From Newsgroup: uk.comp.sys.mac

Just wondering, and asking tentatively (just low expectations on who'll respond ;-)) what's the general consensus on Ad blocking and DNS servers
here these days?

I tend to either use OpenDNS or CloudFlare in my router DNS settings.
That's just to give a minimum setting for my entire network.

I've tried one or two others, but I can say that for speed I really
can't tell much difference between them all, or even my ISP settings.

My main reason for using them is just for another level of privacy and security.

Trying out various Ad blockers for Safari over the years, I've ended up
with lifetime licenses for 1Blocker and AdGuard, as well as owning Wipr.

I had been using NextDNS for a couple of years (using individual device profiles), but I feel the plethora of settings and options just means I
end up down a rabbit hole. I'm always chasing my tail trying to keep
some stuff working, and I've better things to spend my time on.

I did try using the local hosts file, but that just ended up with
hunting around for what breaks a website (usually it's ones I really
want to use).

Of course I'm not using all of these at once, it was all in an attempt
to find something that really offered good protection, as well as being
nearly 'fire and forget'.

So, I kept cycling though them all, trying different setups, but they
all failed at one thing or another - breaking legitimate websites, or
not blocking much at all, and some being too intrusive overall.

However, I think I've got somewhere near it lately, and annoyingly it
didn't need any expenditure (having paid for much of the other stuff).

I've just had another go with uBlock Origin Lite, and tweaked the
settings in it (I hadn't done that previously). Well, blow me if that
doesn't work better than anything so far. It even makes a reasonable job
of filtering the ridiculous amount of adverts and cruft in FaceBook.

I know it's one of those things that'll get ten different answers from
ten people, but any opinions are of interest.

Cheers.
--
Andy H

--- Synchronet 3.21f-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

Andrew Hewitt <thewildrover@icloud.com> wrote:

I've just had another go with uBlock Origin Lite, and tweaked the
settings in it (I hadn't done that previously). Well, blow me if that doesn't work better than anything so far. It even makes a reasonable job
of filtering the ridiculous amount of adverts and cruft in FaceBook.

I know it's one of those things that'll get ten different answers from
ten people, but any opinions are of interest.

Full-fat uBlock Origin and Firefox, plus on iOS Brave with ads blocked.
uBO works in Android Firefox but I don't think it works in iOS FF (which is just a Safari skin).

Keep a second browser without adblock for those times when a site
doesn't work, or when you need tracking links to work for some reason.

DNS blocking is more useful for blocking ads inside mobile apps, as well as blocking telemetry.

Theo
--- Synchronet 3.21f-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac



On 05/05/2026 14:17, Theo wrote:

Andrew Hewitt <thewildrover@icloud.com> wrote:

I've just had another go with uBlock Origin Lite, and tweaked the
settings in it (I hadn't done that previously). Well, blow me if that
doesn't work better than anything so far. It even makes a reasonable job
of filtering the ridiculous amount of adverts and cruft in FaceBook.

I know it's one of those things that'll get ten different answers from
ten people, but any opinions are of interest.

Full-fat uBlock Origin and Firefox, plus on iOS Brave with ads blocked.
uBO works in Android Firefox but I don't think it works in iOS FF (which is just a Safari skin).

Thanks Theo,

I was mainly interested in working with Safari to be fair. I do keep
Firefox installed on all devices for sure, but as you say, on iOS it's
got no options for extensions at all.

I have tried so many times to make the switch to FF, but for me, I have
never really warmed to the UI, especially on the iOS devices, where it
seems like everything is hidden.

Keep a second browser without adblock for those times when a site
doesn't work, or when you need tracking links to work for some reason.

Yes, I do use that as an option too.

DNS blocking is more useful for blocking ads inside mobile apps, as well as blocking telemetry.

Of course, although I just found that creates a lot of headaches with non-browser apps.

For some I have now deleted the apps, and use web links from the Home
Screen for things like Facebook and YouTube, so they get handled by
uBlock, but still look like an app in the UI.

Sounds like I'm on the right lines though.

Cheers.
--
Andy H

--- Synchronet 3.21f-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

Andrew Hewitt <thewildrover@icloud.com> wrote:

Just wondering, and asking tentatively (just low expectations on who'll respond ;-)) what's the general consensus on Ad blocking and DNS servers
here these days?

