Blocking All Advertising

Well I have not used PureOS on a daily bases for few months since I removed it from my phone for another OS (personal choice), Currently using Fedora Mobile on the PinePhone (will have it on Librem soon also), and BSD on my work phone. But PureOS is good I might give it a try again when I get time to test it for now I am ok with my setup. I only say this since I am not sure what is the latest update on PureOS and the browser add ons and etc, but I am sure PureOS and Purism are committed to giving users privacy from ads and tracking but it cannot be do 100% I am sure no one can do it.
I personally have separate LAN networks at home, WORK NET with Private NextCloud server for my photos and private and work stuff without wireless, server backup done via custom build 802.3 protocol with custom build kernel. I use OpenWRT software for both router WORK and home NET. work net has pfsense firewall.
I am sure that ads cannot track my work etc since i don’t use social media or any out of home LAN or my corporate work LAN network. I only use my HOME network for stuff like that but my HOME PCs have no photos of me not even my full name only Alex very common name with 5 million people in Europe.
Worse hackers can do is steal my steam account or origin or watch stuff on my netflix, hbo or hulu.
Yes I get ads on my game email, but mostly game offers never products since they don’t know who I am etc.
My home country and my current country of residence are not much into politics, but even if they were they got zero data points on me so if they don’t know who I am and they cannot collect data on me so … no data for the user no ads for the user. Sadly due to my profession of Data Scientist I am aware of the dangers of data collection and how that data can be used and abused, even people enter or give info for free like facebook.

I currently don’t even have a phone with a sim card or a number by choice only use my work sat phone for internet with BSD and my Fedora Mobile for personal stuff work fine, for talking to my GF online I build an app for chat and video using custom encryption and I am not worried anyone can hack in since it only work on VPN via LAN and using a custom 802.3 protocol and custom linux kernel version.
at work we also build our own apps and 100% of our service are hosted in LAN so zero cloud or internet.
I don’t communicate to people outside my company the people who do use outside LAN for it.

I am not advising anyone to do what I do just giving an example that you have a choice to use or not to use social media and same goes for anything online you need to adapt to change and follow what is the best way to keep you save what worked in 2010 will not work in 2020, and what works now will not work in 2025.
Keeping up with changes is the main reason why I am active in forums and read about it, since forums give more information then any formal official news written by PR expects that give unreal picture of real events.

My best advice to avoid ads political or whatever is use different PCs for work and personal stuff, or different users on same PC or even different browsers IT can minimize the information and install ad blockers and avoid using social media all together if possible, and avoid using sites that track info full of ads like social media sites

EDIT: apologies for my English but I am a non native speaker, just saying to avoid any future comments like few I had in this forum about previous posts I had here (here I mean on this forum).

Regards, Alex

Great, what phone brand is this you installed BSD?
Is also a sat phone or it only has internet sat connectivity?

At the moment I have 3 phones, Librem I don’t use but plan to add Fedora on it soon, PinePhone with Fedora Workstation 31, works good for what I need browser for surfing email messaging apps and voip.

I got the phone from my company as a work only phone, it is not commercial product yet as far as I know. I know they are design in Middle East probably developed as well or maybe somewhere else don’t know exactly.
The software is managed by a partners company of TrueOS (BSD version with enterprise level support).
The phone has no branding so even if I wanted to tell you I don;t know, it has similar spects to PinePhone.

We use lumina desktop I believe, and all of the work web serivices are avalialbe over the phone.
Regarding the satellite internet I really don’t know much since I have very little knowledge of telecoms
As far as I know all services run via Internet LAN or Intranet, I can use it to surf online but it is very slow since it is rerouted over few proxies and watching a video or telegram or whatever other voip call is not possible due to the delay, so not really a regular internet service, also SAT internet by default ads lag.
Few other companies are doing the same building phones with BSD not the first or last one.
Same with my work PC, all web services only work from my work PC I only use Fedora, most use CentOS or RedHat (RedHat OSs are managed by red hat support team, I prefer to manage my own PC).

My research institute has a lot of legacy software on BSD from 1990 to 2000, most of it is migrated to CentOS and RedHat but not all can be due to our agreement with TrueOS and BSD companies that support them we got the phones. Many services are hosted on dockers or VMs on CentOS still using BSD as core OS, since some software for medical purposes are difficult to re build or use old programming language and recoding is difficult or impossible

My research institute has offices in few continents North America, Middle East and Europe so having local SIM card is not smart, hence sat phones with VOIP calls, I have a VOIP office number for the sat phone for internal use. and since only communications officers talk to people outside of the office I guess they have regular phones.

@kieran Thank you for explaining that detail. I didn’t know javascript - as used by MeWe - was a proprietary version, and not the opensource variety; including how it can be used to attack a person’s computer.

I am not looking for a perfect solution Kieran, MeWe is good enough for me and what I need. I do create backups of my entire hard drive daily using incremental backups and full backups as a precaution.

