XPost: alt.comp.os.windows-11

A fundamental shift that concerns adblockers will happen in the next
twelve months. You may have heard about Google ending support for the
old ruleset for extensions in favor of a new one. Google, citing
security, privacy, and performance for the change, has been heavily
criticized for it.

One of the main objections is that content blockers will lose
effectiveness once the change goes live. While Google did make
adjustments to the new ruleset, it never addressed the main point of
criticism that developers of adblockers had.

In short: while adblockers continue to remain available for Chrome and
other Chromium-based browsers, they won't be the most effective tools
anymore.

In fact, the only browser that retains full content blocking
capabilities for extensions is Firefox (and any Firefox fork also).

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

Using <news:s73c8j5363e30qt2perrj60b50a9ormioe@4ax.com>, carson@parkson.net wrote:

In fact, the only browser that retains full content blocking
capabilities for extensions is Firefox (and any Firefox fork also).

Isn't the best place to block ads in the system itself, e.g., via
hosts-file configurations (of which there are many variations)?

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

david <this@is.invalid> wrote:

Using <news:s73c8j5363e30qt2perrj60b50a9ormioe@4ax.com>, carson@parkson.net wrote:

In fact, the only browser that retains full content blocking
capabilities for extensions is Firefox (and any Firefox fork also).

Isn't the best place to block ads in the system itself, e.g., via
hosts-file configurations (of which there are many variations)?

The hosts file can only specify, well, hosts. That means blocking is by
an entire host (domain), not by specific paths on the domain. Getting
rid of ads that are resources defined in URL paths at a site get
eliminated, but so does the entire host. For example, blocking on host.domain.tld/ads?... let you block the ads there, or ads that were
resourced on other servers, but blocking host.domain.tld means you
cannot get to the domain where you wanted to see the wanted content.
The hosts file is a cannon used to swat a fly. That's why adblockers
arrived to give finer and more focused filtering on what to block.
Plus, the hosts file cannot be used to define cosmetic filters, like
getting rid of annoying content in a web page nuisancing you to switch
to a different web browser, to create an account, and so on. Adblockers
aren't just blocking ad resources. They can are also content blockers sometimes referred to as cosmetic filtering.

You can create and maintain your own hosts file, but that would be
fruitless considering how many hosts+domains there are out there. You
can get pre-compiled hosts file, but I found those are a bit too
aggressive both in not getting updated when bad sites become good, and
because of the aforementioned limitation on blocking a whole site
instead of just its unwanted resources or content.

Blocking by using a hosts file is very coarse filtering. You're likely
to lose more sites that you do want to visit, but your hosts file blocks
you going there just because someone noticed they present or serve ads.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

<carson@parkson.net> wrote:

A fundamental shift that concerns adblockers will happen in the next
twelve months. You may have heard about Google ending support for the
old ruleset for extensions in favor of a new one. Google, citing
security, privacy, and performance for the change, has been heavily criticized for it.

One of the main objections is that content blockers will lose
effectiveness once the change goes live. While Google did make
adjustments to the new ruleset, it never addressed the main point of criticism that developers of adblockers had.

In short: while adblockers continue to remain available for Chrome and
other Chromium-based browsers, they won't be the most effective tools anymore.

In fact, the only browser that retains full content blocking
capabilities for extensions is Firefox (and any Firefox fork also).

You made vague just what you were discussing. Despite you not
mentioning it, my guess is you are discussing Manifest v3 that Google is pushing versus the older Manifest v2.

v3 reduces the number of filters/rules that can be stored in memory
hence reducing the blocklist sizes that can be used to get rid of ads
and other unwanted content.

Obviously Google is going to follow their own lead to move to Manifest
v3. In fact, they already did that by blocking extensions into the Play
Store that did not comply with Manifest v3, and that started sometime in
June 2024, or maybe it was earlier.

https://developer.chrome.com/blog/resuming-the-transition-to-mv3/

Chrome, and its variants, including Edge-C, will have reduce blocking
due to smaller blocklists. I use uBlock Origin. In preparation, and
for Chrome, its author produced an MV3 compatible version aka uBlock
Origin Lite, but the author states the blocklists will get truncated, so
it will be less effective. He still maintains the Firefox add-on where
MV2 is still supported.

Something else that Google is keeping rather hidden is that Google will
also prevent adblocker add-ons from blocking access to Google resources,
like Google Analytics, and other tracking/logistics services. Such
blocking interferes with the revenue they get from selling those
services to web sites that want to know how their sites are being used,
the load on them, at what times, where most of it originates, and other logistics used to tweak or maintain their sites.

Meanwhile Mozilla has, so far, stated Firefox will support both MV2 and
MV3 add-ons, but no one knows for sure for how long. That they have
decided to support both doesn't mean they will do so indefinitely.

https://blog.mozilla.org/addons/2024/03/13/manifest-v3-manifest-v2-march-2024-update/\

Presumably variants based on Firefox will also continue to support both
MV2 and MV3. Chrome, and its variants, however, are doomed to MV3 hence reduced blocklist sizes hence less robust blocking.

Just because Mozilla is currently promising to support both MV2 and MV3
does not mean it will stay that way in the future.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

David,

Isn't the best place to block ads in the system itself, e.g., via
hosts-file configurations (of which there are many variations)?

Besides the problem that a hosts file will block *all* access to a certain domain(*), do remember DNS over HTTPS, which effectivily bypasses your
'puters host file.

(*) My browser, using an add-on, blocks domains, but a diferent program
(like as download tool) can stil reach the (raw) webpages / content.

Also, a hosts file acts like a blacklist (needing every to-be-blocked domain
to be added - no wildcarding), while whitelists (blocking everything but for the permitted domains) even work when visiting new domains (with their
possible own set of unwanted third-party resources).

And one other thing: the hosts file is DNS related. If the resource isn't using a domain name (but uses an IP (xxx.xxx.xxx.xxx) ) that hosts list is
not even being looked at.

Regards,
Rudy Wieser

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On 7/3/2024 11:46 PM, david wrote:

Isn't the best place to block ads in the system itself, e.g., via
hosts-file configurations (of which there are many variations)?

I've used HOSTS for about 25 years. I almost never see ads.
But most people either can't be bothered or don't understand
how to do it. For them it's easier to get an extension to do it
for them. I often install UBlock Origin for friends like that. They're
not going to deal with any of it, but UBO at least provides a low
friction way to eliminate a lot of junk.

However, things like that won't
do much about online surveillance because they'd break too many
webpages if they did. If you can block ads and all pages still work
great then you're being spied on. Maybe the bigger question is why
anyone using Chrome would imagine that they care about privacy.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On 2024-07-04 05:46, david wrote:

Using <news:s73c8j5363e30qt2perrj60b50a9ormioe@4ax.com>, carson@parkson.net wrote:

In fact, the only browser that retains full content blocking
capabilities for extensions is Firefox (and any Firefox fork also).

Isn't the best place to block ads in the system itself, e.g., via
hosts-file configurations (of which there are many variations)?

Depends how you define "best"

--
Cheers,
Carlos E.R.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

Using <news:v6621o$2og9s$1@dont-email.me>, Newyana2 wrote:

Maybe the bigger question is why
anyone using Chrome would imagine that they care about privacy.

Does the Ungoogled Chromium open source offering help in that regard?

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

Using <news:lenoslFg56sU1@mid.individual.net>, Carlos E. R. wrote:

Isn't the best place to block ads in the system itself, e.g., via
hosts-file configurations (of which there are many variations)?

Depends how you define "best"

While blocking ads is a whack-a-mole game, the cat-and-mouse process of systemically blocking all ads seems "better" to me than the
browser-specific method which requires browser-specific expertise.

So "best" to me is probably better of said as using a more systemic
approach than simply knocking out the clay pigeons one by one in a specific
web browser - which leaves every other web browser untouched.

So you have to do it for Mozilla browsers.
And then for Chromium browsers.
And then again for the other variant browsers.

A single systemic approach is what I'm meaning by "best."

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

Newyana2 <newyana@invalid.nospam> wrote:

david wrote:

Isn't the best place to block ads in the system itself, e.g., via
hosts-file configurations (of which there are many variations)?

I've used HOSTS for about 25 years. I almost never see ads.
But most people either can't be bothered or don't understand
how to do it. For them it's easier to get an extension to do it
for them. I often install UBlock Origin for friends like that. They're
not going to deal with any of it, but UBO at least provides a low
friction way to eliminate a lot of junk.

However, things like that won't
do much about online surveillance because they'd break too many
webpages if they did. If you can block ads and all pages still work
great then you're being spied on. Maybe the bigger question is why
anyone using Chrome would imagine that they care about privacy.

hosts file breaks EVERY site listed in it. The entire host (site) is
blocked, not just ad or other unwanted content at a site. If the
unwanted content is a resource retrieved by a web page then the web page
may be sufficient to present the wanted content except for dynamic web
pages that need scripting, and blocking the off-host script resources
means those sites also become unusable.

Adblockers are NOT the equivalent of a hosts file. Adblockers exist
because the hosts file is far too coarse and far too ignorant a method.
Hosts files, even those you get pre-compiled:

- Cannot filter on any pathing in a URL to eliminate part of a web site
or resources at the same site. With hosts, it's either block the
entire site, or block nothing there.
- No cosmetic filtering to get rid of elements in a web page, like
getting rid of Google's prompt to sign-in or switch to Chrome, Cards
in Youtube, the 5-second video start delay at Youtube, or other
elements or attributes within a web doc.
- Offer no other features:
o Block cross-frame resources.
o Block of some or all script from a site, or allowing on-site scripts
while blocking off-site scripts, or allowing on-site and specific
script resources while blocking other script resources.
o Block sending CSP (Content Security Policy) reports to sites.
o Block the link[type=application/opensearchdescript+xml] suggestion
in a web page to prevent compliant web browsers from adding search
engines that a site wants you to have.
o Block only 3rd party fonts to prevent tracking. Fonts delivered by
font foundaries, like Google's, can know when and where you were
visiting when they supply the 3rd party fonts a page wants to use.
While you may want to block 3rd party fonts to eliminate that method
of tracking, some sites become unusable without the fonts, so with
an adblocker you can define an exception.
o Uncloak canonical names.
o Disable link prefetching which can obviate blocking.
o Disable link auditing (capturing on which links you click even when
they point to a different site).
o No way to define exceptions for some or all of a web site that was
included in the block list. Maybe you want to use
Hotmail/Outlook.com, but don't want the ads just in the right frame,
or resources your bank uses are blocked in hosts making the bank
site unusable.