I tend to either use OpenDNS or CloudFlare in my router DNS settings.
That's just to give a minimum setting for my entire network.

I've tried one or two others, but I can say that for speed I really
can't tell much difference between them all, or even my ISP settings.

My main reason for using them is just for another level of privacy and security.

[...]

I use the VPN from Private Internet Access (PIA) who offer their own proprietary DNS and with that their included optional MACE service.
That blocks domains used for ads, trackers and malware and it works
really well.

I use no other third party ad-blockers at all, only those built into
whichever browser I might be using. I very rarely see any adverts
at all. If there are web sites which won't work using it, they can be configured in the PIA app to bypass the VPN. In practice, I use a
separate browser configured to bypass the VPN for all those sites.

I couldn't be more pleased with this setup.
--
^-^. Sn!pe, bird-brain. My pet rock Gordon just is.

--- Synchronet 3.21f-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

Sn!pe <snipeco.2@gmail.com> wrote:

Andrew Hewitt <thewildrover@icloud.com> wrote:

Just wondering, and asking tentatively (just low expectations on who'll respond ;-)) what's the general consensus on Ad blocking and DNS servers here these days?

I tend to either use OpenDNS or CloudFlare in my router DNS settings. That's just to give a minimum setting for my entire network.

I've tried one or two others, but I can say that for speed I really
can't tell much difference between them all, or even my ISP settings.

My main reason for using them is just for another level of privacy and security.

[...]

I use the VPN from Private Internet Access (PIA) who offer their own proprietary DNS and with that their included optional MACE service.
That blocks domains used for ads, trackers and malware and it works
really well.

I use no other third party ad-blockers at all, only those built into whichever browser I might be using. I very rarely see any adverts
at all. If there are web sites which won't work using it, they can be configured in the PIA app to bypass the VPN. In practice, I use a
separate browser configured to bypass the VPN for all those sites.

I couldn't be more pleased with this setup.

+1 re PIA.
--
Cheers, Alan
--- Synchronet 3.21f-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac



On 05/05/2026 21:27, Alan B wrote:

Sn!pe <snipeco.2@gmail.com> wrote:

Andrew Hewitt <thewildrover@icloud.com> wrote:

Just wondering, and asking tentatively (just low expectations on who'll
respond ;-)) what's the general consensus on Ad blocking and DNS servers >>> here these days?

I tend to either use OpenDNS or CloudFlare in my router DNS settings.
That's just to give a minimum setting for my entire network.

I've tried one or two others, but I can say that for speed I really
can't tell much difference between them all, or even my ISP settings.

My main reason for using them is just for another level of privacy and
security.

[...]

I use the VPN from Private Internet Access (PIA) who offer their own
proprietary DNS and with that their included optional MACE service.
That blocks domains used for ads, trackers and malware and it works
really well.

I use no other third party ad-blockers at all, only those built into
whichever browser I might be using. I very rarely see any adverts
at all. If there are web sites which won't work using it, they can be
configured in the PIA app to bypass the VPN. In practice, I use a
separate browser configured to bypass the VPN for all those sites.

I couldn't be more pleased with this setup.

+1 re PIA.

Interesting, thanks, I'll have a look at that.
--
Andy H

--- Synchronet 3.21f-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

On 5 May 2026 at 21:27:18 BST, Alan B wrote:

Sn!pe <snipeco.2@gmail.com> wrote:

Andrew Hewitt <thewildrover@icloud.com> wrote:

Just wondering, and asking tentatively (just low expectations on who'll
respond ;-)) what's the general consensus on Ad blocking and DNS servers >>> here these days?

I tend to either use OpenDNS or CloudFlare in my router DNS settings.
That's just to give a minimum setting for my entire network.

I've tried one or two others, but I can say that for speed I really
can't tell much difference between them all, or even my ISP settings.

My main reason for using them is just for another level of privacy and
security.

[...]

I use the VPN from Private Internet Access (PIA) who offer their own
proprietary DNS and with that their included optional MACE service.
That blocks domains used for ads, trackers and malware and it works
really well.

I use no other third party ad-blockers at all, only those built into
whichever browser I might be using. I very rarely see any adverts
at all. If there are web sites which won't work using it, they can be
configured in the PIA app to bypass the VPN. In practice, I use a
separate browser+ another configured to bypass the VPN for all those sites. >>

Interesting, thanks, hadn't realised that.

