Badness enumeration is the concept of making a list of known bad actors and attempting to block them. While it seems intuitive at first glance, badness enumeration should not be relied on for privacy or security. In many cases, it actually does the exact opposite and directly harms the user. This post will attempt to explain why badness enumeration as a concept is flawed and give some examples of its failings in practice.
Why an alternative to adblocker ? If you need an adblocker, just use one (ublock origin).
That article says nothing bad about adblock. But says that adblocking and content blockers are not perfect and never improve our privacy in no way.
The best solution as says in the article is…
Use a bpn with integrated adblock.
Probably, windscribe, ivpn and mullvad.
I’m not sure if I agree with most of the premises. Security and privacy require extensive concepts and include several measures. It’s difficult to single out one detail and make absolute statements about it without taking into consideration the context and rest of the setup. Also both depend on the exact threat scenario and it’s difficult to say anything on the matter without defining the threat scenario first.
An old-fashioned adblocker has some advantages over the newer variants and DNS blocking. It can rewrite the websites and remove most trackers, ads and annoyances even if they’re on the same host. A DNS blocker / VPN can only do that if the tracker runs on a dedicated, distinct domain. And many services nowadays don’t do that. You lose those blocking abilities.
Sure an adblocker is software and thus has vulnerabilities and issues. But why make the cut here? Why not trust uBlock which is open-source, well used by millions of people and has more than one pair of eyes looking at it and a good track record… But trust the browser which is a ridiculously complex piece of software with millions and millions of lines of code and runs with even more permissions? Ontop an even more complex operating system that has access to everything and is often designed by companies that make a living by collecting user data?
And I don’t think a VPN is good per se. It also adds more complexity and a whole new company in the mix that now handles your traffic. Could be better than your ISP, could also be worse. Sure, it obscures your IP. But I’m sure most VPN providers have to abide by the law and do lawful intercept. As do internet service providers. So depending on the threat, there might not be any benefit over not using a VPN. And there are a lot of VPN offerings and different flavors. Not all of them are good. You could jeopardize your personal information by choosing the wrong one. It adds a layer of privacy under the condition that the company doesn’t keep logs, doesn’t collect user data and has their customer database and payment details decoupled from the network infrastructure.
And the privacy of VPN use depends on other measures. If you use social media, login to a google account, ckeck your mail, don’t filter trackers or use an Android or Apple phone that uses their services for push notifications, connectivity checks and all sorts of services… Your VPN IP will be known to said companies. And/or your username or other identifiers. They can correlate data, analyze your behaviour pretty much the same way as if it were an ordinary internet connection. It doesn’t help against browser fingerprinting, cookies etc. And the metadata that is for example collected by instant messengers or other “free” services also is the same and also still tied to your account.
I really don’t see much of a benefit in using a VPN considering today’s technology and the way online services and data collection works. Also their DNS filterlists are also still “badness enumeration” and the same concept as the adblocker filterlist.
And I always like to tell people security and privacy aren’t the same. Sometimes things even oppose each other. For example you could be using a secure Linux distribution and a privacy protecting browser. Now, without additional measures, you’re easily recognized everywhere because only a fraction of the internet users use a setup like that. Combine that with a VPN and a nonstandard DNS that is provided by your VPN provider (and not 8.8.8.8 like most people type in) and you’re singled out even more. (And using Google’s DNS sends your requests to Google, so that’s also not good.) There are additional techniques to migitate for things. In this example faking the browser agent. But there are other techniques to invade privacy, migitations and it’s really a complex subject, that doesn’t have a simple answer to it.
So if the statement is: uBlock doesn’t provide absolute privacy nor security, I agree. The remaining statements are too simplistic and probably don’t hold true in real-world scenarios.
And what is the alternative to an Adblocker? No Adblocker?
Why an alternative to adblocker ? If you need an adblocker, just use one (ublock origin). That article says nothing bad about adblock. But says that adblocking and content blockers are not perfect and never improve our privacy in no way.
The best solution as says in the article is… Use a bpn with integrated adblock. Probably, windscribe, ivpn and mullvad.
I’m not sure if I agree with most of the premises. Security and privacy require extensive concepts and include several measures. It’s difficult to single out one detail and make absolute statements about it without taking into consideration the context and rest of the setup. Also both depend on the exact threat scenario and it’s difficult to say anything on the matter without defining the threat scenario first.
An old-fashioned adblocker has some advantages over the newer variants and DNS blocking. It can rewrite the websites and remove most trackers, ads and annoyances even if they’re on the same host. A DNS blocker / VPN can only do that if the tracker runs on a dedicated, distinct domain. And many services nowadays don’t do that. You lose those blocking abilities.
Sure an adblocker is software and thus has vulnerabilities and issues. But why make the cut here? Why not trust uBlock which is open-source, well used by millions of people and has more than one pair of eyes looking at it and a good track record… But trust the browser which is a ridiculously complex piece of software with millions and millions of lines of code and runs with even more permissions? Ontop an even more complex operating system that has access to everything and is often designed by companies that make a living by collecting user data?
And I don’t think a VPN is good per se. It also adds more complexity and a whole new company in the mix that now handles your traffic. Could be better than your ISP, could also be worse. Sure, it obscures your IP. But I’m sure most VPN providers have to abide by the law and do lawful intercept. As do internet service providers. So depending on the threat, there might not be any benefit over not using a VPN. And there are a lot of VPN offerings and different flavors. Not all of them are good. You could jeopardize your personal information by choosing the wrong one. It adds a layer of privacy under the condition that the company doesn’t keep logs, doesn’t collect user data and has their customer database and payment details decoupled from the network infrastructure.
And the privacy of VPN use depends on other measures. If you use social media, login to a google account, ckeck your mail, don’t filter trackers or use an Android or Apple phone that uses their services for push notifications, connectivity checks and all sorts of services… Your VPN IP will be known to said companies. And/or your username or other identifiers. They can correlate data, analyze your behaviour pretty much the same way as if it were an ordinary internet connection. It doesn’t help against browser fingerprinting, cookies etc. And the metadata that is for example collected by instant messengers or other “free” services also is the same and also still tied to your account.
I really don’t see much of a benefit in using a VPN considering today’s technology and the way online services and data collection works. Also their DNS filterlists are also still “badness enumeration” and the same concept as the adblocker filterlist.
And I always like to tell people security and privacy aren’t the same. Sometimes things even oppose each other. For example you could be using a secure Linux distribution and a privacy protecting browser. Now, without additional measures, you’re easily recognized everywhere because only a fraction of the internet users use a setup like that. Combine that with a VPN and a nonstandard DNS that is provided by your VPN provider (and not 8.8.8.8 like most people type in) and you’re singled out even more. (And using Google’s DNS sends your requests to Google, so that’s also not good.) There are additional techniques to migitate for things. In this example faking the browser agent. But there are other techniques to invade privacy, migitations and it’s really a complex subject, that doesn’t have a simple answer to it.
So if the statement is: uBlock doesn’t provide absolute privacy nor security, I agree. The remaining statements are too simplistic and probably don’t hold true in real-world scenarios.