Rarely do users of pre-compile hosts files use more than one of them to
merge into a block list that reflects what the user wants to block.
With blocklists in adblockers, you get to choose which blocklists it subscribes. With hosts, you get whatever the hosts file author wants
which means they try to cover everything instead of what you want.

Compared to using an adblocker, using hosts is the idiots method of
staving off some unwanted content, like using a cannon to swat a fly,
and ignores all the other privacy and tracking issues. Equating using a
hosts file to the use of adblockers is like equating an abacus to a PC.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On 04/07/2024 18:05, VanguardLH wrote:

hosts file breaks EVERY site listed in it. The entire host (site) is blocked, not just ad or other unwanted content at a site. If the
unwanted content is a resource retrieved by a web page then the web page
may be sufficient to present the wanted content except for dynamic web
pages that need scripting, and blocking the off-host script resources
means those sites also become unusable.

Not necessarily. Ads are rendered from specific sub-domains so you block
those subdomains only. For example, I have blocked about 250 Microsoft sub-domains that are used to collect info from users using their
telemetry programs. By blocking those sub-domains, I can still access
the main Microsoft site including its updates sites.

Google does the same and other ad agency do the same. They want these sub-domains to process clicks and so they can collect the IP addresses
for future bombardment of more similar ads to that particular IP
address. email addresses are not used often these days because they know
users are getting smarter not to give them working email addresses. IP addresses in most countries these days are getting static. My IP has
remained the same for about 18 months and it doesn't change at all even
by rebooting the router and even stopping the router over the weekend.
This is with a cheap ISP in the UK so others must be doing the same. I
think governments around the world wants IP addresses to remain static
so that they can track down miscreants easily. We know many people have
been caught through Facebook, Twitter and other social sites so clearly
the authorities have got a way to track down people easily.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On 7/4/2024 11:13 AM, david wrote:

Using <news:v6621o$2og9s$1@dont-email.me>, Newyana2 wrote:

Maybe the bigger question is why
anyone using Chrome would imagine that they care about privacy.

Does the Ungoogled Chromium open source offering help in that regard?

Good question. I have a copy of that , which I keep for testing webpage
code and just in case something won't work in Firefox. I can't say
for sure whether it's completely clean of Google spyware.

I once tried SRWare Iron, which was supposed to be a Google-free
Chrome browser. I installed and tested it without allowing it through my firewall. First it tried to call home without asking. When that failed it
tried to call Google without asking. Yet their whole selling point was Google-free.

I haven't had the stomach to test UngChrome. I just keep it around
and figure it's the best option for when I have to use Chromium.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

david <this@is.invalid> wrote:

Carlos E. R. wrote:

Isn't the best place to block ads in the system itself, e.g., via
hosts-file configurations (of which there are many variations)?

Depends how you define "best"

While blocking ads is a whack-a-mole game, the cat-and-mouse process of systemically blocking all ads seems "better" to me than the
browser-specific method which requires browser-specific expertise.

So "best" to me is probably better of said as using a more systemic
approach than simply knocking out the clay pigeons one by one in a specific web browser - which leaves every other web browser untouched.

So you have to do it for Mozilla browsers.
And then for Chromium browsers.
And then again for the other variant browsers.

A single systemic approach is what I'm meaning by "best."

You can use a local proxy (e.g., AdGuard) that does the content/resource blocking, and which encompass every web-centric app you use instead of
just one. Instead of installing a variant of an adblocker in every web
browser you use (which still won't block ads in web-centric apps), you
install an adblocking proxy that interrogates all your network traffic. However, you'll still need to maintain the blocklists and settings in
the proxy to tailor to how you want to view the Web. Also, what gets
blocked for one program, like a web browser, may not be appropriate to
get blocked for another program, like e-mail or a site-oriented app.

Web sites can detect if you don't retrieve some of their resources.
That's why you hit sites that detect you using an adblocker, and tell
you to disable it if you want to visit their site. Their property,
their rules. Similarly, when using a local proxy blocker, those same
sites can see you're not retrieving all their content, and can throttle
or disable using their site. However, likely web-centric apps won't
give you any warning why they aren't working when you choose to block
some content they want to retrieve. Like the web server seeing you are
not retrieving all the content, the web app can see they cannot reach
all their resources. In response to your blocking, sites and apps can retaliate, and not always in a way that makes it clear to the users what
is the problem cause (which, of course, is the user choosing to block).

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On 7/4/2024 1:05 PM, VanguardLH wrote:

hosts file breaks EVERY site listed in it. The entire host (site) is blocked, not just ad or other unwanted content at a site.

Yes. That's the whole point. UBO is great for people who
want to feel like they're doing something but don't want
any hassles. It won't block all the ads and trackers because
that would break too many sites.

I know you love to argue about this. You're free to use UBO.
I use a HOSTS file with wildcards in order to cleanly and simply
block sleaze. I don't specifically block ads, but by blocking
Google's doubleclick and similar sites, the ads are all removed.
What I get, which you don't have, is that I also block surveillance
by the likes of Google and Facebook. I block googletagmanager, google-analytics, google fonts and maps... a dozen or more domains
run by Google and another dozen+ run by Facebook.... As well
as various other domains that have no right to live and only exist
to spy.

You're blocking visual ads while you ignore the spyware. I'm
blocking sleaze and disappearing ads is a happy side effect.

If the
unwanted content is a resource retrieved by a web page then the web page
may be sufficient to present the wanted content except for dynamic web
pages that need scripting, and blocking the off-host script resources
means those sites also become unusable.

Sometimes that's true. I'm rarely allowing 3rd-party script
to begin with. I block it all in NoScript by default. Recently I
was visiting Home Depot and found that it worked fine if I
enabled their script, without enabling 21 (!) other domains that
were trying to spy on my visit. And the 21 was only for starters.
I expect that if I'd allowed all script I would have gone past
50 3rd-party spies who had no business tracking my visit.
Crazy. If HD hadn't worked without that crap then I simply
wouldn't have visited their site. At some point this goes
beyond privacy to enforcing common decency.

Like I said, I block sleazy security and privacy risks. You're
blocking ads. Whole different approach. Methinks the UBO
addict doth protest too much. You're awfully hot under the
collar about a method that no one is forcing you to use.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On Thu, 4 Jul 2024 17:30:33 +0000, you wrote:

On 04/07/2024 18:05, VanguardLH wrote:

hosts file breaks EVERY site listed in it. The entire host (site) is blocked, not just ad or other unwanted content at a site. If the
unwanted content is a resource retrieved by a web page then the web page may be sufficient to present the wanted content except for dynamic web pages that need scripting, and blocking the off-host script resources
means those sites also become unusable.

Not necessarily. Ads are rendered from specific sub-domains so you block those subdomains only. For example, I have blocked about 250 Microsoft sub-domains that are used to collect info from users using their
telemetry programs. By blocking those sub-domains, I can still access
the main Microsoft site including its updates sites.

Why don't you post a copy of your host flle for us? That would be
very

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

MR <MR@invalid.invalid> wrote:

VanguardLH wrote:

hosts file breaks EVERY site listed in it. The entire host (site) is
blocked, not just ad or other unwanted content at a site. If the
unwanted content is a resource retrieved by a web page then the web page
may be sufficient to present the wanted content except for dynamic web
pages that need scripting, and blocking the off-host script resources
means those sites also become unusable.

Not necessarily. Ads are rendered from specific sub-domains so you
block those subdomains only. For example, I have blocked about 250
Microsoft sub-domains that are used to collect info from users using
their telemetry programs. By blocking those sub-domains, I can still
access the main Microsoft site including its updates sites.

Valid point. Sometimes sub-domain are used to deliver ad content.
Sometimes CDN (Content Delivery Network) providers are used, and they
are at a different domain. However, sometimes the ads are referenced by
using a path argument in the URL, like host.domain.tld/...?ad=<adsrc>,
and blocking on host.domain.tld would eliminate getting any content from host.domain.tld.

In addition, ad sources can use multiple hostnames. As I recall,
Doubleclick had about 140, or more, hosts listed in various blocklists.
Might be more now since that was many years ago when I checked. You
cannot block all hosts on a domain with a single entry in the hosts
file. That is, neither *.doubleclick.net nor doubleclick.net are
allowed in the hosts file. It is, after all, a list of hosts, not
domains. In contrast, a blocklist subscribed by an adblocker can
specify just a domain, or wildcards, or a set of hosts for a domain.

You cannot specify, for example, eliminating all those nuisancesome
cookie notices at sites warning you that they're using cookies (despite
you configured the web browser to purge all of them on its exit, and
they're worthless in in-private windows). From what I saw of the
EasyList Cookie Notices blocklist, those are all URL path filters, so
they are at the domain you want to visit, or they are cosmetic filters
which a hosts file will never cover. The same for widgets: you can
filter out the Facebook, pinterest, Twitter, and other widgets at both
the home sites or wherever else the widgets get used. Those are URL
path filters at the same domain you want to visit which cannot be
specified in a hosts file.

