is in the works [2], and also runs ZT. If you're not afraid to build your own I can recommend PC-Engines APU2 + OPNSense [3]. For me it'd cost too much time/effort to build/maintain, YMMV.
Thanks. I have a similar setup, with Edgerouter X and rpi running pi-hole. I hadn't realized what Edge route can run wireguard, thanks. I've been thinking about running VPN on the rpi since pihole barely uses any cpu but have been procrastinating, might have to take a relook.
Easiest way to address the claims, let me know if you need a more detailed breakdown:
Note Facebook's VPN is still available - they're just not allowed to advertise it blocks ads, which they never did in the first place.
There is no misinformation about it. Apple has made it clear to the system-wide blockers developers that this was happening because of ad blocking.
There are still a lot of apps using the VPN API for additional purposes. For instance, AdGuard Pro for iOS is still there, and it lets users use DNSCrypt or block domains manually. The difference is that it does not do system-wide ad blocking by default.
I don’t think they’ve made that clear at all. To me it seems they’ve made it clear they don’t want misuse of VPNs. The fact they provide APIs to do ad blocking across all web content says that they are very much ok with it.
I note from reading AdGuard’s App Store description that it seems to do as blocking with the content blocking APIs, and uses the VPN only for DNS changes.
Blocking ads system-wide with DNS filtering (intercept dns requests, block ad and tracking domains) is exactly what AG was doing before the policy shift; and it is still able to do it, but now the default blacklist is empty because of Apple.
Right. So now it is NOT a VPN ad blocker. It’s an ad blocker using the system frameworks, plus a VPN app that allows finely grained network customisation, one use case of which is ad blocking, but not one that the app itself encourages. That fits my hypothesis.
I am moving towards the much more radical solution of blocking advertising supported sites entirely.
I am not against advertising in general. It doesn't bug me that there are ads for car dealerships on TV, but the flood of personal injury lawyer ads damages the perceived legitimacy of the government and social system. (As well as the many other ads that are not aimed at getting people to spend their own money but instead to get benefits such as the "Medicare Advantage" scam.)
Web advertising and other distractions (pop ins, "will you let this site make notifications?", Taboolah, Outbrain, "This web site uses cookies...", 20 email messages a day about IBM Cloud outages that didn't affect me, "GDPR is here and our policy has changed...") are immediately harmful in terms of cognitive load (lowers effective IQ,) stress, mistakes, missed appointments, opportunities, bills not paid on time because you had to delete 200 spam messages and accidentally deleted something important. That and the phone that never stops ringing with somebody who wants to lower my interest rates...
I think long term you are training your brain to not accept the cues that "something is important". After 20 or 30 years of that who knows what that will do you? (Whenever I show my wife something from a porno site she can't see the content in the midst of all the lurid and animated advertising.)
It is like Milo Yiannopoulos; it looks like communication but it is better to think about it as noise, static, or nerve gas.
I blacklist any site that is anti-adblocker. You should grab an old computer and install pi-hole on it and you will be able to blacklist sites and just stop the ads from getting into your home.
https://pi-hole.net/
GDPR is a disaster. Already I am getting overwhelmed by requests from people who don't want people to know that they are running a business at such and such an address and I can only assume they are running a criminal business.
There are two ways that "privacy" can be violated: (1) somebody exploits your data, or (2) somebody violates your space. Something like GDPR addresses (1) and might put an end to those shoes from Zappos that keep following you around, but it does not stop the disincentives that destroyed the world wide web.
> Already I am getting overwhelmed by requests from people who don't want people to know that they are running a business at such and such an address
Huh? What does this mean? I've been getting the usual "Please consent to let us continue spamming you" emails, but I have no idea what your sentence above means. Can you elaborate as it's not clear what you're talking about.
(sorry for out of sequence reply but I could not reply directly to the message in question)
I run a business directory site, or at least used to until this morning. If I was like many people I would blame GDPR, but really I figured I rather spend the money I was spending on AWS on something else.
I'm still not getting this... did people get in touch and say "I don't want people to know I'm running a business at this address"? Or did they say "Please remove me from your business directory which you added me to without asking"?... and how does your mind jump to "must be criminals" - are there intermediate steps in your logic or is it just: doesn't want me to have their business address on my database = criminals?
My directory was generated from public information (the Legal Entity Identifier)
The EU has been making moves towards financial transparency largely driven by the UK getting on the open data bandwagon. (Ten years ago they were much worse than the US in terms of seeing government data as a revenue source, now they are far ahead of other countries.)
This is endangered by Brexit and GDPR.
One part of the global governance crisis is that legislators have been captured by a "one dollar one vote" situation and in turn cannot maintain tax rates that produce sufficient government revenues. Thus the bureaucratic sectors have focused on keeping the lights on by trying to get people to pay what they owe. Given massive tax evasion by the rich that has to be a priority so general transparency around cross-border financial transactions has to increase.
Perhaps some people who want to be "forgotten" are not criminals, but when you look for specific cases of people who are making these requests they are frequently white collar criminals who are hoping they can sweet talk somebody again into another chance to lie, cheat and steal to pay for gambling or cocaine or whatever.
Perhaps some people who want to be "forgotten" are not criminals, but when you look for specific cases of people who are making these requests they are frequently white collar criminals who are hoping they can sweet talk somebody again into another chance to lie, cheat and steal to pay for gambling or cocaine or whatever.
This seems like a slightly modified version of the old, “if you have nothing to hide...” saw and I don’t like it.
I have an aunt who has a nursing degree, burned down a barn with horses in it and attempted to kill two people (her mother and her sister) by injecting them with insulin. At some point in between all of that she drove a school bus and for some reason decided to slash herself up with razor and claim that she was assaulted.
