Upcoming Chromium Update Could Make Ad Blockers Less Effective

Did you deploy Untangle on your own hardware or did you buy one ?
Thats where I am a little over the top. I have a VMware ESX free hypervisor server running Untangle in a VM. But in all truth, Untangle can run on any old PC with 2 nics and perform awesomely.
 
Thats where I am a little over the top. I have a VMware ESX free hypervisor server running Untangle in a VM. But in all truth, Untangle can run on any old PC with 2 nics and perform awesomely.

I don't mind trying VMware but prefer running it on a old PC if possible. What if my current second old laptop only have one nic can I add a second easily and it will work ? Is there any situation where I would need more than 2?
 
I don't mind trying VMware but prefer running it on a old PC if possible. What if my current second old laptop only have one nic can I add a second easily and it will work ? Is there any situation where I would need more than 2?

Ask this question outside of News?
 
Ublock Origin for ads and some trackers... Ghostery for trackers and some ads. They overlap just right and block almost everything without breaking everything.

So the trifecta would be those two + noscript? Or are you all letting the scripts through?
 
Thats where I am a little over the top. I have a VMware ESX free hypervisor server running Untangle in a VM. But in all truth, Untangle can run on any old PC with 2 nics and perform awesomely.

I've been curious about untangle, but never taken the dive.

Does it result in any buffer bloat for you?

Does it's adblockers ever break any webpages? If so, is there a way to override, or are you stuck with it?
 
I don't mind trying VMware but prefer running it on a old PC if possible. What if my current second old laptop only have one nic can I add a second easily and it will work ? Is there any situation where I would need more than 2?
Sorry had to do some real world work. Yes I have seen someone use an USB nic for nic 2 on a laptop before and it did work.
 
I've been curious about untangle, but never taken the dive.

Does it result in any buffer bloat for you?

Does it's adblockers ever break any webpages? If so, is there a way to override, or are you stuck with it?
Yes you can add sites to the whitelist and they are then passed. And no, it does not add bufferbloat.
 
Yes you can add sites to the whitelist and they are then passed. And no, it does not add bufferbloat.

Cool. Any performance impact at all? Game pings?

I run pfSense as my router. I understand it would sit between my pfSense box and my main switch. Will pfSense Still handledare DHCP? How does it do this? I'm guessing it's not IP based and that it filters everything at a lower level somehow and allows SHCP requests through?

I've googled a little bit can't find a good "how it works" resource. Any suggestions?
 
this is the open source chromium project...not Google Chrome.

If the public really doesn't like the feature, it can be forked. Any downstream users can use the forked project and the only speedbump anyone needs to deal with is having volunteers who backport any desired patches coming from google to the forked project.

You can bet that this forking process is already done to any large users of the engine ...like MS. If enough users refuse the patch in their forked projects, the primary project becomes irrelevant. Google doesn't want that. I think over time things will settle to where people want them to be. That's how open source projects work.
 
Cool. Any performance impact at all? Game pings?

I run pfSense as my router. I understand it would sit between my pfSense box and my main switch. Will pfSense Still handledare DHCP? How does it do this? I'm guessing it's not IP based and that it filters everything at a lower level somehow and allows SHCP requests through?

I've googled a little bit can't find a good "how it works" resource. Any suggestions?
There is some hit to the CPU but not much. And to eliminate buffer bloat you would use fqcodel for QoS. Pfsense has all of this too though? I haven't used pfsense in a while but there are many plugins that do the same as Untangle, and my friend who does use it still says fqcodel is much easier to implement in more recent versions of pfsense, you used to have to manually set the limiters, but not anymore he says.
 
This is utter CRAP. I install both ublock origin and ghostery on nearly every machine I touch. I have found out the hard way that infections, malware and SCAMS are nearly eliminated when you block connections to about 95% of the ads and trackers on the internet. Supposedly "legit" ads servers and trackers I might add.

Making Ublock Origin or Ghostery non-effective will make me militant about vocally opposing any of my customer's continued use of Chrome. I will actively fight for using something else.

The ad server issue on the internet has reached a point of absurdity. It doesn't matter what the revenue streams are there is so much malicious code out there getting pushed that you can't trust ANY of it. And Google isn't doing jack diddly bupkis to create an environment of trust for even its own ad servers.