While Google has their malicious blocklist provided you leave the
SafeBrowsing feature enabled inside the web browser. The SafeBrowse
feature also tracks you: Google gets to see to where a page you loaded
points to external resources. Some paranoids will also disable
SafeBrowse in the web browser to avoid that method of tracking.
Adblockers can subscribe to malicious blocklists to either augment or
supplant Google's SafeBrowse blacklist. The subscribe blacklist gets downloaded and is local. Whomever compiled the blacklist doesn't get to provide the blocking, so they can't see to where you visited or what
resources a web page you loaded wanted to visit.

Google does the same and other ad agency do the same. They want these sub-domains to process clicks and so they can collect the IP addresses
for future bombardment of more similar ads to that particular IP
address. email addresses are not used often these days because they know users are getting smarter not to give them working email addresses. IP addresses in most countries these days are getting static. My IP has
remained the same for about 18 months and it doesn't change at all even
by rebooting the router and even stopping the router over the weekend.
This is with a cheap ISP in the UK so others must be doing the same. I
think governments around the world wants IP addresses to remain static
so that they can track down miscreants easily. We know many people have
been caught through Facebook, Twitter and other social sites so clearly
the authorities have got a way to track down people easily.

Even if you are assigned a dynamic IP address by your ISP's DHCP server,
often you keep the same IP address for a long time. When you delete the binding, like using "ipconfig /release all", restart your computer, or
however achieved, the new bind often gets back the prior IP address.
The ISP's DHCP server will reassign the same IP address if a new bind is
within some threshold in time.

All the DNS methods to block content won't work when IP addresses are
used. There is no hosts or DNS lookup when a URL is an IP address.
However, rare few sites use IP addreses. Most resources they want to
access in their web document would have to change when the doc was
delivered from a different IP address. That's why you might be able to
use an IP address to reach a web server when DNS fails, but the web page
you get will still have relative URL strings to the same domain or
absolute URL strings to external resources that are not IP addresses.
You might get the home page, but a lot of its content is not using IP addresses. You might get enough content to see a hyperlink to something
you want to view, but the hyperlink is a URL string, not an IP address.

Another point about using hosts is that it is handled as a text file.
Every DNS lookup that first looks in the hosts file (excluding use of
the local DNS caching client) results in opening the text file, and
parsing through it hunting for a match. Adblockers, on the other hand,
remove overlapping filters in multiply subscribed blocklists, compress
the resultant data, and load the binary database into memory for
instantaneous lookup without having to wade through all the other
entries. The same reason why thousands of .ini files were moved into a registry database that gets loading into memory on Windows startup. If
there were several hundred resources in a web doc (not an unusual count)
then it takes several hundred file opens of the hosts file to parse
through it line by line hunting for a substring match. That is a VERY
slow way to find records in a file versus finding them in a binary
database that has been loaded into memory. I remember doing a
performance test several years ago what the difference would be. Using
a hosts file was 17 ms slower per resource lookup in a web page using
linear reading of a file open and parsing of the hosts file versus using
a lookup from a memory copy of a database which directly accesses a
record. Doesn't sound like a significant delay, but then multiple the
delay by EVERY resource in a web page whether at the same or different
domain. A hosts file is slow with file I/O versus a record lookup from
a database in memory. Adblocker authors have spent years tweaking the performance of their products to make them super fast, so Google's
argument that Manifest v3 will eliminate slowdown by using adblockers is disguised misinformation. Not having to retrieve the superfluous and
unwanted content speeds up a web doc load far more than reducing a
memory database from 300K entries to 30K.

For me, if the subscribe-able blocklists that get loaded compressed into
memory were insufficient to get rid of specific content that I don't
want to see, yeah, a hosts file could be added. However, building your
own hosts file takes time, and expertise to delve into what resources
you want to block in web docs from a particular site. The file I/O for
each local DNS lookup (other than in DNS client cache) wouldn't be
significant for your own built hosts file consisting of a few dozen or
couple hundred entries, but using a hosts file is like riding a bicycle
with the brakes partically applied: the DNS lookup using hosts is slow.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

Newyana2 <newyana@invalid.nospam> wrote:

VanguardLH wrote:

hosts file breaks EVERY site listed in it. The entire host (site) is
blocked, not just ad or other unwanted content at a site.

Yes. That's the whole point. UBO is great for people who
want to feel like they're doing something but don't want
any hassles. It won't block all the ads and trackers because
that would break too many sites.

I know you love to argue about this. You're free to use UBO.
I use a HOSTS file with wildcards in order to cleanly and simply
block sleaze.

The syntax of the hosts file does not support wildcards nor regex. An
entry of *.domain.tld is NOT allowed (it will be ignored).

Considering the names of the newsgroups to which this subthread is
addressed (Windows), perhaps a hosts file on Linux permits wildcards,
but not on Windows.

The hosts file was originally intended to provide local DNS lookups for intranetwork hosts (those within your own network) for a few dozen
hosts, not for thousands of hosts. The syntax never supported
wildcards. You can't even specify just a domain, like doubleclick.net,
but have to include a hostname, like ads.doubleclick.net. An entry for doubleclick.net is not applied for a lookup on ads.doubleclick.net.

Perhaps you are using a local server, like Acrylic, as a local DNS
proxy, or perhaps a firewall that lets you define URL blocks, but that
becomes a separate issue of how to overcome the severe limitations of
the Windows hosts file.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On 7/4/2024 5:40 PM, Nescoban@pamora.com wrote:

Why don't you post a copy of your host flle for us? That would be
very

I'll try to post mine. I don't know whether it fits in a newsgroup
post. We'll see. I use Acrylic DNS proxy, which has its own hosts
file that allows wildcards, which allows for a much more compact
HOSTS.

Occasionally I'll download a webpage and parse it through a
VBS file to extract domains. From that list I sometimes add items.
But the vast ajority of the spying and ads comes from just a
few sites.

127.0.0.1 localhost

#firefox
#127.0.0.1 *.mozilla.org
127.0.0.1 *.mozilla.com
127.0.0.1 *.mozilla.net
127.0.0.1 *.noscript.net
127.0.0.1 *.filezilla-project.org
127.0.0.1 *.winscp.net

127.0.0.1 *.adspirit.de
127.0.0.1 *.adnxs.com
127.0.0.1 *.atdmt.com
127.0.0.1 *.akamai.net
127.0.0.1 *.akamaiedge.net
127.0.0.1 *.akamai.com
127.0.0.1 *.akamaitechnologies.com
127.0.0.1 *.static.akamaitechnologies.com
#127.0.0.1 *.amazonaws.com
127.0.0.1 *.amazon-adsystem.com

# spyware: mc.corel.com
127.0.0.1 *.corel.com
127.0.0.1 *.edgesuite.net
127.0.0.1 *.edgekey.net
127.0.0.1 *.valueclick.com
127.0.0.1 *.statcounter.com
127.0.0.1 *.addthis.com
127.0.0.1 *.ensighten.com
127.0.0.1 *.rubiconproject.com
127.0.0.1 *.everesttech.net
127.0.0.1 *.nr-data.net
127.0.0.1 *.newrelic.com

#adobe fonts:
127.0.0.1 *.typekit.net

#analytics:
127.0.0.1 *.thetab.com
127.0.0.1 *.simpleanalytics.io
127.0.0.1 *.usefathom.com
127.0.0.1 *.matomo.org
# google
127.0.0.1 *.googleusercontent.com
127.0.0.1 *.googlesyndication.com
127.0.0.1 *.googleadservices.com
127.0.0.1 *.googlecommerce.com
127.0.0.1 *.1e100.com
127.0.0.1 *.1e100.net
127.0.0.1 *.doubleclick.net
127.0.0.1 *.doubleclick.com
127.0.0.1 *.googletagservices.com
127.0.0.1 *.googletagmanager.com
127.0.0.1 *.google-analytics.com
127.0.0.1 google-analytics.com
127.0.0.1 fonts.googleapis.com
127.0.0.1 *.2mdn.net
127.0.0.1 googleadapis.l.google.com
#127.0.0.1 *.gstatic.com
127.0.0.1 plusone.google.com
127.0.0.1 cse.google.com
127.0.0.1 www.google.com/cse
127.0.0.1 www.youtube-nocookie.com
127.0.0.1 *.appspot.com
127.0.0.1 accounts.google.com
127.0.0.1 www.google.com/recaptcha/
127.0.0.1 accounts.google.com
127.0.0.1 static.google.com
#end google
#
# weird firefox:
127.0.0.1 www.peoplesearchaffiliates.com
127.0.0.1 affiliates.phonedetective.com
127.0.0.1 *.302br.net

# hijack ad redirects
127.0.0.1 *.taboola.com
#

# page surveillance
127.0.0.1 *.fullstory.com
127.0.0.1 *.inspectlet.com
#
# microsoft test?
127.0.0.1 *.msftncsi.com
127.0.0.1 *.iron-start.com
127.0.0.1 *.effectivemeasure.net
127.0.0.1 *.turn.com
127.0.0.1 *.turn-jp.com
# needed for maps: 127.0.0.1 *.googleapis.com