We heard that she'd gotten a job as a nurse and we we wonder how that happened. My father-in-law was in the hospital (not where she worked) and she changed his IV bag when it ran out and started beeping.
A week later we read in the paper that she was raiding the medicine cabinet at the nursing home she worked at and found out she was also stealing ADHD medication from her grandson.
Turned out she failed to tick the box that asked if she'd ever committed a felony and the employer was too busy to run a background check on her SSN.
Dangerous people are out there.
That kind of behavior is a direct threat to life but I think tax evasion, corruption, rent-seeking, a lack of responsiveness to problems such as global warming, homelessness, and affordable housing and similar behaviors threaten our civilization and one thing we know is that when a civilization goes down the people left behind turn their back on everything that civilization stand for. (Ex. look what happened when the Christians took over Rome)
The main thing our civilization stands for is individualism and if you like the idea of being able to decide anything at all for yourself (or people 50-100 years) you should have been helping turn the ship around 20 years ago and it might be too late now. (Eg. Listening to people like Frederick Hayek is the real "road to serfdom")
An Iranian physicist living in the UK threatened to sue me under the UK libel laws because he thought I brought attention to him that might lead Iranian grad students to come around looking for job. Well, I was chewed up and spit out by that system and I was not going to be intimidated by that -- if you are sitting pretty on a tenured job on the back of young people in an unfair situation you deserve to hear the voices and see the faces of people who are harmed by your privilege. It is not such a big thing.
Somehow your domestic intelligence service, foreign intelligence services, organized criminals, rip-off artists and other people are going to steal your information and the more that information is pushed underground the more impunity that they are going to operate under.
(To paraphrase Heinlein: a transparent society is a going concern)
Yes, and psychopaths like your aunt exist, but if we design society around authoritarian ideals designed to totally eliminate their ability to do harm society breaks every time. A balance has to be struck that acknowledges the presence of a significant minority of criminals, while protecting the rights of the majority. A thousand anecdotes will not change that.
Just as a meta note, if you click the timestamp of the post, you'll be taken to a page with a comment box. HN has some rate-limiting where it hides the comment box for some period of time, but you can get around it by clicking the timestamp next to their name.
Job ads being one. Also, HN has behind the scene deals to peddle certain news organizations ( nytimes, wapo, wsj ) and certain ngos with certain agendas.
What do you think HN is? What do you think dang, sctb and the mods do?
The company in the source article also has a DNS service (adguard dns: 176.103.130.130 & 176.103.130.131) that blocks ad domains.
It works pretty well, but requires trusting them to follow their privacy policy (which is good) as with any DNS provider.
I've found it useful and lower maintenance than other approaches, but you trade power and flexibility. And is presumably less performant than preventing the lookups in the first place.
I'm in very early phase of the development of a search engine. I will _not_ index ad serving pages maybe sometimes even whole hosts. Adblock rulesets like easylist will help with this.
I know about Million Short, but it's not that comprehensive and AFAIR uses Google's index.
Also I'm expecting it will result with a significantly smaller index, so maybe I will be able to finance it from my pocket. Small index will enable offline use - download via torrent the whole index and use it offline. With some incremental updates afterwards. However it would still be in the magnitude of tens of gigabytes, on the condition it would really be small enough.
The next level for me would be a HTML-only web browser that would offer permanent reader-mode like behavior. But I have too many projects already.
Hey, I am in exactly same shoes. I am also in early phase of development of a search engine with only free, non-auth walled content, apart from blocking ad serving platforms. I would like to discuss and see if we can work together. Care to talk? Email in profile.
Just because you don't like Milo doesn't mean he doesn't raise legitimate points. It's better to think of him as a standup comedian. He's really no different than any other politically-charged standup act.
I've actually found some of his critiques insightful. I mean, yea he's loud and says a lot of crazy shit, but overall he is challenging people, getting them to think about unpopular opinions.
Hypothetically it pays for the content. I think practically most content gets ripped off and copied and has ads slapped on it. If you are using a programming language (say Python) that has useful documentation (Clojure is a counterexample; just buy Rick's book.) you are almost always better off looking up things in the manual because Google surfaces advertising sites that add nothing but mistakes, omissions, broken English, etc. I think of how 80% of the Python answers on stack overflow have something like "print x" and won't work on Py 3.
It is hard to find content which is really worthwhile on the advertising supported web. The very nature of it is that valuable content is devalued relative to spam. Like Gresham's law, bad content drives out good.
i dunno. i've had reasonably good luck on StackOverflow for android related questions. given Google's sometimes inconsistent/irregular APIs and documentation, and a certain amount of bugginess, Android devs would have a lot harder time without SO.
but, your comment highlights a kind of surprising reality about ad dollars and Google. i mean, StackOverflow captures a significant quantity of ad money from Android related content because, in the early days of Android development, Google itself directed Android developers to StackOverflow.
No, it doesn't, and that's one of the most pernicious myths.
1. It's not free. Advertising is a $600 billion industry annually, with online over a sixth of that. This is largely imposed on the wealthier billion global inhabitants, so figure roughly $600 overall or $100 for Internet, per person, per year, if you live in the EU, US, JP, CA, AU, NZ.
2. Good content goes wanting. Advertising seeks to maximise eyeballs, not content quality. Good sites go wanting: LWN, Linux Journal, Nautilus, just off the top of my head. Markets and information are a poor match.
Information is a pure public good. Finance it as such.
Joseph Stiglitz, "Knowledge as a Global Public Good," in Global Public Goods: International Cooperation in the 21st Century, Inge Kaul, Isabelle Grunberg, Marc A. Stern (eds.), United Nations Development Programme, New York: Oxford University Press, 1999, pp. 308-325.
