> BITTE DEAKTIVIEREN SIE IHREN ADBLOCKER
Öhm, ich hab gar keinen Adblocker, Herr Spiegel. Aber ich hab ein hosts file, dass alle möglichen Tracker auf 0.0.0.0 umleitet, die mich unerlaubt durchs Netz verfolgen. Kannst mir gern Werbung anzeigen, geblockt ist da nichts.
These addresses and domains aren't included in MVPS, yoyo.org and Dan Pollock's hosts files (for links, see: https://github.com/StevenBlack/hosts). I've understood that these list are the most widely-used, but I may be wrong.
About 500k various urls to block.
Edit: Apparently on Windows this method causes your computer to grind to a screeching halt. I run debian, never had any issues.
uBlock Origin as well as UBO Extra if you're a Chrome user.
Opera, Firefox, and others do not have uBlock Origin Extra but I've never had an issue with the site.
Set up a hosts file if need be. This way you can block malicious websites on all browsers. This will work on all desktop OS, more difficult for mobile users.
You may be able to go aggressive and use something like NoScript or ScriptSafe. Unfortunately it'll take effort to set either of the two up and you'll likely still break some webpages after that's over with.
For website alternatives I can't really say much besides WoWDB. YouTube for guides, MMO-Champion or IcyVeins for news, etc. Can't think of anything else.
> You can also block the software from accessing the internet completely by editing your hosts file. You can find it in "C:\Windows\System32\drivers\etc" and open it with notepad. Add these four lines to the end of the file:
> 0.0.0.0 redshell.io
> 0.0.0.0 api.redshell.io
> 0.0.0.0 treasuredata.com
> 0.0.0.0 in.treasuredata.com
You are right, the best way to circumvent tracking is to use:
1) HTTPS Everywhere
2) uBlock Origin with a hard mode
3) custom host file
4) Any cookie manager to destroy cookies, if you are not used to using incognito mode. Self-Destructing cookies for Firefox is an easy to use addon.
Disconnect is a good-natured project, but is completely redundant, since uBO does all the job. NoScript is too restrictive for me, I am blocking by default with uBO all first-party scripts and enable them if needed.
Since I assume most of you guys are into privacy you should know that TechCrunch links redirect through guce.advertising.com. Depending on your adblocker it might or not be picked up. On my device it gets picked up every time with such shared links and the loading stops with guce.advertising.com.
> Links into, and out of, techcrunch now bounce through guce.advertising.com, in order to set a tracking cookie.
advertising.com is listed here, but guce.advertising.com is not. Both TechCrunch and advertising.com are Verizon Media properties. guce.advertising.com is an alias for real.rotation.guce.aws.oath.cloud.
On my desktop and laptop I pretty much fetch this list from time to time.
I don't really know a solution to the mobile devices problem aside from sticking to regular adblocking add-on.
Despite Windows Defender is not the most resource-friendly and safe anti-virus according to AV-Test, I have had no problems at all. Besides, there are no registration procedures.
However it is recommended to use modified hosts file in addition to (any) anti-virus as well. You will increase protection against thousands of malware websites and significantly speed up internet browsing speed.
Hey there, nice competitive cool down. So I'll try to help you out with this. In your Steam Library, Right Click CS GO, Properties, and se your launch options. Add this line "-no-browser" without the quotes.
Just note that this will basically not let you view ANY web content in your CS GO Home page.
Secondly, you have major privacy issues. You can get yourself a Hosts File here, https://github.com/StevenBlack/hosts
but you'll have to do a lot of reading.
Don't forget to change your DNS provider in your Advanced Networking section in Windows. Google DNS is fastest
184.108.40.206 ; 220.127.116.11
This means your Network connection will priortize using Google's DNS and the hosts file will stop a lot of bad sites from getting in.
For your browser, use Ublock Origin, or Adguard. Ublock is preferred.
Optional, you can use https://www.oo-software.com/en/shutup10
this to control Windows telemetry etc.
The combination of all of the above should give you a cleaner experience. There is a lot of reading involved, but you'll be glad you did. Have a good one.
Here is what I do...
Host file that blocks ads/porn/social/etc
Opera as browser
> Chromium based, built in adblock and VPN
Privacy Badger for Opera
> protects you from trackers
CanvasFingerprintBlock for Opera
> Prevent webpages from tracking you by your browser's HTML canvas fingerprint
Click&Clean for Opera
> Deletes typed URLs, Cache, Cookies, your Download and Browsing History
Simple, clean, lightweight and not a lot of overlap
Best advice I would give is to get your hosts file sorted first with the stevenblack list (https://github.com/StevenBlack/hosts).