# mozilla extension homepages:
127.0.0.1 www.downloadhelper.net
#127.0.0.1 forums.mozillazine.org
127.0.0.1 www.dephormation.org.uk
127.0.0.1 *.flattr.com
127.0.0.1 *.cleverbridge.com
127.0.0.1 realityripple.com
# newrelic tracking:
127.0.0.1 *.newrelic.com
127.0.0.1 *.nr-data.net
127.0.0.1 *.realmedia.com
127.0.0.1 *.247realmedia.com
127.0.0.1 *.realtracker.com
127.0.0.1 *.valueclick.com
127.0.0.1 *.valueclick.net
127.0.0.1 *.vresp.com
127.0.0.1 *.preferences.com
127.0.0.1 *.krxd.net
127.0.0.1 *.criteo.com
127.0.0.1 *.owneriq.com
127.0.0.1 *.coremetrics.com
127.0.0.1 *.richrelevance.com
127.0.0.1 *.mybuys.com
#flash video downloader
127.0.0.1 *.flashvideodownloader.org
127.0.0.1 *.fvdconverter.com
#facebook
127.0.0.1 *.fbcdn.net
127.0.0.1 *.facebook.net
127.0.0.1 *.facebook.com
127.0.0.1 *.fb.com
127.0.0.1 *.fbsbx.com
127.0.0.1 *.fbcdn.com
127.0.0.1 *.m.me
127.0.0.1 *.messenger.com
127.0.0.1 *.instagram.com
127.0.0.1 *.tfbnw.net
127.0.0.1 *.whatsapp.com
127.0.0.1 *.fb.me
127.0.0.1 *.ogp.me
# omniture
127.0.0.1 *.omniture.com
127.0.0.1 *.2o7.net
#A
127.0.0.1 ad.aboutwebservices.com
127.0.0.1 *.ad-up.com
127.0.0.1 *.adbot.com
127.0.0.1 *.adbrite.com
127.0.0.1 *.admedo.com
127.0.0.1 *.adobedtm.com
127.0.0.1 adsfac.net
127.0.0.1 z1.adserver.com
127.0.0.1 adserver.adtech.de
127.0.0.1 *.adsonar.com
127.0.0.1 *.advertising.com
127.0.0.1 *.adsmart.net
127.0.0.1 *.alexa.com
127.0.0.1 aolsvc.aol.com
127.0.0.1 *.atwola.com
127.0.0.1 avantgo.com
127.0.0.1 *.adnxs.com
#B
127.0.0.1 *.bannerswap.com
127.0.0.1 adserver1.backbeatmedia.com
127.0.0.1 s0b.bluestreak.com
127.0.0.1 *.burstnet.com
#btstatic - webutation company
127.0.0.1 *.btstatic.com
127.0.0.1 *.blogads.com
127.0.0.1 *.boldchat.com
127.0.0.1 ssc.api.bbc.com
127.0.0.1 api.bbc.com
127.0.0.1 *.servedby-buysellads.com
# needed for payments 127.0.0.1 *.stripe.com

#C
127.0.0.1 *.campanja.com
127.0.0.1 *.casalemedia.com
127.0.0.1 mds.centrport.net
127.0.0.1 *.clicktrade.com
127.0.0.1 *.clickbank.net
#D
127.0.0.1 kcncimg.dayport.com
127.0.0.1 *.dealtime.com
127.0.0.1 *.did-it.com
127.0.0.1 cache.directorym.com
127.0.0.1 *.doubleverify.com
#EF
127.0.0.1 images.ed4.net
127.0.0.1 *.eimg.net
127.0.0.1 ads.enliven.com
127.0.0.1 ads2.exhedra.com
127.0.0.1 www.w3exit.com
127.0.0.1 extreme-dm.com
127.0.0.1 nht-2.extreme-dm.com
127.0.0.1 a.as-eu.falkag.net
127.0.0.1 sel.as-eu.falkag.net
127.0.0.1 *.fastclick.net
127.0.0.1 *.flycast.com
#GH
127.0.0.1 *.go.com
127.0.0.1 *.hat.net
127.0.0.1 *.hat.com
127.0.0.1 *.heapanalytics.com
127.0.0.1 *.hitbox.com
#IJ
127.0.0.1 *.indexww.com
127.0.0.1 stats.surfaid.ihost.com
127.0.0.1 *.imrworldwide.com
127.0.0.1 campaign.indieclick.com
127.0.0.1 *.industrybrains.com
127.0.0.1 *.inetinteractive.com
127.0.0.1 images.infoworld.com
127.0.0.1 invite.insightexpress.com
127.0.0.1 tribal.us.intellitxt.com
127.0.0.1 *.internetextra.com
127.0.0.1 www.4jobs.com
#KL
127.0.0.1 *.kanoodle.com
127.0.0.1 *.krxd.net
127.0.0.1 *.linkexchange.com
127.0.0.1 *.link4ads.com
127.0.0.1 *.linksynergy.com
127.0.0.1 c.live.com
127.0.0.1 sales.liveperson.net
127.0.0.1 *.lygo.com
127.0.0.1 *.lycos.com
127.0.0.1 *.lightboxcdn.com
#MNO
127.0.0.1 *.mads.com
127.0.0.1 *.mediaplex.com
127.0.0.1 *.mediavoice.com
127.0.0.1 c.microsoft.com
127.0.0.1 bam.nr-data.net
127.0.0.1 *.marketo.net
127.0.0.1 *.moatads.net
127.0.0.1 *.nr-data.net
127.0.0.1 servedby.netshelter.net
127.0.0.1 *.online-metrix.net
127.0.0.1 *.osdn.com
127.0.0.1 genweb.ostg.com
127.0.0.1 *.optnmnstr.com
127.0.0.1 *.optinmonster.com
127.0.0.1 *.openx.net

# Microsoft
# MS Tracking

127.0.0.1 *.msn.com
127.0.0.1 *.msads.net
127.0.0.1 *.a-msedge.net
127.0.0.1 *.adnexus.net
127.0.0.1 *.adnxs.com
127.0.0.1 *.msecnd.net
127.0.0.1 bingads.microsoft.com
127.0.0.1 *.msecn.net
127.0.0.1 choice.microsoft.com
127.0.0.1 *.cloudapp.net
127.0.0.1 df.telemetry.microsoft.com
127.0.0.1 diagnostics.support.microsoft.com
127.0.0.1 fe2.update.microsoft.com.akadns.net
127.0.0.1 feedback.microsoft-hohm.com
127.0.0.1 feedback.search.microsoft.com
127.0.0.1 feedback.windows.com
127.0.0.1 i1.services.social.microsoft.com
127.0.0.1 i1.services.social.microsoft.com.nsatc.net
127.0.0.1 msedge.net
127.0.0.1 msftncsi.com
127.0.0.1 oca.telemetry.microsoft.com
127.0.0.1 oca.telemetry.microsoft.com.nsatc.net
127.0.0.1 pre.footprintpredict.com
127.0.0.1 rad.live.com
127.0.0.1 reports.wes.df.telemetry.microsoft.com
127.0.0.1 s.gateway.messenger.live.com
127.0.0.1 schemas.microsoft.akadns.net
127.0.0.1 settings-sandbox.data.microsoft.com
127.0.0.1 settings-win.data.microsoft.com
127.0.0.1 sls.update.microsoft.com.akadns.net
127.0.0.1 sqm.df.telemetry.microsoft.com
127.0.0.1 sqm.telemetry.microsoft.com
127.0.0.1 sqm.telemetry.microsoft.com.nsatc.net
127.0.0.1 telecommand.telemetry.microsoft.com
127.0.0.1 telecommand.telemetry.microsoft.com.nsatc.net
127.0.0.1 telemetry.appex.bing.net
127.0.0.1 telemetry.microsoft.com
127.0.0.1 telemetry.urs.microsoft.com
127.0.0.1 vortex-win.data.microsoft.com
127.0.0.1 watson.live.com
127.0.0.1 watson.microsoft.com
127.0.0.1 watson.ppe.telemetry.microsoft.com
127.0.0.1 watson.telemetry.microsoft.com
127.0.0.1 watson.telemetry.microsoft.com.nsatc.net
127.0.0.1 wes.df.telemetry.microsoft.com

#PQR
127.0.0.1 *.pointroll.com
127.0.0.1 popinads.com
127.0.0.1 amch.questionmarket.com
127.0.0.1 ads.realcities.com
127.0.0.1 *.revsci.net
127.0.0.1 *.quantserve.com
127.0.0.1 *.quantcount.com
127.0.0.1 *.quantcast.com
127.0.0.1 revenuescience.com
127.0.0.1 *.rmxads.com
127.0.0.1 track.roiservice.com
127.0.0.1 *.ru4.com
127.0.0.1 www17.searchresults.rcn.com
127.0.0.1 *.rfihub.com
#S
127.0.0.1 *.scorecardresearch.com
127.0.0.1 *.serving-sys.com
127.0.0.1 download-search.search.com
127.0.0.1 *.shopping.com
127.0.0.1 *.servebom.com
127.0.0.1 *.sitemeter.com
127.0.0.1 *.smartclicks.net
127.0.0.1 *.smarttargetting.com
127.0.0.1 *.smarttargetting.net
127.0.0.1 spin.spinbox.net
127.0.0.1 Adsatt.ABCNews.starwave.com
127.0.0.1 *.superstats.com
127.0.0.1 soundcloud-downloader.technowise.in
#T
127.0.0.1 banner.techarp.com
127.0.0.1 adremote.timeinc.net
127.0.0.1 img.tradepub.com
127.0.0.1 a.tribalfusion.com
127.0.0.1 adserver.trb.com
127.0.0.1 tv.trb.com
127.0.0.1 ads.tripod.com