I didn't say there were no other options. I just criticised the one option we would very likely end up with by default if advertising were to be curbed somehow.
Maybe I'm too bitter and jaded to fully appreciate the joys of the status quo, but I'd add at least one adverb between "Ad" and "pays", and remove three words between "ur" and "internet" before agreeing with the sentence.
See all those downvotes you are getting? Thoughts like this are not welcome here on on HN. I agree with you, but I stay silent most of the time to avoid getting downvoted.
> Thoughts like this are not welcome here on on HN
Allow me to gently disagree. The comment above is dismissive and makes assumptions, both of which the HN guidelines suggest avoiding. It also doesn't offer any supporting evidence.
If the comment had some supporting argument, if it made a strong case that ads are economically necessary, and if it contributed to the discussion in a positive way, it might be upvoted instead.
It's very easy to dismiss downvotes as cliquish disagreement or tribal behavior, but doing that won't help you learn. It's much better to assume votes are being cast for legitimate reasons and ask yourself when you see or get downvotes if the comment in question is really the best way the idea could have been presented. It's very easy in written text to say something in a way that comes off very different and much more negative than you intended.
I encourage you to share your thoughts rather than stay silent, but to also stay positive, and be conscious of assumption and conscious of style.
The person certainly could have expressed himself better. You seem a lot more eloquent. You might be able to make counter-points much better than I can.
Those downvotes are because the internet existed before ads, and its factually incorrect.
If you feel like giving a more nuanced opinion with some arguments (eg, free content via ad supported model is better than the others because blah), you might find the downvotes dont come as fast and furious.
So, my next smartphone will be iPhone, even if I prefer open source. AdBlockers are just too important. Not only they protect your privacy, but they also stop some malware programs that use ads for spreading. And don't Google & Amazon already make 30% from app sales?
That’s not about adblocking but about using vpns for a purpose that is not a virtual private network. The general adblock system works in Safari as well as other apps that use web views though.
If we're talking about non-VPN solutions, then Android continues to allow several ad-blocking solutions such as browsers with it built in, or browsers like Firefox which run extension systems which support popular blockers like Ublock Origin.
Does iOS support custom browsers like Firefox running their own engine and extension systems? They never did when I was a user.
I was under the impression that Firefox Focus blocked ads in some other apps as well but that doesn’t appear to be the case indeed, at least not in Chrome.
Firefox Focus ships with a content blocker extension, I think, so it can block ads in Safari and third-party apps using SFSafariViewController. Chrome uses a webview, so the content blocker won't work there.
Everyone basically wants to exert just enough elbow grease to get something for free rather than contribute to the world they say they believe in.
"If you need ads to make money then your business should fail" is a common thing you'll hear among people who continue using sites/apps that depend on ads instead of investing in ones that don't.
If HNers can't even be bothered, then how is anyone else? We're going to be stuck in this status quo for a long time and the only survivors will be the large businesses that can afford it until the main websites people use are about as varied as our ISPs, maybe even the same.
Which of these do you prefer? I used fdroid but haven't installed a system ad blocker. I just use firefox focus which does a good job of preventing trackers and most ads but it's not perfect.
I have run AdAway for years. It works great and has great features such as auto-update of sites. It also lets you whitelist or blacklist additional domains locally.
Plus Samsung doesn't support is products. Last year I got a critical security update labeled july.. In December. And they have a bunch of garbage custom apps. Great hardware, poor service
Check out https://blokada.org/index.html . Creates a VPN tunnel for your traffic and routes through a host file. Even let's you set name servers. Can't do that on iPhone necessarily. Root not required!
The problem is that on an iPhone you are locked into those
applications in the Apple App store (unless you jailbreak).
On an Android device, you can install 3rd party applications
directly. AdGuard, for example, has a stand alone method
for direct downloads.
I'm guessing you're downvoted because your implied solution is no better (and arguably worse) than parent's "unless you jailbreak". Regardless, it's not a solution for "normals":
1. Download and install Xcode.
2. Find the source code for the application you want. You know GitHub works, right, Grandma?
3. Compile, sign, and deploy to your device. Assuming it built without error, that is.
4. Aww, shit, Apple's signing process is still a hot mess. Best get to Googlin' on those validation errors!
Generally, those that go down this path use a much more streamlined solution like downloading an IPA file and using something like Cydia Impactor (http://www.cydiaimpactor.com) to sign and install the app. It least, I think that that's easier than finding a kernel bug in iOS…
…so it uses the VPN API, just like the apps that have been banned from the App Store/Play Store/Appstore. Adaway requires root because it modifies /etc/hosts.
Apple bans system-wide adblock as well. Mobile Safari ships with adblock IIRC but that doesn't help with all the other random apps that want to show you ads. Meanwhile, despite Google & Amazon's changes, you can still install any adblock you want on an Android device without using a computer or paying for a signing key as you'd need to on an Apple device by just downloading the APK using Chrome and installing it directly. Alternatively, you could install an alternative app store like F-droid and then install & upgrade adblock apps through there.
I'm confused. Doesn't the article say that Apple similarly prohibits ad blockers from their app store? And besides, installing a "third party" apk on an Android phone is trivial, and there are third party "stores" like F-Droid which offer a myriad of open source apps. I seem to recall that Apple makes the installation of third party apps relatively more difficult. I have not used an iPhone in quite some time, so I feel that I must be missing something.
Apple also blocks VPN-based adblockers from their appstore, and unlike Android you cannot easily sideload apps on iOS.
There's technically a way to do it, but you need to plug your phone into your computer and re-push them every 7 days, unless you pay $99/year for a developer license. Or jailbreak, of course, which has its own problems.
