Ad blocking in SailfishOS in 2023 - What are the options?

General
#1

Reading a post by @GreatJoe 's experience as a new SFOS user highlighted that there currently seems to be no easy solution for ad blocking in SFOS for regular users. From what I could crowd-source and found on this forum, these are our options:

  1. Hosts Adblock
    Working Status: Seems broken from SFOS 4.4
    Covers: SFOS and Android App Support
    Pros: Set and forget, very simple program/script
    Cons: No AARCH64 version, Possible Sailjail issues, Unmaintained/Abandoned

  2. Defender II
    Working Status: Unknown/Unclear
    Covers: SFOS and Android App Support
    Pros: Set and forget, GUI based, user-friendly
    Cons: Have boot-looped devices in the past etc.

  3. Hosty
    Working Status: Working
    Covers: SFOS
    Pros: It works
    Cons: Install by running a foreign script as root, hosty as cron job runs as root (Possible Security/Privacy implications), Not exactly user-friendly to regular users

  4. AdBlocking on Sailfish OS via /etc/hosts
    Working Status: Working
    Covers: SFOS and Android App Support
    Pros: No extra dependancies to be installed, simple solution (Unlikely to cause issues with SFOS updates?)
    Cons: Not exactly user-friendly to regular users

  5. Just curl a blocklist to hosts file
    Working Status: Working
    Covers: SFOS only (But can be both with symlinc)
    Pros: No extra dependancies to be installed, simple solution (Unlikely to cause issues with SFOS updates?)
    Cons: Not exactly user-friendly to regular users

  6. Privoxy
    Working Status: Working
    Covers: SFOS and Android App Support
    Pros: Extremely powerful solution
    Cons: Setup and config is difficult (Or maybe notā€¦)(Not for regular user), possibly touching many SFOS system files and configs (Might cause issues with SFOS updates?)

  7. DNScrypt-proxy blocklist (DNS alternative)
    Working Status: Working
    Covers: SFOS and Android App Support
    Pros: Much more control and many additional features
    Cons: Not exactly user-friendly to regular users, possibly touching many SFOS system files and configs (Might cause issues with SFOS updates?)

  8. Android Firefox-based browser with uBlock Origin
    Working Status: Working
    Covers: Browser only
    Pros: User-friendly
    Cons: Only works in the browser itā€™s installed in (Not system wide)

Disclaimer: The list above is entirely based on my own opinion and research and may, and probably do, contain errors. There might be other possible solutions I have not found and thus they do not appear in the list above. Hosts-based solutions seem to require a reboot of the phone before the updated hosts-file is used and no solution to this has been proposed.

So here is the question: What solution has the lowest risk and easiest set up? What solution do you use or would recommend?

P.S. I have used solution 1 for nine years on a Jolla 1 without issues. For newer devices, Iā€™m not sureā€¦

EDIT: I do not endorse any specific solution, nor have I tested all of these, YMMV

13 Likes
[How-To] nextdns
#2

Iā€™m using solution 4 since Defender is not working properly anymoreā€¦
Iā€™m missing it!

1 Like
#3

Testing Privoxy on Vollaā€¦
Installed everything from Chum (Privoxy, AdBlock configuration, Docs, http server and tools) and rebooted. It installed 2 new icons on app grid, and Privoxy Config did nothing and Privoxy Toggle showed something about a proxy 127.0.0.1 port 8118 not installed or so.

After I entered this proxy into Settings/System/Mobile Network/Advanced/Proxy 1, the 2 new icons on app grid show:
Privoxy Config: Privoxy Menu (6 items) + Support and Service.
Privoxy Toggle: Privoxy is enabled

My observation: clean sites load much faster but ā€˜less cleanā€™ ones showing no images now. So for me this means that Privoxy worksā€¦
working and faster: Youtube, orf.at, de.m.wikipedia.org, hpmuseum.org, hpcalc.org
Not working: la-palma24.info - reports: Unable to connect, Browser canā€™t establish connection to googleads.g.doubleclick.net, that means that it works as it should. :star_struck:
edit: images come after two minutes.

