• kaitco@lemmy.world
    link
    fedilink
    English
    arrow-up
    26
    arrow-down
    1
    ·
    7 months ago

    Sounds like we need to start developing ad-blockers based directly within the OS.

    • rdyoung@lemmy.world
      link
      fedilink
      English
      arrow-up
      21
      arrow-down
      2
      ·
      7 months ago

      Those exist. Use dns based adblockers. You can pick from a variety of services already out there or run your own with pihole.

      • Dark ArcA
        link
        fedilink
        English
        arrow-up
        11
        arrow-down
        2
        ·
        7 months ago

        Yeah, though … those don’t always work and it is entirely possible to break them if they become overly “pesky” for the corporations.

          • Dark ArcA
            link
            fedilink
            English
            arrow-up
            14
            ·
            7 months ago

            If I implement my service to use the same underlying IP address for the primary service/critical access that I use for advertising services (e.g., I put a load balancer and have Windows Advertising integrated with Windows Update via the same IP addresses), you can’t block the IP without breaking Windows Update.

            That’s worse for other ingrained systems, e.g., a news app that actually has to send you content could do this instead of using separate IPs for the advertising service, and then if you want to use their service you have to accept the advertising packets.

            If you’re relying on DNS for your blocking as well, it’s entirely possible to distribute the IP address information without ever involving DNS by syncing up the appropriate IPs out of band on some built in IP addresses hard coded in the binary (plenty of things do this sort of thing already for security purposes, they want to minimize the risk of a local DHCP server handing out some garbage DNS record and sending you a virus via their update mechanism).

            I could go on.

            Do yourself a favor and learn a bit more about how this shit works lest you look like an idiot.

            Don’t be a dick; especially if you don’t know what you’re talking about. Thanks.

          • Darkassassin07@lemmy.ca
            link
            fedilink
            English
            arrow-up
            10
            ·
            7 months ago

            DNS based blocking only works for regular DNS requests.

            At this point, any app that wanted to bypass that could use DoH/DoT+ECH to completely bypass your DNS and thus the blocking it provides. With these tools, all you’d see is an outgoing TLS connection to a remote IP; all other data is encrypted.

          • thejml@lemm.ee
            link
            fedilink
            English
            arrow-up
            5
            ·
            7 months ago

            DNS based ad blockers (I run one, it’s great, highly recommend) can’t block something if the address is both legit and also serves ads. For instance, if MS used the same domain name for updates and windows key validation as it does for ads, you’d quickly run into an issue. Especially if (please don’t read this MS), they required validation on every boot, then replied with a payload combination of a the ads and a “yea you’re legit and can boot”.

            • BearOfaTime@lemm.ee
              link
              fedilink
              English
              arrow-up
              3
              ·
              7 months ago

              Also, MS could easily (and has) coded some processes to not lookup DNS addresses in things like LMHOSTS or HOSTS, they could just as easily bypass DNS itself. They certainly have plenty of public IPs they could have a process submit to the network stack.

    • catloaf@lemm.ee
      link
      fedilink
      English
      arrow-up
      2
      ·
      7 months ago

      I’m pretty sure you can turn these off with local group policy. And if you can, I’m sure someone will make a script to do it for you.

      Personally, I set up AD for my own devices a long time ago, when I got pissed off about Windows 10 rebooting my PC while I’d stepped away to eat dinner and killing everything I had open. So I also use it to set group policy to turn off things like this. But this is far overkill for the average person.