It is, but system-wide ad blocking is disabled by default. You need to manually add filters subscriptions or hosts files in order to get it back. Not that it's much of a problem, though.
In my home network, I run https://pi-hole.net on a Raspberry Pi that is plugged into a USB port in the wall where it can't be seen.
Almost all generic ads are blocked and those that do get through can easily be blacklisted. No need for any help from Apple/Google/Amazon. I wish I could somehow make it portable.
Don't worry, the marketers will get to you soon enough.
Google has already wedged themselves in as the "gold standard" dns provider. My gut says eventually Apple/Google/Amazon will start forcing blessed devices to use their own name services. For the good of the user, of course. Ahem.
> Google has already wedged themselves in as the "gold standard" dns provider.
Run. Your. Own. Resolver [full stop]
I'm both amazed and devastated how even seasoned privacy hackers will just pop 8.8.8.8 into their respective resolv.confs. What are they thinking?
I know how people tell stories about how 8.8.8.8 (or 1.1.1.1) are so nice and fast (which simply sounds like they are mirroring the advertising for these services by the letter), but honestly, that doesn't matter: The first visit to any site is slow, and has been slow for years (downloading all those megabytes from a dozen origins simply takes its time); waiting another half-second to have your own resolver look after some unknown hostname – which will be cached, locally, much faster than anything 8.8.8.8 could do for you – really isn't worth spilling your entire browsing history onto Google's reception desk. Not for me, anyway.
I think that's unlikely, as there are too many internal services within corporate networks that will never show up in the global DNS. Google would rather people use Chrome at work.
That's okay if you run your own router. Point your device to that as default gateway, then the router can catch any DNS connections and do pi-hole style lookup mapping.
That's a hard game to win in the end. Odds are the new and improved name services you're required to use won't really look much like DNS today.
Initially they'll be implemented as DNS over HTTPS, with devices being shipped preconfigured to favor those HTTPS endpoints over name servers provided by the local network. From there the traditional DNS bits will eventually be removed in favor of whatever proprietary mechanisms defined by Google/Amazon/Apple.
The only way to use Google/Amazon/Apple services will be by bootstrapping from hardcoded list of bootstrap ips in their product, secured by a similarly hardcoded CA certificate.
Would a Pi Zero W powered by four 18650 Li-ion cells in parallel with a charging board [1], and a 4G HAT module [2], that runs a little over 24 hour continuous operation, work for your definition of "portable"? The drawback with this approach is you would own a separate SIM and plan for the 4G data. I'd also like to figure out how to cram another WiFi board on to run WiFi As WAN, but HAT stacking is hit and miss.
How do you deal with https traffic? Wouldn't you need to MITM proxy everything and install CA certs on the client? And wouldn't that reduce client side security since all certs would be signed by the same CA?
Pi-Hole is just a DNS-based adblocker. It returns 127.0.0.1 (I believe) for ad-serving domains, so it happens before https even starts to be negotiated.
For hosts files, 0.0.0.0 is generally preferred, which marks the host as unreachable, rather than localhost (127.0.0.1, etc.), which might well recieve and try to process the request.
I'm using the defaults, but from the sounds of the documentation having it return 0.0.0.0 might be beneficial. It certainly explains some weirdness that I've seen when using Pi-Hole.
I have this on my mobile device. I'm using Wireguard as a VPN and the DNS sinkhole is on the server. I haven't noticed any severe latency problems, but yea, I've noticed that the battery runs out sooner. Encrypting/decrypting adds enough overhead that it's noticeable.
You can run PiVPN (via, say, OpenVPN) to tunnel back to your PiHole. Just tell PiVPN to use your PiHole DNS. You can VPN into the same rPi as PiHole and get an ad-free experience when you are not at your home.
> They need to realize that it is your device, your personal data, and it is you who should be in control.
The idea is sound but it doesn't apply to Amazon, or Google's stores. They're under no obligation to host any app in particular and it should be expected that apps that bite the hand that feeds them would be quickly removed.
And Google is free to use its billions of dollars of stashed away money for "lobbying".
I'm sure it's going to be a fair fight between the little guy that has a million other worries in his little life and the corporation whose business model is being threatened and therefore will have a laser like focus across years or even decades.
Laws don't protect consumers or enforce moral obligation and you know it. They serve as a facade to the population to keep society from disintegrating.
Direct boycotting of companies forces change very quickly.
I'd say Amazon is different, but Google has a monopoly in mobile operating systems worldwide (certainly in the EU), so I don't think it should be allowed to block apps that hurt its business. That seems quite anti-competitive to me. Plus, ad-blocking has been deemed legal by at least four courts in Germany, and I believe in the U.S. and Canada, too.
Also you could have used the same "don't bite the hand that feeds you" argument with VOIP apps on carrier networks. And yet, most countries have passed laws against ISPs banning competing services on their networks.
In general I agree with your sentiment. I do think this is different, in a nuanced way, from the ISP bans though.
The ISPs banned them from their platform. Google and Amazon allow these apps on their platform (the Android OS), but are banning them from their app distribution channels.
Taking Google's perspective for a moment, they are not willing the facilitate distribution of apps whose sole purpose reduces their revenue.
These ad-blocker apps can still be distributed and installed outside the app store. I can download from adguard.com and sideload it onto my device.
The interesting question here is if the app stores are considered a functioning monopoly on apps. I lean toward yes.
I wonder if there should be a similar law to the “right to repair” automotive laws, but for general software installation or removal for other devices?
If a company both controls the production of the device and the sole means by which a user can install software on the device, then maybe the company should be legally obligated to host some app, or jump through hoops to get approval to ban an app, or the app can go through an appeal process to argue if the ban is anti-consumer.