Almost without fail, when I get a user in here that doesn't have the blockers on I'll be locked up on some web page to "call this number now your computer is infected!"
Palo Alto and a number of other security firewall guys are supposedly implementing add blocking on their level as a service or as a feature depending on the brand and unit. I look forward to this because I found that as well block adds and 99% of my "I got a virus" calls stoped.
 
Cool. Any performance impact at all? Game pings?

I run pfSense as my router. I understand it would sit between my pfSense box and my main switch. Will pfSense Still handledare DHCP? How does it do this? I'm guessing it's not IP based and that it filters everything at a lower level somehow and allows SHCP requests through?

I've googled a little bit can't find a good "how it works" resource. Any suggestions?
Regarding game pings. I am in Houston and I get a consistent 28 to 30 ping in BFV.
 
I used to use pixelserv dns blocking on the router to remove ads and ad placeholders. However, my roommates needed to use major news websites, which sent an authentication token through a ton of random ad trackers for their videos to play. There was no solution with dns for that, you still needed script level blocking.
 
Just another reason to use Chrome as little as possible. I use FF for work and Cliqz (an offshoot of FF) for everything else. I only use Chrome for interacting with my Google services (Play Music, YouTube, Drive, etc).
 
I've been testing Firefox lately and it's not bad at all, so if this actually becomes a thing I guess I'll switch officially. I just found out that YouTube TV actually works on FireFox. It's the only non-Chrome browser that Google allows.
 
There is some hit to the CPU but not much. And to eliminate buffer bloat you would use fqcodel for QoS. Pfsense has all of this too though? I haven't used pfsense in a while but there are many plugins that do the same as Untangle, and my friend who does use it still says fqcodel is much easier to implement in more recent versions of pfsense, you used to have to manually set the limiters, but not anymore he says.

Yeah I used to use CodelQ back when I had slower internet. These days with gigabit, the bottleneck is never on my end, so I don't bother with any QOS at all.

I'm more interested in Untangle for it's advanced filtering g options, and maybe even for it's local cache option. I was thinking to continue using pfSense as my router/DHCP/firewall.

Regarding game pings. I am in Houston and I get a consistent 28 to 30 ping in BFV.

Ahh, I was thinking more along the lines of pings before and after, to see if adding untangle had any deleterious effect.
 
I really need to get off my ass and get a pfSense router in place, been meaning to for quite a while, just have never got around to it...

Much the same here but it's a real PITA for me to setup as we have FIOS w/ TV. Speaking of filtering with pfSense, does this even work now that so many sites are HTTPS?
 
That's what happened to my Aunt the other day when she clicked an ad and got one of those webpages that says you need to update your antivirus or update windows. I'm beyond adblockers honestly, because I've taken extra precautions like using my router as the first level of ad blocking. I use OpenWRT on my TP-Link TL-WR1043N/ND v2 and you can install Adblock as a service. This won't work for YouTube as they supply ads through the same connection that supplies the videos but it will block everything else. I have Adaway on my rooted Asus Zenphone 2 cause I don't need that crap on my phone, plus I installed YouTube Vanced Edition because again you can't block YouTube ads traditionally. And yes, when I browse the web I use FireFox.

Chrome/Chromium is only a problem if you refuse to use the many other web browsers that exist.
Just block all that garbage yourself. It is easy - if you can setup a raspberry pi, you can do it.

https://pi-hole.net/

You set your router's/network's DNS to use pihole after you get it running and you can block ads and tracking on ALL devices - browser, phone, connected TVs, Iot devices, etc etc...

Damn. I need to learn what you guys are learning.
As I sit here reading this with Chrome...
 
hqdefault.jpg
 
There is some hit to the CPU but not much. And to eliminate buffer bloat you would use fqcodel for QoS. Pfsense has all of this too though? I haven't used pfsense in a while but there are many plugins that do the same as Untangle, and my friend who does use it still says fqcodel is much easier to implement in more recent versions of pfsense, you used to have to manually set the limiters, but not anymore he says.

Hmm.

So I intentionally moved my router to a standalone box, because it was annoying that I lost internet at the house whenever I did maintenance on my VM server.