Have to say, itā€™s not sooo difficult.

Iā€™m curious and will report if some annoying effects will occur.

Thank you @nephros ! And Thank you @Novacane for the list!

edit: installation also successful on Xperia 10. Thanks again!

edit: Blocking does also work if phone is used as mobile access point. Annoying advertisement also filtered on laptop connected to Hotspot. Pages load noteable faster but sometimes also content is missing.

2 Likes
#4

Option 5.
The browser is basically the only thing that has ads in sfos so thereā€™s no need for anything else for me.
Android browsers already have Adblock or can be installed as a plugin.
For YouTube I use microtube that doesnā€™t show ads and also has sponsorblock.

#5

With ā€œSetup and config is difficultā€ I meant the instructions seemed a bit convoluted or unclear (Which I think your reply proves :wink: ). Also, if this breaks something somewhere in SFOS, a regular user might not easily be able to fix their systemā€¦

1 Like
#6

True, but other Android apps can load all kinds of garbage in the backgroundā€¦

Microtube is the way to go, good tip.

#7

Did I make something wrong?

#8

For that you can try this, method number 2.

Other than that, I assume ReVanced manager should work here too. Itā€™s a tool to apply different types of patches in apps like YouTube, Twitch, Spotify and some social.

2 Likes
#9

You are invited to make a pull request with changes to the README, or cook up your own guide which I can link to,or any other suggestions you have, in order to make this better.

Just to manage expectations though: privoxy can not and will not ever be a one-klick-it-works kind of app. By nature of the software you have to have some knowledge how it works, how websites etc work.
Knowing what youā€™re doing also reduces the chances of something breaking. (In fact the reason Iā€™m giving hands-on instructions in text form instead of doing this somehow automatically is done intentionally to lower the risk of breakage.)

Also, please understand that my goal or role in all of this is not to provide a ā€œprivacy appā€ or ā€œadblocking solutionā€.
My role is packaging the upstream software so it runs on SFOS, with minimal modifications. And I add some SFOS-specific add-ons that I think are useful (like the preconfigured ab2p infrastructure and config, some housekeeping stuff, etc.). This is what I can do, this is what I can support, not more.

This is not elitism I believe, as @GreatJoe suggests, it is due to the fact that Privoxy is supposed to be run on a server-type machine, which a admin-type person who configures it for their users.
Coaxing it onto a phone and make it block stuff is possible thanks to the wonderfulness of Linux, but setting it up it does involve the same admin-type tasks.

Anyway, apart from installation and initial setup, if anyone has something running in Privoxy they are very much invited to share their config hacks and snippets in this thread or through the source repo and hopefully the rules shipped with it can be improved for everybody.

7 Likes
#10

I meant no offense, nor did I mean to imply anything more than that this solution is not meant for a ā€œregularā€ user (The adage ā€œnever run commands you donā€™t understandā€ comes to mind). I do not agree with @GreatJoe calling this elitism, and I agree with your statement ā€œKnowing what youā€™re doing also reduces the chances of something breaking.ā€ I would add to that ā€œKnowing what youā€™re doing also enables you to fix something if it breaks.ā€

Thanks for all your effort in the community

1 Like
#11

No, nothing wrong :smile:
I just meant that this solution is not for a ā€œregularā€ user. Also see my response to @nephros below

1 Like
#12

As Iā€™m using SailfishOS daily now I immediately encountered this problem and Iā€™ve solved it by using Blocky (itā€™s like Pi-Hole or AdGuard).

Iā€™ve now released a UI for it. I had bigger plans for my first release (like YAML validation or hosts lists reload, etcā€¦), but I want to share it anyway at this stage as this thread is a bell that other people may need it.