I’m not saying this applies to Google or Amazon right now, under the current mechanisms for installing software on devices. I’m sure it’s a complicated issue.
That's actually startling close to the GNU/FSF ethos. The whole Free Software movement is about being able to control the software that runs on your devices (and be able to fix/modify that software as well). The difference is that they don't seek to do it through legislation, but instead through advocacy.
That's only true if you limit your focus to phones. There are a lot of other consumer electronics that only let you download software from their appstore. Game consoles are a big one (as I understand it, purchasing physical media from 3rd party stores isn't an exception to this because in order for a company to publish their software for these platforms on physical media they must still go through Microsoft/Sony/Nintendo's approval process.
True, I should have expanded my line of thought : I don't think that consumers are majorly hurt when a game console can only install apps/games under its manufacturer's approval.
Sure, it is not a black and white situation and indies are certainly hurt by this. Also you can install general purpose apps on consoles nowadays; so the line is blurring.
When we are talking about a general purpose device like a phone or a desktop computer though; it really irks me that you need an approval to distribute your app.
We have already seen OS creators forbid an app before sherlocking it, or refusing to validate a satirical app.
Recently both Valve and Telegram have been unable to get their apps approved. I have worked in the music industry and this is sadly really common .. if you work on a music streaming service, it is a huge PITA to get your app approved. It is almost if the people in charge of the OS do not want the competition..
I make this distinction because I think it is way more hurtful when communication or news apps are impacted by this kind of practices and these are pretty vital.
Entertainment apps being hit by this also hurt the consumers by artificially distorting the competition.
Ads Blocker are an edge case. They interfere with other apps, which I feel is ok to forbid. I think that all apps should be obligated to provide a tracking + ads free version but I don't think they should be mandated to make that version free. Especially when ads blockers are often a racket to get your ads networks whitelisted as long as you pay.
IMO there's a moral problem with ad blocking, which is that it's basically stealing.
Like it or not, many popular websites and services online gain income from advertising. By using them while blocking their ads you're basically getting something for nothing by gaming the system. It's probably against their ToS (but who reads that right?). It probably says: We serve ads. If you don't like that don't use this site.
One might say that ads are distracting, annoying, resource heavy, and sometimes downright malicious. I think so too. However that is essentially the "price" of ads, and this price is known in advance. Blocking ads for these reasons while continuing to use the sites is not unlike eating at a restaurant and leaving without paying because you think their prices are exorbitant: It might seem morally justified but it's theft because the prices were known in advance.
I think one of the main reason people don't dine-and-run (yet install adblockers) is that it's hard to do a moral wrong so close to the source, e.g seeing the waiters, being there in person, risking an unpleasantness drama, etc. (This is well known psychological phenomenon which name I can't recall.) In contract installing an adblocker is fast and feels totally unrelated to the 2nd party. It makes it easy to feel like you're fighting the bad guys (ads and the terrible ad-tech) and forget whose revenue you are withholding for your own benefit.
Personally I resisted installing adblockers for a long time though eventually I caved in (ad-tech got really bad). I honestly don't know what the solution is.
It's certainly nothing remotely close to actual larceny, so when you say "stealing" I assume you mean "acquiring something in violation an explicit or implicit contract." I couldn't disagree more. If such a contract existed, it would mean that every time I download an HTML document, I am obligated to download and execute each resource, document, script, etc. that the HTML document links to, and to do so recursively for each linked document. This would include CSS styles and JavaScript that might make the page unusable for people with certain disabilities or on certain browsers and connections. It would also include all media, which could be slow and/or expensive depending on my Internet connection. It would also include all advertisements, including those that include malware. It would also include all tracking and analytics scripts, which may violate my privacy or even threaten my safety depending on my circumstances and location.
If this is not your argument, please clarify, but it seems like the inevitable conclusion of your claim that visiting a web page obligates me to download and execute other resources that the web page publisher desires. If, at the end of a meal, my waiter brought me a check and a USB drive with software that the restaurant wanted me to install on my computer, I would pay the check, but I wouldn't install the software. If, before the meal, the restaurant informed me that I could not dine there unless I installed the software, I would gladly do neither.
I don't see what the technical capabilities have to do with the morality of the issue. You might just as well modify a downloadable binary to neutralize license checking code to avoid paying for the software. Does the fact that you can do this make it not stealing?
If you want to exploit your technical capabilities to deny publishers their revenue, don't fret when publishers do the same with DRM, walled gardens and other such measures.
Current adtech practices need to be made both illegal and technically impossible, but that obscenity does not make ad blockers more moral. Two wrongs don't make a right.
No one owes publishers revenue. As a society, we might have some conditional agreement to restrict freedom of information transfer for some specific purpose like encouraging art, but if that purpose isn't being served well, or even isn't popular, them it is that same societies right to remove those restrictions.
Publishers are not merely "information transfer". They are largely content creators. Whether that content is music or news or something else, it costs money to produce.
Using that content without paying for it (with ad impressions or direct sales) when those payments make the creation you consume possible in the first place – there is no moral high ground in that.
By ad blocking you're just taking things for yourself while relying on others to pay for your share of the cost to produce the content you're consuming. Zero marginal cost is not such a big intellectual barrier to understanding that this is unfair and unsustainable.
People are quite content with ad blocking only because someone else has to pay for creation of the content they consume. Of course people are content getting a better deal than other people.
But you can't translate this individual selfishness into a general society-level desire because ad blocking only works when not everyone is doing it. On a society level, if you don't pay for something, you don't get it, because there is no one else to pay for it. Whereas what people want is to get something without paying for it.
And if you claim the society is in agreement that ad based business models are unacceptable, I'm yet to see any indication of that. People really like not paying for things with money, and ads let them do that.