I wonder if untangle would be happy inside bhyve with my pfSense box as its host....

I'd probably need more than the two cores on my kaby lake i3-7100 in my pfSense box today, but a quad core LGA1151 CPU is relatively cheap...

Hmm. I wonder if my ASRock H270M-ITX/ac supports VT-d
 
Part of me wonders why no one just makes a small VM to allow ads to play without the user seeing them. Sites get revenue and users can pretend ads are evil demonic things that totally don't fund websites.
 
Not the placeholders are what I meant. That's part of the CSS frame so I don't think those can be removed?

I don't get those white boxes or even an outline using Noscript, I do get a blank spot that just shows the background. Noscript isn't really a set and forget solution though.
 
Part of me wonders why no one just makes a small VM to allow ads to play without the user seeing them. Sites get revenue and users can pretend ads are evil demonic things that totally don't fund websites.

Hah. We're in this mess exactly because companies want to know real bad for sure what a user does when an ad is displayed. I refuse to work for such companies, let alone allow them to run code on my browser. Also gambling. Motherfuckers should die in a cold lava lake
 
Yeah I used to use CodelQ back when I had slower internet. These days with gigabit, the bottleneck is never on my end, so I don't bother with any QOS at all.

I'm more interested in Untangle for it's advanced filtering g options, and maybe even for it's local cache option. I was thinking to continue using pfSense as my router/DHCP/firewall.



Ahh, I was thinking more along the lines of pings before and after, to see if adding untangle had any deleterious effect.
So without QoS with fqcodel I was at about a ping of 35 with net quiesced. But when family was streaming etc. the ping was up at 45. So QoS and fqcodel really help out there. fqcodel is by far the best at eliminating buffer bloat. Exampled here:
44484377.png


There was plenty going on on my network at this time but the test was A+ on bufferbloat. (Yeah 2Gbps symmetrical fiber. Totally ass-spensive but I run a business at home so... :) ) URL if you want a closer look? http://www.dslreports.com/speedtest/44484377
 
I don't get those white boxes or even an outline using Noscript, I do get a blank spot that just shows the background. Noscript isn't really a set and forget solution though.
I'll look into noscript. That one is new on me. :)
 
This is utter CRAP. I install both ublock origin and ghostery on nearly every machine I touch. I have found out the hard way that infections, malware and SCAMS are nearly eliminated when you block connections to about 95% of the ads and trackers on the internet. Supposedly "legit" ads servers and trackers I might add.

Making Ublock Origin or Ghostery non-effective will make me militant about vocally opposing any of my customer's continued use of Chrome. I will actively fight for using something else.

The ad server issue on the internet has reached a point of absurdity. It doesn't matter what the revenue streams are there is so much malicious code out there getting pushed that you can't trust ANY of it. And Google isn't doing jack diddly bupkis to create an environment of trust for even its own ad servers.

Almost without fail, when I get a user in here that doesn't have the blockers on I'll be locked up on some web page to "call this number now your computer is infected!"

I gave up on Ghostery after they got bought by an advertising company, and ABP after they were rumoured to be taking payments to allow "safe" ads. I don't know whether either resulted in a genuine risk, but I stick with UBO and Privacy Badger now, plus PiHole going to Cloudflare for my DNS. Also I don't use a Chromium based browser (Chrome, Vivaldi, Opera, new even Edge), Firefox and Waterfox for me.
 
Just block all that garbage yourself. It is easy - if you can setup a raspberry pi, you can do it.

https://pi-hole.net/

You set your router's/network's DNS to use pihole after you get it running and you can block ads and tracking on ALL devices - browser, phone, connected TVs, Iot devices, etc etc...

Dude! Thanks, been looking into getting something like this since even my TV has ads now.
 
I really need to get off my ass and get a pfSense router in place, been meaning to for quite a while, just have never got around to it...

pinhole is easier to set up, configure and maintain. I love me some pfBlocker NG, but pinhole is just a better mousetrap.
 
And to eliminate buffer bloat you would use fqcodel for QoS. Pfsense has all of this too though?

opnSense has better fqcodel. And by better, easier to set up. I find I'm liking opnSense more and more. The pfSense guys need to get on their game.
 
Last edited:
Back
Top