#UVW
127.0.0.1 cache.unicast.com
127.0.0.1 *.valuead.com
127.0.0.1 *.valueclick.com
127.0.0.1 *.valueclick.net
127.0.0.1 *.viacomlocalnetworks.com
127.0.0.1 *.watchstitch.com
127.0.0.1 *.webtrendslive.com
127.0.0.1 *.webtrends.com
127.0.0.1 *.whatsnextnow.com
127.0.0.1 blob.windows.com
# tracking beacon URL when visiting wikipedia
127.0.0.1 login.wikimedia.org
#XYZ
127.0.0.1 ads.yahoo.com
127.0.0.1 ad.yieldmanager.com
127.0.0.1 *.yimg.com
127.0.0.1 ads.x10.com
127.0.0.1 www.zdmcirc.com
127.0.0.1 ads.xtra.co.nz
127.0.0.1 c1.zedo.com
127.0.0.1 oasis.zmh.zope.com
127.0.0.1 ads.zap2it.com
127.0.0.1 feedproxy.google.com
127.0.0.1 plus.google.com
127.0.0.1 cdn.optimizely.com
127.0.0.1 *.eventbrite.com
127.0.0.1 www.buyads.com
127.0.0.1 d.adsbyisocket.com
127.0.0.1 www.tuaw.com
127.0.0.1 cdn.insights.gravity.com
127.0.0.1 clicktale.pantherssl.com
127.0.0.1 *.clicktale.net
127.0.0.1 clicktalecdn.sslcs.cdngc.net
127.0.0.1 cdn.clicktale.net
127.0.0.1 *.atdmt.com
127.0.0.1 ssl.palmcoastd.com
127.0.0.1 www.edgecast.com
127.0.0.1 *.chartbeat.com
127.0.0.1 bs.serving-sys.com
127.0.0.1 pixel.tapad.com
127.0.0.1 www.nytimes.whsites.net
127.0.0.1 js.moatads.com
127.0.0.1 icompass.insightexpressai.com
127.0.0.1 www.bankrate.com
127.0.0.1 www.surveymonkey.com
127.0.0.1 www.bkrtx.com
127.0.0.1 s.uicdn.com
#127.0.0.1 code.jquery.com
127.0.0.1 www.mongodb.org
127.0.0.1 ycharts.com
127.0.0.1 *.247media.com
127.0.0.1 tcr.tynt.com
127.0.0.1 html5shim.googlecode.com
127.0.0.1 tcr.tynt.com
127.0.0.1 cdn.onswipe.com
127.0.0.1 widgets.outbrain.com
127.0.0.1 www.blogads.com
127.0.0.1 widgets.digg.com
127.0.0.1 me-cdn.effectivemeasure.net
127.0.0.1 activex.microsoft.com
127.0.0.1 codecs.microsoft.com
127.0.0.1 www.zergnet.com
127.0.0.1 static.getclicky.com
127.0.0.1 in.getclicky.com
127.0.0.1 www.ashastd.org
# 127.0.0.1 twitter.com
127.0.0.1 www.omniture.com
127.0.0.1 yoast.com
127.0.0.1 thirddoormedia.com
127.0.0.1 static.chartbeat.com
127.0.0.1 pixel.quantserve.com
127.0.0.1 munchkin.marketo.net
127.0.0.1 cdn.inspectlet.com
127.0.0.1 www.act-on.com
127.0.0.1 rocketfuel.com
127.0.0.1 www.optimizely.com
127.0.0.1 www.zendesk.com
127.0.0.1 www.desk.com
127.0.0.1 qualaroo.com
127.0.0.1 www.outbrain.com
127.0.0.1 www.reachforce.com
127.0.0.1 www.inspectlet.com
127.0.0.1 cdn.krxd.net
#127.0.0.1 i.imgur.com
127.0.0.1 stratechery.com
127.0.0.1 downloads.pagefair.com
127.0.0.1 adkengage.com
127.0.0.1 static.fmpub.net
127.0.0.1 *.cdn77.net
127.0.0.1 *.sharethrough.com
127.0.0.1 ads.pubsqrd.com
127.0.0.1 cdn.krxd.net
127.0.0.1 stratechery.com
127.0.0.1 downloads.pagefair.com
127.0.0.1 adkengage.com
127.0.0.1 static.fmpub.net
127.0.0.1 ads.pubsqrd.com
127.0.0.1 o.aolcdn.com
127.0.0.1 advertising.aol.com
127.0.0.1 adinfo.aol.com
127.0.0.1 *.grvcdn.com
127.0.0.1 img.deusm.com
127.0.0.1 static.adsnative.com
127.0.0.1 *.adroll.com
127.0.0.1 content.dl-rms.com
127.0.0.1 img.deusm.com
127.0.0.1 static.adsnative.com
127.0.0.1 s.adroll.com
127.0.0.1 a.adroll.com
127.0.0.1 content.dl-rms.com
127.0.0.1 www.uclick.com
127.0.0.1 me.effectivemeasure.net
127.0.0.1 amplifypixel.outbrain.com
127.0.0.1 tag.crsspxl.com
127.0.0.1 *.rpxnow.com
127.0.0.1 cdn-social.janrain.com
127.0.0.1 www.mailvelope.com
127.0.0.1 consent-st.truste.com
127.0.0.1 ml314.com
127.0.0.1 analytics.slashdotmedia.com
127.0.0.1 d1o5u7ifbz3swt.cloudfront.net
127.0.0.1 ads.pro-market.net
127.0.0.1 s0.2mdn.net
127.0.0.1 cdn.doubleverify.com
127.0.0.1 cdn.springserve.com
127.0.0.1 cdn.revcontent.com
127.0.0.1 c.betrad.com
127.0.0.1 *.avature.net
127.0.0.1 c.evidon.com
127.0.0.1 *.sonobi.com
127.0.0.1 *.indexww.com
127.0.0.1 x.bidswitch.net
127.0.0.1 static.criteo.net
127.0.0.1 ib.adnxs.com
127.0.0.1 aax.amazon-adsystem.com
127.0.0.1 bidder.criteo.com
127.0.0.1 ads.pubmatic.com
127.0.0.1 gads.pubmatic.com
127.0.0.1 *.switchadhub.com

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

Using <news:v67ltn$348ol$1@dont-email.me>, Newyana2 wrote:

I use Acrylic DNS proxy, which has its own hosts
file that allows wildcards, which allows for a much more compact
HOSTS.

I found these long ago, and I don't remember which one I put into
my HOSTS file, but it works well for me even as I haven't maintained
it in years (they're in the header of my current HOSTS file).

# HOSTS
# https://pgl.yoyo.org/adservers/
# https://winhelp2002.mvps.org/hosts.txt
# https://github.com/AdguardTeam/AdguardSDNSFilter
# https://raw.gitbugusercontent.com/StevenBlack/hosts/master/hosts
# https://github.com/Ultimate-Hosts-Blacklist/Ultimate.Hosts.Blacklist
# https://raw.githubusercontent.com/AdguardTeam/FiltersRegistry/master/filters/filter_15_DnsFilter/filter.txt
# Acrylic
# https://www.majorgeeks.com/files/details/acrylic_dns_proxy.html
# Unbound
# https://nlnetlabs.nl/projects/unbound/download/
# https://github.com/NLnetLabs/unbound

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

david wrote:

I found these long ago, and I don't remember which one I put into my
HOSTS file, but it works well for me even as I haven't maintained it in
years (they're in the header of my current HOSTS file).

# HOSTS
# https://pgl.yoyo.org/adservers/

[etc]

so you might add a dozen advert blocking entries per day, but I bet
someone deploys hundreds of advert serving hosts per day ...

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On 7/5/2024 2:22 AM, ...winston wrote:

Hmm...
:) If you keep adding to that file, it will soon be(or already is)
larger than Windows Defender and Smart Screen definition file(s).

They track all known malicious sites with just a few lines?
That's impressive. I don't enable spyware "ninny nannies" in
either Windows or Firefox, so I haven't paid much attention to it.

My HOSTS is 400+ lines. If you look around at available HOSTS
files you'll find that most are far bigger and not "curated". Though
even very big ones don't seem to be a problem. To search for "ads.doubleclick.com" in even 30,000 lines probably takes less than
1 ms. Anything up to 250 ms is perceived as instant in my experience.
And when something is in HOSTS it saves a DNS call. It also blocks
the loading of that content. So even a very bloated HOSTS should
be speeding things up.

Anyone who has any kind of problems with browser speed should
be looking at blocking more script. I've seen popular websites that
download literally dozens of js and css files. A webpage loading
15-20 MB of crap is not unusual. That's 10 times the size of the
IrfanView program!

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On 7/4/2024 11:21 PM, david wrote:

Using <news:v67ltn$348ol$1@dont-email.me>, Newyana2 wrote:

I use Acrylic DNS proxy, which has its own hosts
file that allows wildcards, which allows for a much more compact
HOSTS.

I found these long ago, and I don't remember which one I put into my
HOSTS file, but it works well for me even as I haven't maintained it in
years (they're in the header of my current HOSTS file).

# HOSTS
# https://pgl.yoyo.org/adservers/
# https://winhelp2002.mvps.org/hosts.txt
# https://github.com/AdguardTeam/AdguardSDNSFilter
# https://raw.gitbugusercontent.com/StevenBlack/hosts/master/hosts
# https://github.com/Ultimate-Hosts-Blacklist/Ultimate.Hosts.Blacklist
# https://raw.githubusercontent.com/AdguardTeam/FiltersRegistry/master/filters/filter_15_DnsFilter/filter.txt

# Acrylic
# https://www.majorgeeks.com/files/details/acrylic_dns_proxy.html
# Unbound
# https://nlnetlabs.nl/projects/unbound/download/
# https://github.com/NLnetLabs/unbound

The big offenders are fairly small in number, though the
data collecting companies seem to be increasing. I used
Unbound on XP, but it was difficult to set up and overkill
for basic DNS. I use Acrylic now. Since Acrylic can use
wildcards it simplifies things. You don't need ads1.doubleclick.com, ads2.doubleclick.com, and so on. You just use
*.doubleclick.com to cover all of them.

String searches are extremely fast, so a bloated HOSTS
file isn't really a problem, but I've found that those public
HOSTS files tend to be stuffed with a a lot of junk and
multiple domain entries. Things like www.edssportinggoods.co.uk
or fr.doubleclick.com.

As long as your HOSTS works then that's what matters. But
if you care about privacy then NoScript is also important. A lot
of spying is happening now with 3rd-party script. It's way out
of control. A security risk as well as a privacy risk.

Most people don't want to deal with the hassle of NoScript
so they get something like UBlock Origin and hope for the best.
But if you don't block script by default then you have to accept
that "everyone and his brother" is going to be running executable
code on your computer. The Internet is gradually transforming
from webpages to software programs, like cellphone apps, built
of obfuscated javascript, downloading to your browser without
asking.