But what people like to do even more is taking without giving in the name of some unconvincing ideology.
> However that is essentially the "price" of ads, and this price is known in advance.
No. The price is absolutely not known in advance by design. There's no way to me to audit which "partners" a site I visit will share my browsing data with. If ad providers were transparent about how my data would be used and who it would be shared with you might have a point. But most current TOSs leave the door open for tracking data to be shared with anyone for just about any purpose in the future.
It's as if I walked into a department store and the price on goods was unknowable - the store just reserved the right to take money out of my account at any point in the future but assured me that amount would be "small" with nothing contractually binding them to that.
I don't agree. If someone got a magazine, and before reading it they cut out all the ads are they committing theft? If I mute my radio while ads play, am I a thief? I'd bet that most reasonable people would say no. The content providers serve the ads, how end users interact with them is up to said users.
Ad blocking, in my view, is analogous to muting your radio. The content provider delivered the ads, how the user interacts with them is up to each individual.
> If someone got a magazine, and before reading it they cut out all the ads are they committing theft?
While cutting the ads you'll get such a good look at them, ads companies will be thrilled and beg you to do it :-)
> If I mute my radio while ads play, am I a thief?
The behavior of people watching TV or listening to radio is well studied. Here's some facts:
1. even if you change the station, you'll still see or hear some ads, especially if you want to get back to what you were watching, as people keep changing back and forth — and those ads are for brands mostly, therefore it's enough for you to see Coke's logo for you to pick it in a store as the "safe" choice
2. many TV and radio stations synchronize their ads breaks
So are you committing theft when skipping commercials? If you use automation for it, the jury is actually still out and there have been several lawsuits already.
Also skipping ads might be legal still, but there are always legal loopholes. For example circumventing DRM is not legal and it's only a matter of time before media networks wise up.
And note there have been other doomsday scenarios in the past. For example the rise of VHS was a similar event, allowing people to record shows and skip ads. But even so, ads kept being efficient and publishers and media networks survived. However this time the automation has reached a level unprecedented in history.
What do you think will happen if companies start going out of business due to ad blockers? They'll start lobbying of course and lobbying works.
For magazines you could have a friend or a robot cut out the ads, for radio you could switch to a CD while the ads run. Basically, I'm trying to get at the more fundamental question: do users have an obligation to consume the ads that are served to them, in the manner that the content provider dictates? And if so, how should this be enforced?
>Do users have an obligation to consume the ads that are served to them
Yes, if it's part of the content and they want more of that content. But they have no obligation to want that content.
> in the manner that the content provider dictates
They don’t dictate how you consume ads, they try to predict it and adjust for it, but they don't dictate your actions
>And if so, how should this be enforced?
Legally it shouldn’t be. The advertiser can do whatever they want to their content to get you to consume ads, but they shouldn’t be able to do anything past the boundary of their content.
There's a very simple way to enforce payment for content. It's called a paywall. If it turns out readers are not willing to work over actual money, then maybe the content is not as valuable as the publishers thought.
Oh please. That's about as dishonest and manipulative as calling copyright infringement piracy.
The real truth is nobody really cares about how much money these people are losing. We're looking out for ourselves because companies won't. Just because you're serving some content I may or may not be interested in doesn't mean you get to rape my ears with loud autoplaying videos I don't want to watch.
Are you truly implying I have no right to control what my eyes and ears and brain experiences? That I have to be literally forced to view and remember every single piece of content --- ads or otherwise --- on a site that I visit, just because the "content author" wills it!?
It is very rare that I will use such strong language, but to anyone who truly believes such things: fuck you, and I very much hope you will be the one someday tied into a chair and unable to escape with your eyelids forced open to watch and listen to a barrage of unescapable ads and answer questions correctly about everything you were forced to consume before being allowed to consume the actual content itself in the same way. Because that's what you're implying the world should become --- literally a form of torture and mind-control.
"Blocking ads for these reasons while continuing to use the sites is not unlike eating at a restaurant and leaving without paying because you think their prices are exorbitant"
Do we really have to replay all the arguments we had during the Napster days about the difference between rivalrous and non-rivalrous goods?
These analogies to real-world objects never work. If you have a case, it's not going to rest on "you wouldn't steal a car" type arguments [0].
It's obvious that piracy is also theft. But adblocking is worse: The damages of piracy are hard to measure (and are therefor overestimated by it's victims) because many "pirates" would not pay for the pirated, non-rivalrous good if piracy wasn't available.
However blocking ads (especially when done by prevent them being fetched) directly damages the 2nd party at a known price. Each individual pageview has a cost to serve it, and a revenue gained from it (via ads). In that sense what we're stealing is actually pageviews, which have (IMO) more in common with physical real-world objects (rivalrous) than a digital copy of a file.
> However blocking ads (especially when done by prevent them being fetched) directly damages the 2nd party at a known price.
Now what if I use ad nauseam and "click" on every ad on the site? Is that theft too? What if I'm blind and use a screen reader, am I stealing from the site?
Finally, if the answer is yes, why is stealing the other way ok? I don't recall any sites paying out victims after serving ads containing malware. What about sites (or ads) stealthily using my computer's resources for bitcoin mining? They're stealing measurable resources from me and I am not being compensated.
In a previous comment you called malicious ads "the price of ads" that is "known in advance". This doesn't seem fair. Why does the end user bear all the responsibility for keeping the ad economy afloat and healthy while the sites serving the ads bear none?
Edit: One last thing. If ad blocking is truly analogous to retail theft. Content providers and ad networks should be regulated just like retailers are to make sure they are not ripping off their users by serving malicious or harmful ads or using their data in ways not agreed to in advance (i.e. effectively charging users above and beyond the stated price).