It's a massive compilation from reputable sources around the web and is throughly full of trackers that will be blocked. You pick which list best suits what you want to block, and copy and paste (or otherwise) get the entries in your system's host file. (Leaving any important entries that are already in your hosts file, if you have any special localhost setups e.g. 127.0.1.1 etc)
Anytime you try to connect to one of these sites (wildcards not permitted unfortunately), it gets sent to 0.0.0.0 (i.e. oblivion).
The telltale signs of tracking nowadays, apart from the more obvious 'tracking.website.com'/'t.website.com' or 'events'/'e', pages trying to load, which are very easy to block, are legitimate pages trying to insert a small "pixel" on the site/page you're on to keep tabs on you. It's dirty and very popular.
Even reddit does this, sorry to say. Press F12 and refresh the page and you'll see it try to load a "pixel.png". To combat this, umatrix allows you to block images from "reddit.com" which has no downsides currently, as all images, voting and embedded links etc are all under '(thumbs).redditmedia.com or 'www.redditstatic.com'.
On top of that, you should block 'pixel.reddit.com' (and any site that starts with 'pixel' in the name), as well as 'e.reddit.com'.
Then there's the hiding-in-plain-sight entries like 'google-analytics' and 'usermetrics' etc. Anything "metrics", "stats", "pixel", "analytics" or "events" are all for tracking and gathering user data.
Wow, if I had the mindset at age 15 to be conscious of this addiction and trying to quit.. I would be at such a different place in life. Kudos to you, you've got a great future in front of you if you don't give up!
If you are watching porn block it now. Block your access to it altogether (disable NSFW on reddit), use a host list (I recommend Steven Black) with an adblocker. Disable instagram, tiktok and such social media where there are triggering NSFW content.
Think about the enviroment, circumstances and how you feel before the urge to masturbate comes up. In my case it was boredom which I learned to tackle and it's much easier now.
You can also reduce the time you spend in front of screens one way or another, that I found to help tremendously. Also, begin a meditation practice right now. Start small and work your way up, doing it every single day. Consistency is key here, as if you miss a day especially in the beginning it's much harder to restart. You'll mind will be calm, focused and you have more control over it.
Try working out, exercise, martial arts whatever you see fit. It's going to decrease the urges and you'll feel much better about yourself. Good luck!
Spotkałem dziś na jakiejś stronce - Fiesta z 800 ciasteczkami: https://i.imgur.com/EZfXhYt.png
Wskazówka aby deaktywować całe to gówno:
A quick and easy way to do it is to find an ad-blocking hosts file and put it in C:\Windows\system32\drivers\etc. This will kill any connections to known ad or malware serving hosts computer-wide.
Here is one from a quick google:
you can block certain websites with the hosts file and use a blocklist specifically made for bad stuff of certain categories.
Or much easier, use a DNS server that blocks malicious websites such as Cloudflare Family DNS.
Personally I am quite fond of https://github.com/StevenBlack/hosts
It has a few different options depending on what you want to block and I believe this incorporates the someonewhocares list into it anyway.
This is quite the small list, needs more entries. Here, have AdAway host files + Steven Black hosts files. I particularly use SB hosts everywhere and it works nicely.
Like the other commenter stated, this can be done by customizing the "hosts" file, which all computers have, and preferentially use before making requests to the DNS server to resolve domain names into IP addresses.
This is also a popular method for adblocking.
Not be be a dick but google is your friend.
There's a repo here maintained for what you're looking for:
Or you can just copy the hosts file from your phone.
P.S.: here's one that even helps block nasty/shock sites.
Or another option here:
I will not browse anything except through chrome of FF where I have ublock installed (former Adblock until they changed their policy to allow some ads).
If you have to use a browser that doesn't support an adblocker do yourself a favor and modify your hosts file to block known ad networks.
https://github.com/StevenBlack/hosts has a good consolidated list.
You can use HostsMan to modify your hosts file if you're not very tech savvy.
Ad-networks are terrible at failing to vet ad content, and ad content is all dynamic now meaning it's more than just an image on someone's site, sometime's it's links to full blocks of code from a 3rd party source all which are very good ways of letting bad guys infect your machine.
there are tons of 'self-hosted' actually working alternatives, but people in general are lazy and want a quick-good solution
what often does not exist
I'm look into Brave deeply on github or try to build it from scratch and you'll see that it's also heavily bloted and telemetried like Chrome
Here you go, I've looked into it on your behalf. Didn't take a lot of searching. tl;dr - whitelist it if you use it, or remove the steven black list:
When I tried all of the shorter ones, they eventually stopped working. I just added this.
and I never have gotten ads ever for about a year now, even on latest spotify version. The only thing is that when you click on actual ads from google and stuff, you won't get redirected and stuff like that and sometime shortened links with bitly and stuff. For that, I just use either Hostsman (windows) or Gas Mask (macOS) to switch between a clean hosts file and my modified to shit one on the fly. Super dope.