Not having read the whole thread, just an idea to throw in: An infrastructure with a set up Pi-Hole will send all DNS-queries to that Pi-Hole, whereas the Pi-Hole checks, wether the requested URL is known in one of its used black-lists. If not known, the Pi-Hole delivers the correct data. If within a black-list, the Pi-Hole delivers an empty response.

For the requesting client everything runs as usual. Not even an ad-blocker is usually detected. Only if the Pi-Hole blocks a certain URL, the client just can’t request the resource he want’s to fetch. So no advertisement is fetched from the server providing it. And what isn’t fetched, can’t be shown nor can it stuff up your network with unnecessary data transferred.

A network behind a router can be configured in a way that the router uses the Pi-Hole as its known DNS (and also DHCP). That means, every device within that network is automatically protected by the Pi-Hole.

The lists shipped with the Pi-Hole by default are already pretty useful and complete. I only had to add one or two further lists to stop several thousand Microsoft-Telemetry-request + i created an own list where i add an odd URL from time to time. That way - if the requested URL for an ad follows a certain structure, i can also block ads and content delivered by a page in its own context.

For me - and several friends in my surrounding - that infrastructure runs absolutely smooth since several years. No matter, if you’re using a computer or a smartphone or a smart-tv within that network, they’re all pretty well protected from unwanted ads.

To further increase security/privacy, one can set up the Pi-Hole to use a reverse-dns like Unbound which further prevents the user(s) from third-parties getting to know which webpages one’s requesting (a pretty not that consciously delivered valuable source of information to create a really good profile of a certain person - Keep in mind, that THE dns-server you’re always querying is the only one knowing each and every webpage you requested - can there be a better source of data for a profile? Having 8.8.8.8 as your fast DNS? Than Google - even not using Google’s other free services like Chrome - knows everything you’re requesting).

Getting back to the L5: Theoretically the L5 could connect to that Pi-Hole-secured infrastructure via VPN and so use it’s already existing full power without having to create new stuff. The user than only has to provide the right maintained black-lists to the Pi-Hole to be well protected from ads.

Just an idea.

Additional thought: For persons capable to handle a modern webbrowser and it’s devtools, one could eg. investigate the network-stream. If certain ad-like data (eg in facebook or whatever) should follow a visible pattern, that pattern could be added to a personal Pi-Hole list, which would result in rendering the webpage’s/app’s request to fetch that data useless - which means: no internal ad displayed.

What about tweets that are actually ads? You have to look at them long enough to evaluate whether or not it’s an ad or whether it’s a tweet from someone you’re following. By then you’ve paid enough attention to the tweet/ad to render it potentially effective for it’s intended purpose. The advertiser wins in that case. It’s not that I am weak minded. But I know that if I am hammered long enough and hard enough by ads, that they will influence my thoughts. This assault is offensive and the idea shouldn’t be to tolerate it, but to remove it from my environment while still enjoying the freedoms of electronic communications.

Over here in DE, they soon have to. It is eloquently termed “Netzwerkdurchsetzungsgesetz” and right now, Social Networks have to delete anything deemed illegal quickly upon user complaint. This year the law is planned to be tightened up, so platform operators have to proactively inform the police about criminal content (including threats and offenses when illegal)

Network Enforcement Act - according to Mr Google

… which of course means that they need to look at all content.

I mean we kind of knew that social media operators are doing that anyway - so if you use social media, you accept that loss of privacy - but this just makes it worse.

It also means, most likely, that you will be the victim of buggy algorithms, algorithms that are kept secret and not open to scrutiny or transparency, algorithms that will from time to time hit the news for all the wrong reasons.

A Librem 5 could function as a node!

This GNUnet sounds pretty good. So does pi-hole. These open-source solutions are probably the key to getting rid of ads and enforcing privacy user.

One suspicious thing is when a search takes you to a Reddit site. Immediately, the site tries to get you to switch from your existing web browser, to their own app. Despite possible better features, the real reason they want you to switch is so that their app can do things that even Microsoft and Google want to protect you from. I never agree to switch. If they require me to switch as a condition of using their site, I just move on without getting whatever I came there for.

Pi-hole is the cat’s knees. I’ll never not have one again.

I used pi-hole for a home for many years, although I recently switched to a turris router in which I have ad-block as part of the router, and for my mobile devices I use algo-vpn. Currently I am experimenting with replacing the ad-blocking in algo vpn with deCloudus which also allows me to block pretty much everything google.

How does this compare? I just got a turris router last week, but I went ahead and told it to use the pi-hole because that’s what I’m used to. Do you find that the ad-blocking is at least comparable with turris ad blocking vs pi-hole?

I don’t see any difference. Turris gives you a menu of add blockers to include and I selected the ones that I thought made sense. My real goal is to get it working with DeCloudus so that I can filter out google from my life.