Seems analogous to say it's stealing TV when you don't watch the commercials, or clipping out ads before reading a paper? It doesn't make sense. I have control over what code is run on my computer. Allowing one party to show me content and blocking others isn't stealing or even in a grey area.
Yep- there is a sports chat site I frequent that straight up locks out my browser when I come through corporate proxy- because they are blocking ad pages on proxy.
A very important distinction between theft and adblocking is that you show yourself the ads. You (i.e. your browser on your behalf) requests that the server send you an html document, then you go and look up all of the ad links and make requests to those servers. Then you download all of the images and texts from those servers and render them on your own screen.
Every step in this process is voluntary:
- What if I decide I don't want to make requests to the advertiser's servers just because an html document suggested it?
- What if I decide I don't want to render an ad, just because I downloaded it from somewhere?
Contracts, like the one you're proposing here, are agreed upon by both parties. I agree to download your ads, if you agree to provide me access to the site. Paywalls work like this, ads don't. Ads are a polite suggestion that I'm free to ignore.
Online content is the textbook public good. It doesn't compare to anything like cars, food, or computers. There is no harm from using an adblocker. It doesn't compare to normal theft in any way. You can argue it's immoral, but calling it theft and comparing it to stealing physical things is always bogus.
Online content is not exactly the same as physical goods, but it's not that far either:
- it costs very real money to produce, and
- it costs very real money to be served and to remain online.
These costs may be covered by ads, by subscriptions, by sponsors, taxes, voluntary contribution or anything else, but the they still need to be paid for.
I don't know anything about AdGuard in particular, but the general category of "Adblocker that is a really a VPN that really just loads a DNS server to block ads" is really problematic as:
- cause lots of weird networking issues (impacting perceived stability)
- are often "Free" b/c they are swapping in their own ads and malware [1]
- are just in general a poor way of loading a hosts/dns file that in many cases they don't even own (they're just pointing to a freely available one)
I used adguard and still do without any issues. Maybe there are weird issues, but they are vastly overwhelmed by the immense data and processing savings from no data siphoning happening.
Adguard was/is a paid app that didn't substitute any ads nor collect data.
I am running pi-hole at home and push out that pihole DNS to my VPN clients and my phone is always connected to my VPN. I never trusted any of these phone platforms to do anything in my best interest anyway.
Last time I looked at a “system-wide” adblocker, it was just a vpn service with proxied your traffic (not just DNS) through a who-knows-what server. That seemed really sketchy to me, and I doubt most users knew the implications of it.
System-wide blockers on both iOS and Android do use the VPN API, but the idea is to intercept your outgoing traffic on the TUN interface, emulate the TCP/IP stack, and filter it locally, right on your device.
They are actually local VPNs looping back to your device. That's the only way to change DNS servers when on cellular data. Until Android P, which will finally allow that.
Would it be possible to skirt these policies by having a system-wide ad blocker that's only partially configured? Either the user has to modify their systems settings to use the local VPN or take some action to load or enable the blocklist.
Bans like this seems to increase the opportunity/value for "alternate" app stores outside the recommended vendor, offering things that the vendor wont.
EDIT: Point is that many apps receive a ban because they conflict with the interest of the phone vendor, but they can still be of great use to users.
I wish I lived in a world where that was the more feasible route. Sadly as it is, ad-supported is much more effective than the traditional model of paying for software.
Yes, that's exactly it. FireOS is a fork of Android with all Google's stuff pulled out, and Amazon wants their piece of the mobile advertising pie as well.
Because they're in the business of selling things, and many of the "things" they sell monetize via ads. It's an indirect way to killing their rev.
Also, yes, Amazon does lots of retargeting/ad purchasing, so it means they're wasting those dollars as well, again killing their rev.
There's no reason for them to support ad-blocking (other than like, being opposed to massive corporations doing nefarious things, but how could THAT thinking infect a massive corporation)
Presumably Amazon wants developers to continue to support their devices. That becomes much harder to do if, given that the market already does not favor apps which charge up front, they are seen as aiding the only other (semi-?) reliable form of raising revenue.
I think ads are just fact of life nowadays and not necessarily a bad thing. Ads shouldn't be annoying nor should they be creepy. Like for example, if you google tips to lose weight, you shouldn't be bombarded by pictures of half naked dudes with six pack abs. Nor should you be seeing things you buy frequently due to the fact that you used an in-store membership card.
I wish Google, Facebook and Apple would provide a way to say what kind of ads they'd like to see. Like I have no problem in seeing ads related to cool kickstarter projects, music equipment, tech devices, software development related tools, etc etc.
I mean sometimes that is what I only see and i am like happy with the fact that I am forced to see ads. And then other times I am starting to see things that I really don't care about simply because I had a whim to go down some rabbit hole on Google.
I think some developers use ads very responsibly and I think that overall denying those developers the right to generate money off your usage prevents them from growing their business and creating better products. I tend to think of flappy bird when I think of great ad placement. The ads don't get in the way of the game. They don't pop up while you are in mid game to try and trick you into clicking. They only appear after you died and they aren't full screen and annoying with a tiny little x you might miss.
I mean that is the kind of ads that I can live with and I think everybody else should have to live with too. Hell I even might give them a click every now and then despite the fact that I am not interested in buying the advertised product.
I just think of it like throwing some change in the hat of a busking street artist. It's the least I could do to encourage them to continue pursuing their art.
The only way to consume content the way you want to on locked-down devices is to basically MITM your traffic and run it through something like Proxomitron[1] or Proximodo[2].