Another strong point about ublock origin is that it allows you to block certain cosmetics on a site. Does a site have an annoying top bar that takes 1/3 of the screen? You can just zap it out and have a much clearer interface.
Another tip if you have the know-how is to use the hosts list. It lets you directly block ads by blocking your computer's access to an ad server. You can also use Pihole if you have a spare Raspberry Pi laying around to block ads and other sites on a network-wide basis, so you can even block ads on mobile apps as well.
The reason this is a big deal is that there is always the possibility that this data about you could be turned over to the government or shared without a warrant with law enforcement. It has been sold by companies (FB, Cambrige Analytica) who definitely do not have your best interests in mind. In the end, if could be used against you. What you innocently do privately, in your own home.
If you see ads anywhere, they may be sentient toward your tastes in products, etc. It allows Google, FB, etc. to create these massive profiles about you - regardless of what websites you visit. You can actually see this in your Google Profile online, IIRC. These profiles show all sorts of demographics about you and it's pretty damn scary how accurate it is.
Also, if you see ads anywhere, your browser (chrome or firefox) is missing Adblock and U-block Origin and if you want to go one further, https://github.com/StevenBlack/hosts ) Your overall browser experience will be so much better regardless of what browser you use.
Google Chrome has slowly turned from a really good browser into just another extension of its advertising network and should be treated with suspicion that it doesn't have its users best interests at heart. It also pushes you to sign into Chrome on different machines with your Google account to bolster this data.
Firefox has been predominantly privacy focused and AFAIK isn't in the selling data game. Same with Apple. What ETP in Firefox does (and incognito mode now by default) is separate concerns. So that what's facebook's is facebook's and what's google's is google's and they are not shared through the browser (if you read the article, it has a simple graphic to how this works). While Firefox has the firefox login as well, their base business isn't advertising.
Usually if there is such advertising, it's not coming from a distinct advertising host (the host blacklist qutebrowser uses is pretty good at blocking those), but from the page itself. At the moment, you can do something like :hint all delete (might need a custom selector) to delete an element, but that won't be persistent. You could also probably write a Greasemonkey script (also see jhide) to hide elements.
:hint all delete
With the new adblocker, cosmetic filtering (based on CSS selectors rather than the network request) should become easier, and perhaps it'd also make sense to add something like this at that point.
Hey! that's awesome, It's not however the first project about that (the more the merrier). It would be great to merge some of this hosts too:
It doesn't need to be done at the network level. You can block hosts on your machine by null routing them in your hosts file. Example: https://github.com/StevenBlack/hosts
This is better for portables since it works everywhere.
An alternative is to use a home DNS resolver (eg pihole) and either manually switching the machines to it instead of making it network wide or manually switching the machines you don't want to use it to something else (eg Google's DNS).
Or this one. (Github)
Jeg bruger denne https://github.com/StevenBlack/hosts
Her er et screenshot fra min console på business.dk. En masse connection refused, men tilsyneladende alligevel isAdblocking: false
I really like the dark theme. If you feel the need to block ads, you can download a hosts file with all these domains redirected to be blocked, works really well.
https://github.com/StevenBlack/hosts (More than 3K stars right now)
It doesn't block everything, but it's very lightweight (compared with something like browser addons). Here is an up-to-date hosts list.
uBlock and uBlock Origin (Chrome/Firefox extensions that uses less RAM than Adblock / Adblock Plus) can also use hosts file to block ads (in addition to its normal filters)
This is a good question for the blocklist maintainer. The Pi-hole project does not curate or maintain any blocklists. We have used this default list for a number of years.
I just use dnsmasq without pihole. It's much easier to setup and you can still do hosts file blocking. Pi-hole actually uses dnsmasq internally anyway...
You just add a line to your dnsmasq.conf like:
and then copy your favourite hosts file to /etc/hosts.example for example. I like to use one of Steven Black's host files myself: https://github.com/StevenBlack/hosts
If you want a system-wide blocking then edit the /etc/hosts file: http://ubuntuguide.net/block-any-website-ubuntu-12-04
I advice you nonetheless to use 0.0.0.0 in place of 127.0.0.1.
What URL are they originating from? (So I can add them to my list, too)
If you don't already utilize one, get your hosts blocker going: https://github.com/StevenBlack/hosts ..works nicely alongside ublock origin. One tends to catch what the other doesn't.
You don't need disconnect even without medium mode. Personally I use uBlock normally (with a lot of filters, ~240K, generic cosmetic disabled) and delegate dynamic filtering to uMatrix (with ~800K filters, hpHosts and StevenBlack filters mostly).