Some websites even define it that way. I increasing find that I
load a website only to see one line of text: "This app requires
javascript". What app? What am I signing up for? Who's behind
it? They don't have the courtesy to explain that and provide
options. They just expect the visitor to submit.

I saw a site recently that was interesting. The source code is
very complex, auto-generated. Yet the pages all work perfectly
without script. Beautifully done. It was the Proton website. Maybe
not an accident, as Tim Berners-Lee is involved with Proton.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

Newyana2 wrote:

Anyone who has any kind of problems with browser speed should
be looking at blocking more script. I've seen popular websites that
download literally dozens of js and css files. A webpage loading
15-20 MB of crap is not unusual.

I used to use ABP then later uBlock and a couple of filter lists, but
found it was breaking more and more websites, s I switched to ghostery.
I have a bit of a nagging feeling it's not necessarily s strict, but
most it doesn't break stuff, i have started using my personal element
hiding rules in uBlock again, literally only a handful of rules.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On 7/5/2024 8:01 AM, Andy Burns wrote:

Newyana2 wrote:

Anyone who has any kind of problems with browser speed should
be looking at blocking more script. I've seen popular websites that
download literally dozens of js and css files. A webpage loading
15-20 MB of crap is not unusual.

I used to use ABP then later uBlock and a couple of filter lists, but
found it was breaking more and more websites, s I switched to ghostery.
I have a bit of a nagging feeling it's not necessarily s strict, but
most it doesn't break stuff, i have started using my personal element
hiding rules in uBlock again, literally only a handful of rules.

I'm afraid there's no easy solution. At one time an adblocker just
had to oversee the loading of images. Today it's so much more
complicated. And websites are craftily designed to malfunction
if you don't load their ads and allow their spying.

I've found that blocking script is sometimes actually helpful in that respect. Many sites work fine without script that might not work
fine with an adblocker, because they're using script to test whether
you have an adblocker. :)

I expect it will only get worse as commercial entities like newspaper
and magazine companies, dept stores, etc, come up with more tricks
to maximize data collection and break their own websites when visitors
can't be tracked and accosted with ads. It's quickly becoming all ads
and no content. The ones that really surprise me are sites like Lowes
or Target. Their website IS an ad. Yet they won't let me see it unless
I allow script tracking by literally dozens of unrelated companies.

Another typical example is NYTimes. For a long time I found the site perfectly readable with script disabled. Their login prompt required
script.
More recently they started hiding and obfuscating the actual article text within blocks of json. Most recently they've been putting a paragraph
on the page with a link to subscribe. The article itself is not actually contained in the webpage. So it's a public version, which is essentially
all just one big ad now, and a private version where they have articles.

The solution that appeals to a lot of people is the appearance of
blocking ads and spying but without hassles. That's what UBO does.
There was a great example of that many years ago. I had the AtGuard
firewall on Win98. It was way ahead of its time and also had an
adblocker. The developers licensed it to Symantec. Symantec worked
their usual magic. They crippled the program, doubled the price, and
advertised it like hell. I think they called it something like Norton
Internet Security. They gave it mass appeal by whitelisting over 700
domains. So in most cases, the firewall was doing nothing and thus
appeared to work smoothly. (NoScript has been starting to do a similar
thing, whitelisting a lot of crap by default.)

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On Fri, 05 Jul 2024 06:27:18 -0500, Newyana2 <newyana@invalid.nospam> wrote:

On 7/4/2024 11:21 PM, david wrote:

Using <news:v67ltn$348ol$1@dont-email.me>, Newyana2 wrote:

I use Acrylic DNS proxy, which has its own hosts
file that allows wildcards, which allows for a much more compact
HOSTS.

I found these long ago, and I don't remember which one I put into my
HOSTS file, but it works well for me even as I haven't maintained it in
years (they're in the header of my current HOSTS file).

# HOSTS
# https://pgl.yoyo.org/adservers/
# https://winhelp2002.mvps.org/hosts.txt
# https://github.com/AdguardTeam/AdguardSDNSFilter
# https://raw.gitbugusercontent.com/StevenBlack/hosts/master/hosts
# https://github.com/Ultimate-Hosts-Blacklist/Ultimate.Hosts.Blacklist
#
https://raw.githubusercontent.com/AdguardTeam/FiltersRegistry/master/filters/filter_15_DnsFilter/filter.txt

# Acrylic
# https://www.majorgeeks.com/files/details/acrylic_dns_proxy.html
# Unbound
# https://nlnetlabs.nl/projects/unbound/download/
# https://github.com/NLnetLabs/unbound

The big offenders are fairly small in number, though the
data collecting companies seem to be increasing. I used
Unbound on XP, but it was difficult to set up and overkill
for basic DNS. I use Acrylic now. Since Acrylic can use
wildcards it simplifies things. You don't need ads1.doubleclick.com, ads2.doubleclick.com, and so on. You just use
*.doubleclick.com to cover all of them.

I used a similar program with Windows XP years ago called eDexter.
I think I'll give Acrylic a try.

String searches are extremely fast, so a bloated HOSTS
file isn't really a problem, but I've found that those public
HOSTS files tend to be stuffed with a a lot of junk and
multiple domain entries. Things like www.edssportinggoods.co.uk
or fr.doubleclick.com.

As long as your HOSTS works then that's what matters. But
if you care about privacy then NoScript is also important. A lot
of spying is happening now with 3rd-party script. It's way out
of control. A security risk as well as a privacy risk.

Most people don't want to deal with the hassle of NoScript
so they get something like UBlock Origin and hope for the best.
But if you don't block script by default then you have to accept
that "everyone and his brother" is going to be running executable
code on your computer. The Internet is gradually transforming
from webpages to software programs, like cellphone apps, built
of obfuscated javascript, downloading to your browser without
asking.

I thought that NoScript was only for the Gecko-type browsers, but I saw today that's no longer true.
I'll give it a try as well.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On Thu, 4 Jul 2024 21:21:14 -0600, david wrote:

# https://winhelp2002.mvps.org/hosts.txt

Updated: March-06-2021

--
s|b

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On Fri, 5 Jul 2024 02:22:38 -0400, ...winston wrote:

Hmm...
:) If you keep adding to that file, it will soon be(or already is)
larger than Windows Defender and Smart Screen definition file(s).

You had to quote 482 lines just to add this?

--
s|b

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On Wed, 3 Jul 2024 21:46:42 -0600, david wrote:

Isn't the best place to block ads in the system itself, e.g., via
hosts-file configurations (of which there are many variations)?

I've got a RPi with Pi-Hole set up as DNS. I've turned off DNS over
HTTPS. Seems pretty effective (so far).

--
s|b

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On 7/5/2024 10:10 AM, s|b wrote:

On Fri, 5 Jul 2024 02:22:38 -0400, ...winston wrote:

Hmm...
:) If you keep adding to that file, it will soon be(or already is)
larger than Windows Defender and Smart Screen definition file(s).

You had to quote 482 lines just to add this?

I think the majority here are old school. Winston among them.
They started in the days when postings went underneath
existing posts. Like DOS console windows. One never edits
what's gone before. One just adds at the bottom. It's
similar to the way some people still can't get used to using
a mouse, 30+ years after GUI became standard.

When I first started with newsgroups I was top-posting,
just as I do with email. But then it turned out that roughly
half the people in newsgroups took that as a personal
attack.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On 7/4/2024 1:44 PM, Newyana2 wrote:

On 7/4/2024 11:13 AM, david wrote:

Using <news:v6621o$2og9s$1@dont-email.me>, Newyana2 wrote:

Maybe the bigger question is why
anyone using Chrome would imagine that they care about privacy.

Does the Ungoogled Chromium open source offering help in that regard?

  Good question. I have a copy of that , which I keep for testing webpage code and just in case something won't work in Firefox. I can't say
for sure whether it's completely clean of Google spyware.

  I once tried SRWare Iron, which was supposed to be a Google-free
Chrome browser. I installed and tested it without allowing it through my firewall. First it tried to call home without asking. When that failed it tried to call Google without asking. Yet their whole selling point was Google-free.

  I haven't had the stomach to test UngChrome. I just keep it around
and figure it's the best option for when I have to use Chromium.

Chromium is the FOSS version of the browser, and Chrome is the tracking-added version by Google.

People who make their own browsers, like MSEdge and SRWare Iron, they
likely start with Chromium code as their code base. I'm not aware of
Chrome (complete with tracking) is available as a source tarball. That would only get used for mischief, if it was available.

If a person calls their creation "UngChrome", that would just
be Chromium FOSS version. The name is meant to imply "I did some work",
when it's possible they did nothing at all (changed the branding string).

Very few organizations have the manpower to be beating browsers into
actual "unique" creations. Some will barely manage to add their
own tracking and promotional material to make a buck. It's not
like they have the mental powers to actually "clean" the browser
or reduce its footprint.

Like, I saw a mention recently, of an independent browser project
starting, and my initial gut reaction is "scam, for the GoFundMe".
There are shards of free browsers around (Konquerer), and if
an organization cannot keep one of those up to date, a
pack of hound dogs is not going to do any better. People
tire of ten hour days, trying to make stuff like that
work on most websites. Firefox at one time, had 400,000 files
in the tarball, and today, the tarball won't even compile
on its own. You need to build from Mercurial. Maybe you
end up with a copy of Rust too.

Messing with browsers is a daunting task. There are only
so many "good" developers to go around. And a smart
developer is going to stay away from a hell-hole like that.

Paul

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On 2024-07-05 18:45, Newyana2 wrote:

On 7/5/2024 10:10 AM, s|b wrote:

On Fri, 5 Jul 2024 02:22:38 -0400, ...winston wrote:

Hmm...
:) If you keep adding to that file, it will soon be(or already is)
larger than Windows Defender and Smart Screen definition file(s).