Working Status: Alpha release. Disables connman DNS functionality and enable blocky. Itā€™s possible to edit the configuration from the UI, but if you make any error you are screwed (delete ~/.config/dev.scarpino/harbour-blocky/blocky.yaml to start with the default config).
Covers: SFOS and Android App Support (? I guess, I donā€™t use it)
Pros: Set and forget.
Cons: No i486 version (missing upstream), runs as root (needed to restart blocky).

10 Likes
#13

It does not download blacklist updates also from wifi and moreover I cannot disable wifi-only option. I am using 4.5.0.19 for Xperia 10 II.

#14

This is probably the simplest solution especially used in combination with dnsmasq or DNS Alternative. There is also another provider that offer a similar service: Quad9 therefore the best combination is to alternate the two services in the DNS queries, like in the following:

  • IPv4: 9.9.9.9, 94.140.14.14, 149.112.112.112, 94.140.15.15

  • IPv6: 2620:fe::fe , 2a10:50c0::ad1:ff, 2620:fe::9, 2a10:50c0::ad2:ff

This is an example of /etc/resolv.conf for every host connected with an IPv4 + IPv6 network which alternates AdGuard and Quad9 ad-blocking and safe-filtered DNS .

#IPv4 nameservers
nameserver  9.9.9.9 
nameserver  94.140.14.14
nameserver  149.112.112.112
nameserver  94.140.15.15

#IPv6 nameservers
nameserver  2620:fe::fe
nameserver  2a10:50c0::ad1:ff
nameserver  2620:fe::9
nameserver  2a10:50c0::ad2:ff

Usually the /etc/resolv.conf is not the right place to insert these value, anyway.

2 Likes
#15

Hey, just wanted to share what I am doing:

  • a orange Pi Pc at home with pihole and pivpn set up (setup is a guided step by step and very easy)
  • every time the phone activates cellular or wifi it automatically connects to my VPN, which blocks ads at the system level

Cons:

  • pi needs to be working 24/7, as well as my internet connection at home

So if you happen to have and old board, you can use it. Just mind the electricity bill, if you are using an old laptop or PC :slight_smile:

1 Like
#16

I still use a simple systemd timer to download a hosts file to /etc/hosts, as described (and now updated) here, incl. bind-mount on Android.

6 Likes
#17

Hey, @ohnonot thank you so much for your Instruction. Finally I did manage to ban ads from my browser. I makes a real difference in performance.

A short notice for others: Your instructions are not for newbies. It was necessary to do several additional steps to set up the system correctly.

I can reproduce the following code and modify hosts.timer and hosts.service as described :

> cd /etc/systemd/system
> nano hosts.timer hosts.service
> systemctl daemon-reload
> systemctl enable hosts.timer

During the next steps, however, I got lost.
Putting the following in the terminal:
~/.local/bin/hosts
results in an error (no such file/directory exists)
I had to create the file first.
the same goes with hosts.head (I needed to create the file first, and have to chance the permissions second)

2 Likes
#18

Thanks for your feedback! It is much appreciated.

  • I have changed the article so that the script resides in /usr/local/bin/hostsupdate instead of the userā€™s home directory, and gave it a better name. It makes more sense this way.
  • the necessity of hosts.head being present beforehand (and created manually) is mentioned in the article. I cannot automate ths process without complicated checks and taking the userā€™s freedom to have a customised hosts file (i.e. the head portion of it) but I added a check to the script that will make it fail if that file is not present.
  • Yes some preliminaries are required but tbf, it is possible to do everything on the device, without ssh.
5 Likes
#19

I just used your script/timer approach and went with the ad block test site Test Ad Block - Toolz from 9% to 54% of blocked ads with the sailfish browser - pretty nice.

However, for AAS Fennec with ublock I get 96%ā€¦

1 Like
#20

I get 87% with Blocky and wally3kā€™s ticked list :slight_smile:

1 Like