Outra coisa interessante: Se você tem Android rooteado ou LineageOS (antigo Cyanogen) você pode modificar o arquivo /etc/hosts e usar uma lista tipo essa. Dessa forma ads são bloqueadas não apenas no browser mas nos apps também. Nunca mais vi publicidade no meu celular.
so it's probably a spotify web issue. I'll try downloading the client and editing the hosts file with StevenBlack's hosts
edit: the ad is not played but there is a delay between a song and the other as long as the ad itself. not exactly an adblock but something really close
edit2: after adding the full hosts list and not only the two spotify entries I completely stopped having ads on the client (non-web version)
Quick question, do you adblock your phone? If yes, good, one of us! If not, check out StevenBlacks adblock hosts file!
Note: Root is needed on Android, no idea with them fruitphones
I use the site maybe once a month, whenver a new hero comes out. I'm not going to whitelist a site that will serve me shitty ad's when they are going to make a small amount of profit from me in the first place. It's to bad that they decided to write scripting to detect ad-blockers so instead I just set up a host file for ad-blocking and turn off ublock.
For anyone else who wants the site to function, check this out.
Using DNS based adblocking, either by modifying your .hosts file (lists can be found here) or using a dns service such as Alternative DNS, would be one way to do it.
For a more fool proof method, you'd wanna use a (reverse) proxy - hosted either locally or on your router/a raspberrypi/some other hardware.
Edit: Hah, seems you got plenty of replies <3
Take a look at the StevenBlack hosts on GitHub. The Unified Hosts list is the default list that installs with Pi-hole, but they have other genres that they add on top of the hosts list. They also have the individual lists that make up their unified hosts list that you can add separately, in case you want to block ads but don’t care to block trackers or other things from the other lists.
I thought the site was down, and kept checking. Turns out the domain is DNS blacklisted at my router courtesy of StevenBlack's host lists: https://github.com/StevenBlack/hosts. Not entirely sure if it's warranted as I don't really know what OneSignal does.
Shadowbanned from what? Here is a guide on editing your hosts kings, and here is one of the best hosts file. On Android I recommend using blokada and for iOS adguard. Let me know if you need help, kings. See you around
lots of people do it. Steve Black's hosts list is like 1.2mb!
Take Ownership, and block the shit w/ a hosts file, what's the big deal? I bet Martin Brinkman has a gnarly hosts file (guessing, b/c he knows the shit out of FF, browsers in general, and two he knows less is more, some add-ons suck, they sell your shit to XyZ metadata, et). Take a spin around the brass pole, find baby jesus in a grilled cheese, use your hosts file for the additional utility it affords and for which its designed :P (and while your at it, block IPs on your Firewall or Router) ;)
YouTubeDownloader by Dentex
Although youtube Vanced would also work.
Also if you are rooted on Android, download a version of this hosts file and replace it on your phone. Not auto updating, but removes a large swath of ads generally on your phone.
Works on any device you can get to the host file on.
Ja ik heb geprobeerd dat zo veel mogelijk te vermijden door (onder andere) dit hosts file te gebruiken. Verder gebruik ik Brave Browser met nog een aantal andere extensies die zo goed en zo kwaad als dat kan alle haakjes die Facebook door het hele internet heen heeft te blokkeren. Enige nadeel is wel: door dat hosts file kan ik niet even makkelijk naar analytics.google.com (ik doe hier en daar ook wat web development), dus dan moet ik 'm even tijdelijk wipen.
even if you get infected plugging in that drive would mean that malware will happily infect it too to make it worse for you. I personally just use a blocking hosts file with like 3.3 mil entries, an addon for firefox called u matrix that defaults to block all and i just select what i want to load. Also using open source alternatives to software you want to use is a good idea and just general knowledge to not click stuff. Then i just run malware bytes from time to time. Been doing this for the past 4 years now and according to malware bytes i've yet to get infected. I'd say using this: https://github.com/StevenBlack/hosts would be a good start maybe even get a therapist appointment if it really annoys you.
I use Steven Black's. You'll probably need to whitelist a few URLs when you first start as it's a tad overcautious, but it's a great set of lists.
You might also look over at r/pihole
>We recommend using 0.0.0.0 instead of 127.0.0.1
>Traditionally most host files use 127.0.0.1, the loopback address, to establish an IP connection to the local machine.
>We prefer to use 0.0.0.0, which is defined as a non-routable meta-address used to designate an invalid, unknown, or non applicable target.
>Using 0.0.0.0 is empirically faster, possibly because there's no wait for a timeout resolution. It also does not interfere with a web server that may be running on the local PC.
>Why not use just 0 instead of 0.0.0.0?
>We tried that. Using 0 doesn't work universally.
Using one of Steven Black's black lists will block connections to all known Windows telemetry domains without degrading any other services, which will definitely improve both network performance as well as cause all background telemetry processes to stop wasting CPU because they can't even connect to Microsoft to send all your personal info you never wanted them to send in the first place.