You had to quote 482 lines just to add this?

   I think the majority here are old school. Winston among them.
They started in the days when postings went underneath
existing posts. Like DOS console windows. One never edits
what's gone before. One just adds at the bottom. It's
similar to the way some people still can't get used to using
a mouse, 30+ years after GUI became standard.

No.

Old school was to trim the quoted section to a minimum, because sending
big posts was expensive.

 When I first started with newsgroups I was top-posting,
just as I do with email. But then it turned out that roughly
half the people in newsgroups took that as a personal
attack.

Kind of.

--
Cheers,
Carlos E.R.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

Why don't you post a copy of your host flle for us?

I'll try to post mine. I don't know whether it fits in a newsgroup
post

Good to see that your HOSTS file pasted to the newsgroup without issue.
But you can always paste up to 0.5MB text to pastebin.com to create an
active link (for your specified duration) without registration.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On 7/5/2024 4:06 PM, kelown wrote:

Why don't you post a copy of your host flle for us?

I'll try to post mine. I don't know whether it fits in a newsgroup
post

Good to see that your HOSTS file pasted to the newsgroup without issue.
But you can always paste up to 0.5MB text to pastebin.com to create an
active link (for your specified duration) without registration.

Thanks. I didn't know about that.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On 7/5/2024 2:36 PM, Paul wrote:

Chromium is the FOSS version of the browser, and Chrome is the tracking-added version by Google.

People who make their own browsers, like MSEdge and SRWare Iron, they
likely start with Chromium code as their code base. I'm not aware of
Chrome (complete with tracking) is available as a source tarball. That would only get used for mischief, if it was available.

If a person calls their creation "UngChrome", that would just
be Chromium FOSS version. The name is meant to imply "I did some work",
when it's possible they did nothing at all (changed the branding string).

They make a compelling case that they're actually cleaning
out all vestiges of sleaze. I don't know, but I figure it's the
best bet for when I need Chrom*.

https://en.wikipedia.org/wiki/Ungoogled-chromium

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

Newyana2 <newyana@invalid.nospam> wrote:

Paul wrote:

Chromium is the FOSS version of the browser, and Chrome is the tracking-added
version by Google.

They make a compelling case that they're actually cleaning out all
vestiges of sleaze. I don't know, but I figure it's the best bet for
when I need Chrom*.

https://en.wikipedia.org/wiki/Ungoogled-chromium

Chrome is Chromium with proprietary code added by Google. So, why not
just use Chromium? Maybe tis due to you have to compile Chromium while
someone else did the compiling for you for UnGoogled Chromium, but that
seems they just compiled Chromium for you.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On 2024-07-06 00:51, VanguardLH wrote:

Newyana2 <newyana@invalid.nospam> wrote:

Paul wrote:

Chromium is the FOSS version of the browser, and Chrome is the tracking-added
version by Google.

They make a compelling case that they're actually cleaning out all
vestiges of sleaze. I don't know, but I figure it's the best bet for
when I need Chrom*.

https://en.wikipedia.org/wiki/Ungoogled-chromium

Chrome is Chromium with proprietary code added by Google. So, why not
just use Chromium? Maybe tis due to you have to compile Chromium while someone else did the compiling for you for UnGoogled Chromium, but that
seems they just compiled Chromium for you.

Chrome is the original by Google. Chromium is the community version,
derived from Chrome. Not that Chrome has parts added by Google.


--
Cheers,
Carlos E.R.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On 7/5/2024 6:51 PM, VanguardLH wrote:

Chrome is Chromium with proprietary code added by Google. So, why not
just use Chromium? Maybe tis due to you have to compile Chromium while someone else did the compiling for you for UnGoogled Chromium, but that
seems they just compiled Chromium for you.

Google makes Chromium, which can be had compiled. From
that base they make Chrome. The problem, as I understand it, is
that Google have their hands deep into the Chromium code.
See the link to Wikipedia. The UngC people claim that they
compile Chrome themselves, specifically blocking the Google
sleaze.

I can't personally vouch for that, but getting UngC -- if one
must use Chrome -- seems the best option.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

Newyana2 <newyana@invalid.nospam> wrote:

VanguardLH wrote:

Chrome is Chromium with proprietary code added by Google. So, why not
just use Chromium? Maybe tis due to you have to compile Chromium while
someone else did the compiling for you for UnGoogled Chromium, but that
seems they just compiled Chromium for you.

Google makes Chromium, which can be had compiled. From that base they
make Chrome. The problem, as I understand it, is that Google have
their hands deep into the Chromium code. See the link to Wikipedia.
The UngC people claim that they compile Chrome themselves,
specifically blocking the Google sleaze.

I can't personally vouch for that, but getting UngC -- if one must
use Chrome -- seems the best option.

Chromium is open-source software, and is also a project started by
Google. It is unclear how much of the code changes are from Google and
how much is from the rest of the Chromium dev community. Back around
2016, there were hundreds of engineers working on Chromium, and 23
Googlers working on Chrome. However, Chromium also relies on other
large projects, like V8, Skia, and WebKit, so the size of the FOSS
community is even larger. Of course, since then the number of FOSS devs
and Googlers have probably changed. In comparison, Ungoogled Chromium
seems the work of 1 guy: Eloston. 6 other members are listed at https://github.com/orgs/ungoogled-software/people, but I didn't check
their involvement.

Chromium is open-sourced, and is why UnGoogled Chromium (not Ungoogled
Chrome), and other Chromium variants can exist. Does or can anyone make
a fork of Chrome since it has proprietary code? I got lost at https://developer.chrome.com/, and could not determine if the site was
for devs to create their own forks, or just on how to use Chrome with
the added proprietary code from Google.

Chromium is less secure than Chrome hence so is Ungoogled Chromium.
Ungoogled Chrome doesn't get many updates (infrequent security updates). Ungoogled Chrome has no built-in auto-update function.

https://ungoogled-software.github.io/ungoogled-chromium-wiki/faq

From https://github.com/ungoogled-software/ungoogled-chromium#readme, "ungoogled-chromium features tweaks to enhance privacy, control, and transparency. However, almost all of these features must be manually
activated or enabled." So I still have to perform tweaks to increase
privacy which are apparently the same tweaks I could do in Chromium, and perhaps Chrome?

"Force all pop-ups into tabs". Not sure that is convenient or helpful.
You could get confused about which tab showed a popup for which web doc
in which other tab. Chrome, by default, opens new tabs in the
background. There is no option, as in Firefox, to have new tabs get
focus. You have to install an add-on in Chrome to change tab behavior
for new tabs to get immediate focus.

Interesting tid bits about Ungoogled Chromium, like:
- UngChromium purges site data on exit. Firefox has the option, too,
but is not enabled by default. I use it in Firefox.
- No installing add-ons using the web store. Have to download the .crx
packages for a manual install. Or use an add-on (not at web store) to
check for updates. No auto-updates of add-ons unless you use the
update add-on. I'd rather have the web browser do its own updates,
and those of the add-ons, then rely on yet another author of an add-on
to just do updates.
- Google SafeBrowsing is disabled (which can track you), so you need an
adblocker to avoid malicious sites.
- Deliberate choice not to support Google account login, so no related
features, like sync between instances of the web browser.
- Google adds codecs to Chrome. Wonder where Ungoogled Chromium will
get them, and if as exhaustive a list.

A lot of the proprietary code added by Google in Chrome is for
convenience and security. A lot of users migrating to UngChromium might
find it takes more work then they expected.

Since Google has restricted depositing Manifest v2 add-ons to their web
store, and rolled out Manifest v3 last month, does Chromium hence
Ungoogled Chromium still support MV2, or are they going to get forced to
MV3 which severely impacts the robustness of adblockers? Mozilla says
they will continue both MV2 and MV3 support. I don't know if Google is
pushing MV3 into its Chromium project, or just in their proprietary code
added to Chrome. From some articles, apparently MV3 will get foisted
into Chromium hence into Chrome, and into its variants, like Ungoogled Chromium. This alone would deter me from ever spending time
experimenting with UnGoogled Chromium. If and when Mozilla drops MV2
support is when I'll again research for a replacement web browser.

https://github.com/ungoogled-software/ungoogled-chromium/issues/2623
which is considered a duplicate of: https://github.com/ungoogled-software/ungoogled-chromium/issues/662

Before I'd test Ungoogled Chromium, I'd probably read through the closed
and open issues (about 2000 of them) noted at:

https://github.com/ungoogled-software/ungoogled-chromium/issues/

In Firefox, you can disable many options regarding privacy. Even
Mozilla offers an article on how to eliminate a lot of the background connections:

https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections

Ungoogle Chromium is based on Chromium (i.e., sans proprietary code from Google, and tweaks to further de-Google the web browser). Someone here
said there is a pre-compiled version of Chromium for Windows. Where is
that?

https://chromium.googlesource.com/chromium/src/+/HEAD/docs/windows_build_instructions.md

Seems YOU do the build of Chromium to use it on your Windows platform.
I don't see a pre-compiled binary build of Ungoogle Chromium, either.
You can get the code, and you do the compile after getting all the libs.

https://github.com/ungoogled-software/ungoogled-chromium/releases/tag/126.0.6478.126-1
https://github.com/ungoogled-software/ungoogled-chromium/blob/master/README.md#downloads

"NOTE: These binaries are provided by anyone who are willing to build
and submit them. Because these binaries are not necessarily
reproducible, authenticity cannot be guaranteed; In other words, there
is always a non-zero probability that these binaries may have been
tampered with." So it's not the Ungoogled Chromium developer providing
the binaries. Some unknown provides them for you. Well, that's how
FOSS works.

