undefined | Better HN

0 pointspwnna9y ago0 comments

> How much of a hassle is it really, because I absolutely want system wide ad blocking and I worry that I will be defeating the purpose of using a hardened OS in the first place?

Ad-away works by using a host file to block. The hosts file is generally not writable by the user without root as it lives on a read only partition (/system).

Another way to block ads is to connect to a VPN that blocks thoses hosts for you, however that is more cumbersome to setup.

While hosts blocking is not perfect... my thought on this was to expose a limited API that allows apps to update the hosts file without having root. This could be sketchy and a security risk on its own tho, because you're essentially hijacking DNS... In addition, I don't think the community is interested in this because they all love root..

> Do you rebuild and flash each OS update as a new ROM?

Every month, immediately after the security bulletin and a resync.

> Is all your data on the phone persistent or backed up & restored each time?

So android has a /system partition and a /data partition. When you reflash your system, the data partition (where all your apps, settings, what not are stored) is left untouched. Android will detect this and perform an upgrade operation on the /data partition, if applicable.

0 comments

2 comments · 1 top-level

nradov9y ago· 1 in thread

Apple added specific ad blocking features to iOS 9, and I don't think those rely on editing the hosts file. So in principle a similar design could work for Android, although I doubt Google would ever support that.

lern_too_spel9y ago

Apple added specific ad-blocking features to its browser on iOS 9. There are plenty of browsers that support ad blocking on Android, and they have existed since pretty much the beginning.

It is also possible to block ads in other apps on Android. One way is to use a custom hosts file that blackholes ad-serving domains. The hosts file is stored on a read-only partition for security purposes on most builds of Android, so overwriting it requires root. Another option is to point your phone to a DNS server that does the same thing. This does not require root and works across multiple platforms. Another Android-specific option is to use the VpnService API to implement filtering in an app that does not use root but gets to see all other apps' Internet traffic. There are several apps that do this.