There is also a Windows script available to keep your hosts file up to date automatically, as well as a bunch of different formats available for if you want to do something like put the black list on a shared network proxy server, DNS server, DNS resolver, etc., so everyone on your home network is protected by the same black list.
People should make informed decisions and should not be tricked into spending. Advertising as we know it is inherently evil and should be averted at all costs (until it's fixed), so long live Firefox. Additionally, I strongly advise you run a sane hosts file that consolidates the most reputable lists of sketchy domains for blocking: https://github.com/StevenBlack/hosts
> I changed the dns
Thanks a lot buddy, that was the clue I needed. I've got a custom hosts file generated from (https://github.com/StevenBlack/hosts). I grep'd for Spotifiy and found the following entries:
#spclient.wg.spotify.com #[affects mobile app]
One or more of those was stopping Spotify from loading, I started whitelisting them 1 by 1, then got bored just whitelisted them all and the now the Spotify app works properly. At some point I'll try to figure exactly which ones are need for the desktop app to run. Thanks again!
The Steven Black unified list:
"This repository consolidates several reputable hosts files, and merges them into a unified hosts file with duplicates removed."
Only one I've ever needed.
Start here for how to edit the file.
Basically the hosts file overrides your DNS lookup from your ISP and forces it to resolve a domain to a the IP address in the file. To disable a domain completely, put in a line redirecting it to localhost. For example:
With that line, when your machine tries to send a request to nytimes.com, instead of going to the internet it will query itself, which will immediately fail.
The line above uses ipv6. You might also see the same line using ipv4:
Some lists prefer using the unresolved IP ::0 or 0.0.0.0, which also produces the desired error.
There's lots of tools out there that can edit hosts for you, but it's just a text file and is easy enough to do in notepad or any text editor. There's even full hosts files you can download, which do rudimentary domain-level ad blocking without needing a browser plugin.
Do you mean DNS vs Domain Filtering, or the individual items?
DNS servers map host names (like www.reddit.com) to IP addresses (like 18.104.22.168). I've included a list curated by the Chaos Computer Club of servers that do not censor responses.
For the host lists which define which host names to block, I included the ones known by uBlock and uMatrix, and enabled the ones by default that https://github.com/StevenBlack/hosts is based on. The reasons there are reasonable IMO.
I hope that answers you question, if not, I can follow up once I'm awake again :D
I enjoy my HOSTS file hack to block ads across the board. Have not heard an ad for months :).
My hosts file has like 50k hosts binded to 0.0.0.0 but shit, everything is ad free across the board (browsers, apps, windows).
Edit 2: Follow this project to achieve the same result; https://github.com/StevenBlack/hosts
I really wanted pihole, but it seemed a bit redundant and messy to leave my actual pi plugged in with another computer on for other purposes. So I moved it to a virtual machine.
I wanted my own domain name to map to my network drive, so I added custom domain names.
I wanted something like Ghostery, so I added https://github.com/StevenBlack/hosts
If you don't use any extension specific features you can block ads universally by editing your hosts file. Of course you have to update it manually and it's stored in a location that needs root or administrator access to overwrite. It will block ads in desktop apps as well as in the browser, though.
This will enable WIFI tethering and Adblock by pulling the build.prop onto your computer in the location where your terminal is open. Edit that in your favorite text editor on your computer and then add the following line:
Save, and then run
>adb push build.prop /system/
This puts it back on your phone, but the permissions might be funky, so run
>chmod 644 /system/build.prop
And make sure you don't let TWRP install root, it won't work. Then, if you want, you can do the same procedure in order to set up system-wide ad blocking, again, without root:
>adb pull /system/etc/hosts
Edit the hosts file, and add your own hosts. You can google for a good ad blocking hosts file, I used https://github.com/StevenBlack/hosts and save your hosts file, then run
>adb push hosts /system/etc/
>chmod 644 /system/etc/hosts
You WILL get the dreaded Marshmallow "this device is corrupt," but you can just ignore that, it only indicates that the system folder is different than the OS expects. The device will boot a little bit after this message goes away, and you'll have ad block and native tethering enabled! I just did this on my Nexus 6 and it works perfectly!
Edit: mount is directly on the home page of TWRP, not under advanced!
Go to DNSBL tab and scroll down to DNSBL configuration to find the option. Null blocking is how pihole does it by default too.
I'm not entirely sure of how it all works but here's one explanation: https://github.com/StevenBlack/hosts#we-recommend-using-0000-instead-of-127001
I don't understand the downvotes, last time I used PI-Hole it also blocked YT ads, maybe something has changed recently?
