I have been using ad-blocking technologies for over ten years now… I am so used to it, that when I sit at a fresh computer without any adblocking I am shocked at how terrible the web browsing experience is without it! This post explains at a high level what ad blocking is, how it works, why it’s important, and how to implement an effective solution on your own.

pic screen shot from this Washington Post article taken 4/10/2018

How does ad blocking work?

There are a few different ways to block ads:

  • Blocking the technology itself. For example, Safari blocks Flash out of the box (does anyone still use Flash?) and asks the user if they want to enable it on a case-by-case basis. As a result, Flash ads aren’t loaded unless the user requests it. All modern browsers also automatically block pop-up ads (to a certain extent).

  • CSS element hiding. Using CSS, a browser add-in can block specific elements from appearing on a website. For example, you would say hide anything in the class .advertisementbox and that element would simply not load, or load without displaying.

  • DNS-level filtering. This is one of my favorites because it can be used at the network perimeter to block traffic. You could do it on your individual computer too, but if you configure a DNS server (like pi-hole) on your network, it will just block everything there. It works like this:

    1. You visit a web page which requests an ad from www.bad-ads-website.com
    2. Your computer asks the DNS server what IP address to go to to get to that site.
    3. Your DNS server, protecting you from ads, tells you that website goes to 127.0.0.1 (localhost).
    4. Because that IP address is not really serving that bad website, the request fails and the ad is not shown.

    So how does your DNS server know to block only the bad stuff? By using community filters and lists of known “bad” websites. You subscribe to these lists which get updated on a regular basis. If something isn’t on the bad list, your request gets passed upstream to your public DNS provider of choice (I just recently switched to 1.1.1.1).

Why should I block ads?

From a security standpoint, blocking ads reduces the risk of getting hit by (malvertising)[https://searchsecurity.techtarget.com/definition/malvertisement-malicious-advertisement-or-malvertising]. But that’s only part of it. The bigger value for blocking ads to simply improve the user experience. Look at the picture above comparing the same Washington Post web page. To the left, two big ads taking up a big chunk of screen real estate. You cannot even see the article text on the first screen. To the right, the same article with ad blocking enabled.

Another important reason to block ads is to protect privacy. Many ads track not just clicks, but views. It’s not just traditional ads tracking this, but other third party sites like Facebook. If you load a site that has a Facebook button on it, that “load” is tracked and can be used to further profile you to deliver other ads later (“target Facebook male users ages 18-49 who have visited my website” for example).

Finally, there is the issue of the actual bandwidth used. If you’re on a metered connection (say a limited data plan) or a slow connection (poor wi-fi for instance), you want to load as few assets as possible. By blocking ads, you reduce the amount of data you need to download to get the site you want.

How to implement ad blocking technology

I recommend implementing three things, in order of complexity: uBlock Origin, Privacy Badger, and pi-hole.

  • uBlock Origin - easy and won’t break much. Install it on all your browsers. It is very “plug and play” and you’ll notice results immediately.
  • Privacy Badger - this is an add-on that specifically targets third party trackers. It does “break” some things so you have to put some work in - I’ve had to whitelist some websites just to get my work done. Recommended for advanced users.
  • pi-hole - this is a DNS server that lives on your network. The big benefit here is that it blocks at the perimeter, so you don’t have to install adblocking software on other devices like iPhone, Android, or anything else that has a web browser. This does require some additional patience and care and feeding, so I would not recommend this to someone who is not familiar with the concepts of DNS, DHCP, and routing. If clicking on the “show advanced settings” button makes you nervous, skip this one for now.

Once you start blocking ads you won’t go back. Give it a try today!