I continue to find it ironic that the very same technology, often detested in discussions here, and present in the middleboxes that companies use to block/filter/inspect the traffic between their networks and the Internet, can also be used under your control to enhance your computing experience. I believe that everyone should have complete ability to modify the traffic that flows to/from the devices they own, and this is something which those who strongly support making connections "more secure" and harder to MITM often fail to consider.
I use a VPN service that happens to include an ad blocking feature. I wonder if that will be blocked too? It's PIA, which is very popular.
Of course the feature goes unused; I simply refuse to install an application that includes advertising code. Instead, if available, I pay for the ad-free version of the app. Bonus points if that's the only option. The play store helpfully points out most advertising built into apps, so this is pretty easy to do. Combined with Firefox for Android which lets me run uBlock Origin, I have a completely ad-free mobile experience.
Don't system wide ad blockers rely on using a VPN to block ad traffic? Wouldn't that mean that you could just install the OpenVPN app and use a special ad-blocking proxy?
At home, I just block ads and the DNS level. Run dnsmasq, send all known ad serving domains to 0.0.0.0, and have DHCP point clients’ DNS to your dnsmasq server. Done! Site-wide ad blocking that works on all clients and platforms, without a VPN and without permission from any vendor.
The problem on iOS and other mobile devices is that, when not using WiFi, you don’t have any place to put such a block.
I find iOS content blockers work decently but it is still possible to have an overwhelmingly better experience on the desktop due to the multiple crap-blocking mechanisms available.
As long as you don't care about your privacy. Everything going through a third party VPN is yet another app that has access to your data.
With the built in web and web view ad blocking framework on iOS, the ad blocking app doesn't see your browsing history. It installs a JSON file that Safari uses to know what content to block.
It's not a complete system wide solution but it does protect your privacy.
Yes, I’m positive that the security/privacy risk is the reason why Apple banned VPN based ad blockers. There’s no way for Apple to verify that VPN apps aren’t siphoning off data, making the whole thing a gamble and huge PR disaster waiting to happen (“Apple found to have allowed internet siphoning apps on store for years”). Loss of blocking ads in apps is a casualty, not a goal.
If it didn’t mean a revolt from countless app devs I’m sure they’d be perfectly happy to implement something similar to Safari’s content blocker system for the entire OS.
Exactly. What does Apple have to gain from not blocking advertising? It makes no money from adverting. Blocking advertising not only hurts it's major competitor but would also force apps to monetize via actually getting people to pay for apps. They would get a cut from the revenue. Apple makes no money from free advertising supported apps.
And yet on Android, you can easily install a systemwide adblocker, while on iOS you need to jailbreak or reinstall every seven days. iOS is user hostile, and I'm constantly surprised that anybody who is a developer would willingly use it.
If by "easily" you mean use a third party app store that most people aren't going to use and now you have one central app that has your entire data usage history to sell to the highest bidder....
> If by "easily" you mean use a third party app store that most people aren't going to use
Whether most people will use it or not is not relevant to how easy it is. Just go to https://f-droid.org, click the download button, click on the downloaded notification, and follow the prompts.
> and now you have one central app that has your entire data usage history to sell to the highest bidder....
The apps on fdroid are open source and use a reproducible build system.
So now "easily" has turned into going to a third party App Store and either blindly trusting an app wont surreptitiously store and forward all of your data or either trusting that someone else has audited the code or audit the code yourself and to be doubly sure, build the code yourself.
>So now "easily" has turned into going to a third party App Store and either blindly trusting an app wont surreptitiously store and forward all of your data or either trusting that someone else has audited the code or audit the code yourself and to be doubly sure, build the code yourself.
The thing with open source reproducible builds of popular software is that somebody else has already done that verification, so you don't have to do anything. That's how easy it is.
To get the same level of assurance on an iOS device, you would have to reverse engineer the app binary. Of course, it's not even possible to begin with because Apple doesn't allow system-wide adblockers at all.
How well did that "open source reassurance" work for finding the security vulnerability that led to HeartBleed? The vulnerability went undiscovered for 1.5 years?
Isn't the more practical and impactful option not patronizing services/apps that rely on advertising to raise revenue?
Then why are you using it?
Let me turn this on you: Why do you feel you shouldn't be paid for your work
I am not using Android, I buy products where the value proposition is simple -- I give Apple money and they give me stuff. Neither my computer or phone has third party crapware and my computer doesn't look like a NASCAR car with dozens of stickers you can't remove.
I use AdGuard and it is great. It is not only ads that I happily block, but all the analytic, it is unbelievable all the requests that are made by apps, even when not using them.
> Maybe they should focus on the quality of ads, because currently they are complete garbage. And privacy invading.
I prefer low quality ads because I can be more confident that they won't effectively manipulate me. I like to avoid the influence of pure product-propaganda on my decisions.
There are many other other ways you can do that, so I simply cannot find a reason to care for your "plight". I hope the ad industry burns in flames and everyone who works in it finds other, better things to build then garbage no one is willing to pay for.
I use ad blockers since forever, howver I just find it extremely mean and unethical that a company like Adguard makes profit by depraving others from their lawful profits by blocking ads. Ad blocking by its nature should not be commercialized.
Apple explicitly allows and provides APIs to develop content blockers.
Apple does not allow content blocking through custom VPN implementations, seemingly because these a) introduce a performance impact, b) may be confusing for users as it’s abusing the point of VPNs, and c) may allow more easy abuse, as VPNs can do a lot more than just block content. This is what the article linked as evidence for Apple’s policy covers, and the statement provided by Apple, while not especially clear, does match up with this.
I think the title should be reverted to remove Apple, as they do allow ad blockers on the store (I personally use 1BlockerX https://itunes.apple.com/gb/app/1blocker-x/id1365531024?mt=8 )