Try updating your hosts on PI-Hole with those: https://github.com/StevenBlack/hosts
I have a Facebook as a company blocklist which will block Facebook and Instagram: https://www.github.developerdan.com/hosts/
Steven black has a good social list too: https://github.com/StevenBlack/hosts
I added the "nocross" list from Firebog using curl and the link on his "if you wish to automate."
I use the basic list from Steven Black (he's got 15 variations, I just use the basic one).
And I use the dbl from oisd (see the dowloads page, those are different formats).
It's a rabbit hole searching for sources I like/trust. I got burned out and just stopped here. I'd like a few more (mostly due to interstitial ads on YouTube). I'll get back to it eventually…
I’ve been using the following with good results - Abp list from: https://oisd.nl and Steven Blacks raw host file from: https://github.com/StevenBlack/hosts. Also read about lists from https://energized.pro, but haven’t had a need to try any.
I don't use windows much, only on the company provided laptop and then only to read mail and keep in touch. I - like you - are appalled at the amount of sneaky things that go on behind my back while using windows and my main motive is to thwart them. So for instance I don't use facebook, twitter et al and have all their urls blocked by this technique.
There is a list of obnoxious urls maintained on github I beleive ... Yes, Steven Black is the guy:
Apparently he has collected some other resources in this direction, I haven't read his readme in quite a while.
What idontchooseanid said, but alternatively you can outright block globally malicious sites, and even social media sites, with your /etc/hosts file so you won't need an extension or whatever your browser can give you.
It was in the StevenBlack hosts list (I don't have the output any more, because I just updated gravity based on the github issue suggestions.)
It was recently removed as of https://github.com/StevenBlack/hosts/issues/1286, literally two days ago :)
I use Firefox with embed containers and AdNauseum, HTTPS everywhere and DuckDuckGo Privacy Essentials extensions.
And, sometimes, https://github.com/StevenBlack/hosts
may be a pi-hole. Install r/zerotier in it. You can remote and update block lists.
If they use only simple things like fb/whatsapp - you can get a supported phone and install r/lineageos - As long as they have appstore - possible to install any spyware. Absence of google play or even you can edit the
(like the previous comment AV are crap).
I looked into this a bit further, and an update was made very recently to that list to actually remove bugsnag from the blacklist: https://github.com/StevenBlack/hosts/commit/43eaa7f5b7d4dcc4955118de62502658c9888316
For adblocking on MacOS I use a custom hosts file. Other than that, I'm not sure what the options are for Safari. I stopped using it for the most part when they started messing with extensions. I don't find that Firefox drains my battery that bad.
Adjust the hosts file. This is a set of instructions to the machine about what to do with internet names such as 'facebook.com' or anything else. You can tell the machine to ignore them. Here is an introduction. I can't suggest a specific setup, but there are lots of curated hosts files for blocking different things. This link from the article is a good place to start.
Is your phone rooted? If yes, you could download AdGuard from F-Droid and add the "Unified hosts + porn"-list from here: https://github.com/StevenBlack/hosts
After that, use another app to password-protect AdGuard.
Sure. It's just a Python script. https://github.com/StevenBlack/hosts/blob/master/readme.md
As for OpenVPN, I can't recommend a particular guide as I don't have a Raspberry Pi (mine is running off of a Ubuntu VM on an 8-core Atom server I've got) but I'm sure someone who's done it will link one. Or you can poke around in Google. If you're running Linux on the Pi though it's probably just a matter of telling your package manager to install OpenVPN and doing some config tweaks. I used this guide for my own setup: https://help.ubuntu.com/lts/serverguide/openvpn.html.en
The only money I've spent on the whole thing is a cloud server that I'm using for both a static IP (so that I can point my domain at) and a SSH tunnel for, as I don't have the ability to do port forwarding at home so it's the only way for me to expose things to the internet. I used this guide for that, specifically doing a remote forward: https://blog.trackets.com/2014/05/17/ssh-tunnel-local-and-remote-port-forwarding-explained-with-examples.html
Looks like the StevenBlock list has a special entry 0.0.0.0 0.0.0.0 which qutebrowser didn't filter out properly, thus adding a block for 0.0.0.0.
I fixed this now. However, note that 0.0.0.0:8000 typically means the server is also accessible from the outside (i.e. from other machines), so you might want to check if you can tell it to listen on 127.0.0.1 (localhost) only.
On most Android phones, you can use the OpenDNS dns ips as a replacement for those offered by your phone provider, so you can get that added protection. I don't have a phone now that I can test any programs that do the same.
Also, an application called hostman in addition to host files from here have helped me on Windows.
Linux and Mac have equivalent applications. You can also add this list to Ublock Origin, so if that works on Android Chrome or Firefox, that may be a solution. Host files have the added advantage in it prevents the computer from ever even looking up the site its blocking, which makes the response faster.