Seems smarter and easier to move to Firefox (a known author) than spend
the effort on Ungoogled Chromium (where who compiled it for you is
unknown), or go to one of the Firefox variants, like Vivaldi if you
really feel compelled to modify the chrome (that's with a small "c"). I
could spend the time researching all the info at the UnGoogled Chromium
Github project, but I suspect I'd end up deciding to stick with Firefox.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On 05/07/2024 17:45, Newyana2 wrote:

On 7/5/2024 10:10 AM, s|b wrote:

On Fri, 5 Jul 2024 02:22:38 -0400, ...winston wrote:

Hmm...
:) If you keep adding to that file, it will soon be(or already is)
larger than Windows Defender and Smart Screen definition file(s).

You had to quote 482 lines just to add this?

   I think the majority here are old school. Winston among them.
They started in the days when postings went underneath
existing posts. Like DOS console windows. One never edits
what's gone before. One just adds at the bottom. It's
similar to the way some people still can't get used to using
a mouse, 30+ years after GUI became standard.

 When I first started with newsgroups I was top-posting,
just as I do with email. But then it turned out that roughly
half the people in newsgroups took that as a personal
attack.

I'll < snip > the original if I only want to reply to one line or one paragraph. To my mind that keeps it relevant for all the readers.


--
Regards
wasbit

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On 05/07/2024 15:06, s|b wrote:

On Wed, 3 Jul 2024 21:46:42 -0600, david wrote:

Isn't the best place to block ads in the system itself, e.g., via
hosts-file configurations (of which there are many variations)?

I've got a RPi with Pi-Hole set up as DNS. I've turned off DNS over
HTTPS. Seems pretty effective (so far).

Yep, I used Pi-Hole for a while using a Pi Zero W.
Didn't notice much difference when I failed to replace it after a
hardware shuffle but the wife did with her tablet


--
Regards
wasbit

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On 05/07/2024 19:36, Paul wrote:

On 7/4/2024 1:44 PM, Newyana2 wrote:

On 7/4/2024 11:13 AM, david wrote:

Using <news:v6621o$2og9s$1@dont-email.me>, Newyana2 wrote:

Maybe the bigger question is why
anyone using Chrome would imagine that they care about privacy.

Does the Ungoogled Chromium open source offering help in that regard?

  Good question. I have a copy of that , which I keep for testing webpage >> code and just in case something won't work in Firefox. I can't say
for sure whether it's completely clean of Google spyware.

  I once tried SRWare Iron, which was supposed to be a Google-free
Chrome browser. I installed and tested it without allowing it through my
firewall. First it tried to call home without asking. When that failed it
tried to call Google without asking. Yet their whole selling point was
Google-free.

  I haven't had the stomach to test UngChrome. I just keep it around
and figure it's the best option for when I have to use Chromium.

Chromium is the FOSS version of the browser, and Chrome is the tracking-added version by Google.

People who make their own browsers, like MSEdge and SRWare Iron, they
likely start with Chromium code as their code base. I'm not aware of
Chrome (complete with tracking) is available as a source tarball. That would only get used for mischief, if it was available.

If a person calls their creation "UngChrome", that would just
be Chromium FOSS version. The name is meant to imply "I did some work",
when it's possible they did nothing at all (changed the branding string).

Very few organizations have the manpower to be beating browsers into
actual "unique" creations. Some will barely manage to add their
own tracking and promotional material to make a buck. It's not
like they have the mental powers to actually "clean" the browser
or reduce its footprint.

Like, I saw a mention recently, of an independent browser project
starting, and my initial gut reaction is "scam, for the GoFundMe".
There are shards of free browsers around (Konquerer), and if
an organization cannot keep one of those up to date, a
pack of hound dogs is not going to do any better. People
tire of ten hour days, trying to make stuff like that
work on most websites. Firefox at one time, had 400,000 files
in the tarball, and today, the tarball won't even compile
on its own. You need to build from Mercurial. Maybe you
end up with a copy of Rust too.

Messing with browsers is a daunting task. There are only
so many "good" developers to go around. And a smart
developer is going to stay away from a hell-hole like that.

Yep. I often wonder why the developer of Pale Moon for example puts up
with all the shit that's thrown at him.
First time I've ever used a swear word in print but I can't think of one
that describes it better.



--
Regards
wasbit

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On 7/5/2024 9:34 PM, Carlos E. R. wrote:

Chrome is the original by Google. Chromium is the community version,
derived from Chrome. Not that Chrome has parts added by Google.

Other way around:

"Chromium is a free and open-source web browser project, primarily
developed and maintained by Google. It is a widely-used codebase,
providing the vast majority of code for Google Chrome and many other browsers..." (Wikipedia)

Google manages the project and uses it as the basis for
Chrome. The description for Ungoogled Chromium indicates
that the Chromium code still has Google-specific functionality
that must be dealt with in order to get a clean browser.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On 7/6/2024 5:15 AM, wasbit wrote:

Messing with browsers is a daunting task. There are only
so many "good" developers to go around. And a smart
developer is going to stay away from a hell-hole like that.

Yep. I often wonder why the developer of Pale Moon for example puts up
with all the shit that's thrown at him.
First time I've ever used a swear word in print but I can't think of one
that describes it better.

I imagine it's like anything. Probably some combination of
idealism, curiosity and liking a challenge. There are a lot of
freedom lovers among geeks. Look at Linux. There's always
someone deciding that the last guy didn't do it quite right.
As a result we have dozens of half-baked Linux versions.

Another important reason is likely what Bill Burr pointed
out in his comedy routine: The world is under threat from
runaway tech mainly because eeks don't know how to talk to
women. OSS projects are often a kind of boys' club, where
unsocialized geeks get cameraderie and peer respect. After
all, they can't play Grand Theft Auto 24/7.

With the UngC people I'd guess that they just felt there
should be a Google-free version of the monopoly browser.
It's the decent thing to do.

Then there's also the strong want or need. We're growing
pickling cukes on our back deck. Not because it's economical.
It'd be much easier to just buy them. But this is fun, and I've
found it very difficult to get pickling cukes that are not bloated
up with water. I like them small, tasty and crisp. I bake my own
bread because I can't find a tasty, good quality, organic bread
from any source. So once again, want, need and fun. It's
satisfying to me that I'm able to do it the way I want it. I
brewed my own beer for many years, finally giving it up primarily
because I just don't drink very much and it was a lot of work.

I'd probably also be making my own browser if I had the expertise
to do it. Then I could finally filter out those pesky SVG images
that userContent.css won't deal with. :)

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On 7/6/2024 2:29 AM, VanguardLH wrote:

Seems smarter and easier to move to Firefox (a known author) than spend
the effort on Ungoogled Chromium (where who compiled it for you is
unknown), or go to one of the Firefox variants, like Vivaldi if you
really feel compelled to modify the chrome (that's with a small "c"). I could spend the time researching all the info at the UnGoogled Chromium Github project, but I suspect I'd end up deciding to stick with Firefox.

It looks like you did do all the research. :)

I also use Firefox. As I said earlier, I got UngChromium so that
I could have a version of that browser engine for testing webpages
and for any rare instance where FF might not work. Anyone who primarily
uses Chrome and might want to seek better privacy would need to
consider your points.

It's true about not being able to use Google's store. Google seems
to go to great lengths to suck people into their spyware shopping
mall quicksand. Though installing extensions by hand has not been
difficult in my experience. Just a couple of extra steps.

You can get Chromium from various sources, but Google don't
make it easy. Here's one source: https://storage.googleapis.com/chromium-browser-snapshots/Win_x64/1020999/chrome-win.zip

When it runs there's a banner across the top warning that
the Google APIs are not available. :)

My Raspberry Pi4 comes with a Chromium "media version",
which seems to integrate Widevine and other elements. It may
be essentially Chrome but not compiled by Google.

UngC seems to be a bit more polished than straight Chromium.
But I really haven't looked into it much. I've never considered
Chrome to be a browser that deserves to live. But sometimes I
want to have it around. Chrome itself is detestable. I removed
Edge and don't want it back. So UngC is my choice. I keep a
portable version on a data partition. (It's almost 300 MB. I
don't need that cluttering C drive.)

This past week, for example, I was updating someone's website.
I do a bit of web design on the side. It's handy to have the ability
to have Chrome rendering without Chrome. Though in my tests of
my own coding, IE11, FF and UngC seem to have identical display
of pages. With older IE I had to have a number of code differences,
loading 2 different pages via PHP after checking the browser. Now
I seem to be able to trust that what works in one will work in the
other.

However, Google seem to keep cooking up their own tweaks of
javascript and such, so some "cutting edge", complex, script-
infested pages might malfunction in FF. That's the other reason
to keep a Chrom* version around.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On Sat, 6 Jul 2024 10:06:16 +0100, wasbit wrote:

Yep, I used Pi-Hole for a while using a Pi Zero W.
Didn't notice much difference when I failed to replace it after a
hardware shuffle but the wife did with her tablet

Try visiting yahoo.com or cnn.com with and without it. You'll see the difference.

--
s|b

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On 7/6/2024 4:20 PM, s|b wrote:

On Sat, 6 Jul 2024 10:06:16 +0100, wasbit wrote:

Yep, I used Pi-Hole for a while using a Pi Zero W.
Didn't notice much difference when I failed to replace it after a
hardware shuffle but the wife did with her tablet

Try visiting yahoo.com or cnn.com with and without it. You'll see the difference.

Here's what I see with just a basic HOSTS file and script
disabled via NoScript:

https://i.postimg.cc/Qd27y65Q/scrshot.gif

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.comp.os.windows-11

On Sat, 6 Jul 2024 17:17:45 -0400, Newyana2 wrote:

Here's what I see with just a basic HOSTS file and script
disabled via NoScript:

https://i.postimg.cc/Qd27y65Q/scrshot.gif

I also use NoScript (and uBlock Origin), but this is what I see on a
newly installed Fx: <https://i.postimg.cc/x13hP9Vd/cnn-com.png>

--
s|b

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)