I couldn't be more pleased with this setup.

+1 re PIA.

+ another
--
Cheers, Rob
Sheffield, UK
--- Synchronet 3.21f-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

On 05/05/2026 12:39, Andrew Hewitt wrote:

Just wondering, and asking tentatively (just low expectations on who'll respond ;-)) what's the general consensus on Ad blocking and DNS servers here these days?

Don't know about consensus but I use PiHole on a separate Raspberry Pi
for blocking ads on all devices while at home.

If you only have the one computer and don't want to bother setting-up a separate DNS server, then you can run it locally as a Docker (or
Orbstack) image. Instructions here:

<https://www.reddit.com/r/pihole/comments/19astrk/how_to_run_a_pihole_server_locally_on_a_mac_in_10/>
--
Bruce Horrocks
Hampshire, England
--- Synchronet 3.21f-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

On 07/05/2026 22:16, Bruce wrote:

On 05/05/2026 12:39, Andrew Hewitt wrote:

Just wondering, and asking tentatively (just low expectations on
who'll respond ;-)) what's the general consensus on Ad blocking and
DNS servers here these days?

Don't know about consensus but I use PiHole on a separate Raspberry Pi
for blocking ads on all devices while at home.

If you only have the one computer and don't want to bother setting-up a separate DNS server, then you can run it locally as a Docker (or
Orbstack) image. Instructions here:

<https://www.reddit.com/r/pihole/comments/19astrk/ how_to_run_a_pihole_server_locally_on_a_mac_in_10/>

Thanks Bruce. I have thought about the Pi option, but not sure I really
want to muck about with extra hardware and setting up of such.

I was having enough bother with NextDNS. It's not that I wasn't capable,
it's just that the trying to keep up with the moving goalposts was
becoming more bothersome, rather than just accepting that some sites may
just end showing me some adverts, or might collect some of my data.

I feel that I can only fight it all to a point, in the end I still want
to just use stuff. But I'd like to think I'm doing a reasonable amount
to minimise annoyances and risks. The rest I can deal with in other ways
- like using Apple's built in tools, such as Private Relay, and Hide
My Email, and creating unique passwords, as well as the privacy and protections that Safari offers. They may not be perfect, but what is?

There seems to be a lot of variations between not bothering, and overly aggressive, and breaking too much desired functionality.

I'm kind of looking for install and forget, more or less. Some
additional preferences are fine, but all too often I've found important
stuff doesn't work because I selected one option too many, and finding
what did it can be frustrating.

Cheers.
--
Andy H

--- Synchronet 3.21f-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

On 05.05.26 13:39, Andrew Hewitt wrote:

Just wondering, and asking tentatively (just low expectations on who'll respond ;-)) what's the general consensus on Ad blocking and DNS servers
here these days?

I do not know what the consensus is but I can tell you how I organise it.

DNS only encrypted via DNS over HTTPS. As browser I use primarily
Firefox which allows this in the settings.

To block ads I use the FF-extension uBlock Origin and NoScript which is extremely powerful but not so easy to handle as user. On Macs I use
uBlock Origin Lite with Safari. So far the only really useful adblocker
for Safari so far.

For very fundamental reasons I do not trust any DNS operator with
censorship also called adblocking.
--
"Ave! Morituri te salutant!"
--- Synchronet 3.22a-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

On 05.05.26 16:14, Andrew Hewitt wrote:

For some I have now deleted the apps, and use web links from the Home
Screen for things like Facebook and YouTube, so they get handled by
uBlock, but still look like an app in the UI.

Sounds like I'm on the right lines though.

I think you are very much on the right track. If you use these social
medias through a browser you have full control of what goes on. And
there are a lot of things going on you really do not want. NoScript will
tell you.
--
"Ave! Morituri te salutant!"
--- Synchronet 3.22a-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

On 08/05/2026 06:48, J||rg Lorenz wrote:

On 05.05.26 13:39, Andrew Hewitt wrote:

Just wondering, and asking tentatively (just low expectations on who'll
respond ;-)) what's the general consensus on Ad blocking and DNS servers
here these days?

I do not know what the consensus is but I can tell you how I organise it.

DNS only encrypted via DNS over HTTPS. As browser I use primarily
Firefox which allows this in the settings.