Android does have a host file, but I don't have any experience in how easy it is to modify them. A google search shows quite a few results that may help out, however.
I find r/pihole is the best place for discussions about hosts files. Personally I use Steven Black's consolidated hosts file, links found at the site below. Not tried it on adguard though.
What these people have mentioned is a good start.
As a word of caution, I recommend you to have Windows running on an entirely seperate partition. Before making any changes, you should make a complete Image of your OS as well as your UserData.
You might also wanna turn off your DNS Client Service and within your network advanced properties section, use Google DNS 22.214.171.124 ; 126.96.36.199 - Or which ever DNS provider is fastest in your area. Head on over to https://github.com/StevenBlack/hosts
You can update this once a month and that's sufficient.
https://github.com/gorhill/uBlock (This can also give you many headaches, so read carefully)
or noob friendly AdGuard.
Then there are a few things to look at :
Group Policy - gpedit.msc > example : to Turn off Windows Defender auto remediation
Task Scheduler - Lots of useless things here
Services.msc - More useless services here
Careful with noob friendly "optimizing programs" - The way to optimization is not a lazy path. You will need to learn what works for YOU.
Stay away from shit like Avast, and any free garbage "Anti Virus"
The best optimization of your system, is YOU.
Listen to the sage last words of @ u/Matthas13 and enjoy a nice cold one!
Nice. You don't need specific rules to block RDP or SSH. By default pfSense blocks everything and the last two rules you have will block all IPv4 and IPv6 traffic including RDP and SSH. You don't really need the ICMP rule either as it's blocked by default. The reason I created the last two rules so that the IPv4 traffic that was blocked would not only show up in my log but also have a specific description that would show in the log. The last rule is to block IPv6 but not log. By default pfSense will block and show in the log as something like "Default block rule" which can be harder to diagnose when you have an issue.
The best list for pfBlockerNGs DNSBL is Steve's Blacklist at https://github.com/StevenBlack/hosts because it aggregates many lists together. I actually added the one that also combines gambling and porn.
Nice set of lists for your WAN. Since my only open port is for my OpenVPN server and I have it limited to US IP addresses I decided not to add additional lists besides the pf_DNSBLIP. I guess I'm relying on snort. I originally installed the devel version of pfBlockerNG that literally has hundreds of lists for you to choose from. I decided on my LAN side to use Quad9 as my upstream DNS since they automatically block malicious sites. It saved my little pfSense router from being overwhelmed.
I setup DNS over TLS through my VPN tunnel so it's double encrypted. A little overkill but only costs me a about 5 milliseconds per DNS lookup. This way no one can read my DNS lookups and Quad9 can't track where the requests are coming from. I have each of Quad9's DNS servers going out a different VPN tunnel in case one goes down. I also have a cron job that runs nightly on each of my OpenVPN clients to reset it so my IP changes. I'm a little overconcerned about privacy :)
I’ll send you some reputable links in a bit via edit.
This is a good start: https://github.com/StevenBlack/hosts
That one compiles just about every known list out there and allows targeting.
While that repository centralizes everything, my personal favourite is still from MVPS hosts file. They link to their hosts file as well.
You can modify a HOSTS file on windows, mac, or linux to block URLs. For instance, this repo on Github is updated frequently with a variety of lists of URLs to block, depending on what you want to block.
I run a script weekly to grab a list and update my machine's hosts file. It blocks ads and trackers.
Yes, using the IP address would circumvent this.
You can do it with dd-wrt most likely.
Funny enough I just ran into an android app that showed me 6 ads within a minute, so pissed off as I was I actually just tried this in the last hour by feeding all the hostnames from this list ( more ) to my router's DNS server. The problem is that my huawei router only accepts like 16 custom routes for hostnames(??). Then I tried by adding it to the parental filter, but that one only accepts 128 hostnames.
So you definitely can do it, the question is if your current router software limits you. I'm pretty sure you can do it with a dd-wrt / tomato / openwrt router easily - as you could just edit the /etc/hosts file on those.
Note : You can add the entries above to your /etc/hosts file ( or on windows to your %windir%/system32/hosts file ), but it's not that easy on mobiles without routing. That's why I want to block those on router level as well.
Edit: I just read the rest of your message - you were most likely already aware of this solution. Yeah, making it more idiot/novice proof might be a nice thing. The only caveat is just that some websites actually stop working depending on how many hosts you block. I reckon a few mobile apps might stop working as well.
Came across this git repo for domain blocking, hope this helps.
I'd recommend setting up a Pi-hope as I've done this recently and have blocked over 180k domains...and it's a nice project to set up. https://pi-hole.net
You probably need to add additional hosts files. If you go to the following link, there's tons of additional host file sources you can add via the hosts tab. StevenBlack's host file will block basically everything, but it may not work well in DNS66. I've found GitHub URLs to give DNS66 and other ad blocks like AdAway trouble. The sources list on StevenBlack's page is a great resource though.
I have no problem with Ublock Origin (get that instead of ABP, seriously) and Noscript looking like this. I didn't notice any problems on Tvtropes anywhere, and have no idea why allowing these URLs is something you need to do.
Edit: Also, get a blocking host file to be absolutely sure.
First of all: I just noticed that the hosts file I posted includes xmrpool.net addresses. If you're having trouble connecting, manually check it if your mining pool is in this list and just delete it out of there.
This is a hosts file that will relocate any request for any address that is in this list. This file comes before your System initiates an external DNS request to find out that google.com is 188.8.131.52 for example.
If you write in 0.0.0.0 google.com into this file it will redirect all requests to google.com to 0.0.0.0 which - depeding on your OS - is either invalid or your own machine, effectively blocking any requests to sites provided.
This list is just a collection of sites people might want to not connect to. Here is the full collection
> PROTIP: You can use apps like Ghostery and uBlock Origin to block trackers
PRO'ER TIP: Block all offending domains right in your computer's host file, so it applies npt only to your browser but everything. And you don't need to allow browser apps to see all data on all sites you visit.
PRO'EST TIP: https://github.com/pi-hole/pi-hole Use a Raspi and protect your entire network in one go.
You have to experiment with different blocklists. Some lists are better than others.
You can find a number of blocklists here: https://filterlists.com/ Always do your homework before adding any.
The best, as u/Citizen_V noted below, is https://github.com/StevenBlack/hosts
2.Install a terminal that doesn't suck.
While I don't know if this singles out Google domains,
Offers a unified hosts file for Linux, which I'm sure can be added to a windows host file as well.
It's maintained regularly, he also offers an automated script called hblock, which can update the hosts file through the terminal.
Ad Blocker using Hosts file (powerful, quick to set up, customizable) :
Also, for most advanced user: https://github.com/StevenBlack/hosts (I haven't tried it)
Mostly just a google search. Methods could vary depending on what OS you use. This can also be done with rooted android devices. Here's a fairly comprehensive project with a good bit of documentation: https://github.com/StevenBlack/hosts
Besides your anti-virus(es), a hosts file will do the trick. Update every so often to ensure you're blocking 'new' sites that may push ads/malware, etc.
Here's a link to someone who has pieced all the popular hosts files into one. This will work for Windows, macOS, and Linux. There's plenty of tutorials around the web so just look up a guide (written/video) on how to install.
In the case of Windows 10, you could take the extra step and try some of the telemetry/spying bits that are hidden away from users. Unfortunately to disable everything you'd need the Enterprise edition. There's still plenty of work-arounds but I've noticed some said they lost a few of these configurations after Windows updates.
Basic guide to disable Telemetry/Data Collection. Look around the web and there's even programs that can do it for you. Two that come to mind - O&O ShutUp10 and Spybot Anti-Beacon.
I use two systems, but they aren't password based so may not be effective for you.
It's not easy to do if you're not technically inclined, but you can just use notepad, run it as an administrator, put open file, and then manually type in the location of the host file (instructions on what to type in for the location fo the host file are on the link I posed depending on your version of windows)
Then you just have to type in 0.0.0. or 127.0.0.1 followed by the url of the site you wish to block.
If you want to go the host file route, a group of programmers have a huge list of porn sites + ads and malware etc that you can just get from GitHub and place in the location of your host files.
I also use the parental control settings on my router to double up , but that is router specific and I'm not sure if yours has one but you can just type in the name of your router or isp followed by how to access settings.
Support from updates and security issues sorted as high priority (flag ship OS, so its a requirement)
Latest model, therefore most users will use, for development, choosing the most popular OS gives access to biggest pot of moniz
newest design, mimics the flat visuals most modern OS types (android/iOS, etc) therefore feels comfortable as phones (which are most popular in tech currently)
Many older hardware is now incompatible, (some potato's are now exempt from gaming, no open GL support for intel series 4 etc.)
Telemetry is rife (all over, nearly everything, with options to add more quite easily) here is a list of hosts data is sent to, its crazy, this guy set them to 0.0.0.0 so that no data is sent to them anymore.
If you are used to where all settings are in win 7, then be prepred for it to change drastically, BUT still have access to the win 7 option forms but with limited (greyed out) functions.
if there are any others I didn't think of please say
You're right to be worried about browser add-ons having too much access to your browser.
An alternative ad-blocking mechanism that doesn't require you to install anything is to update your hosts file using one of the unified hosts.
You should still perform your due diligence and check the listed hosts entries to make sure there's no malicious redirection going on, but this is much easier to do than checking browser add-on code :).