To block ads I use the FF-extension uBlock Origin and NoScript which is extremely powerful but not so easy to handle as user. On Macs I use
uBlock Origin Lite with Safari. So far the only really useful adblocker
for Safari so far.

uBlock doesn't work in FF on iOS or iPadOS though (unless I'm missing something?). I think the only way there is to use a system wide blocker,
like 1Blocker or AdGuard.

Yes, uBlock lite does seem to be quite handy for Safari, and works
pretty much the same on all devices (in Safari at least).

For very fundamental reasons I do not trust any DNS operator with
censorship also called adblocking.

I just use either OpenDNS or CloudFlare with their malware settings
turned on as a router setting.

Cheers.
--
Andy H

--- Synchronet 3.22a-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

On 08/05/2026 06:56, J||rg Lorenz wrote:

On 05.05.26 16:14, Andrew Hewitt wrote:

For some I have now deleted the apps, and use web links from the Home
Screen for things like Facebook and YouTube, so they get handled by
uBlock, but still look like an app in the UI.

Sounds like I'm on the right lines though.

I think you are very much on the right track. If you use these social
medias through a browser you have full control of what goes on. And
there are a lot of things going on you really do not want. NoScript will tell you.

I'm starting to find that many similar app versions of websites are
often better without using the app, but the website instead.

Indeed, many of them still require you to use the website to carry out
some account management tasks.
--
Andy H

--- Synchronet 3.22a-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

On 08.05.26 17:05, Andrew Hewitt wrote:

On 08/05/2026 06:48, J||rg Lorenz wrote:

For very fundamental reasons I do not trust any DNS operator with
censorship also called adblocking.

I just use either OpenDNS or CloudFlare with their malware settings
turned on as a router setting.

The use of OpenDNS is considered questionable by some due to several key concerns:

Privacy Issues: OpenDNS, now owned by Cisco, logs all DNS requests made through its servers. This means they can see and potentially store
information about every website you visit, raising significant privacy concerns. Since 2015, this data has been under CiscorCOs control, which
may share or use it for various purposes, including commercial or security-related activities.

Data Redirection and Capture: OpenDNS has been criticized for
redirecting Google search queries through its own servers, capturing
search data before forwarding it to Google. This practice allows them to collect and potentially monetize user search behaviorcyberciti.biz.

Censorship and Filtering: OpenDNS offers content filtering, which can be useful for parental controls or enterprise security, but it also means
they have the ability to block or redirect access to certain websites.
This level of control can be seen as a form of censorship, especially if
users are not fully aware or in agreement with the filtering policies.

HTH, J||rg
--
"Ave! Morituri te salutant!"
--- Synchronet 3.22a-Linux NewsLink 1.2

From Newsgroup: uk.comp.sys.mac

On 08/05/2026 17:17, J||rg Lorenz wrote:

On 08.05.26 17:05, Andrew Hewitt wrote:

On 08/05/2026 06:48, J||rg Lorenz wrote:

For very fundamental reasons I do not trust any DNS operator with
censorship also called adblocking.

I just use either OpenDNS or CloudFlare with their malware settings
turned on as a router setting.

The use of OpenDNS is considered questionable by some due to several key concerns:

Privacy Issues: OpenDNS, now owned by Cisco, logs all DNS requests made through its servers. This means they can see and potentially store information about every website you visit, raising significant privacy concerns. Since 2015, this data has been under CiscorCOs control, which
may share or use it for various purposes, including commercial or security-related activities.

Data Redirection and Capture: OpenDNS has been criticized for
redirecting Google search queries through its own servers, capturing
search data before forwarding it to Google. This practice allows them to collect and potentially monetize user search behaviorcyberciti.biz.

Censorship and Filtering: OpenDNS offers content filtering, which can be useful for parental controls or enterprise security, but it also means
they have the ability to block or redirect access to certain websites.
This level of control can be seen as a form of censorship, especially if users are not fully aware or in agreement with the filtering policies.

Hmm, that's certainly interesting. I haven't seen that before for sure.
If all true, it's certainly concerning.

I knew it was owned by Cisco, but that happened quite a few years ago.

Perhaps stick with CloudFlare, or even Quad-9 perhaps.

This is indeed one of the reasons I'd posted the message in the first place.

I must admit, I am becoming more and more paranoid about who we can
trust any more. Seems to be almost nobody!
--
Andy H

--- Synchronet 3.22a-Linux NewsLink 1.2