New Update Kees1958 EU-US most used blocklist for uBlockOrigin and AdGuard

  • Thread starter ForgottenSeer 92963
  • Start date
F

ForgottenSeer 92963

Thread author
Hi, I added a new source and created a new blocklist version for the most used Ad & Tracking networks in the EU and US. The intended use of this is to combine it with two AdGuard filters and your local language EasyList filter. You can disable all other filters in AdGuard and uBlockOrigin. Please report your experiences with this minimal approach.

EU_US_most_used
Link: https://raw.githubusercontent.com/Kees1958/W3C_annual_most_used_survey_blocklist/master/EU_US+most_used_ad_and_tracking_networks


AdGuard filters to add
1 AdGuard Optimized Easylist for website specific advertisements

2. Adguard URL tracking parameter filter


Easylist Filters
Add your language specific Easylist filter using the user interface of AdGuard or uBlockOrigin extension

Block malware at DNSL-Level
I strongly advice to use Quad9 or NextDNS to black malware at DNS level. These DNS services have blacklists which are many times bigger and better than the malware lists uBlockOrigin has enabled by default (it is really silly to use an adblocker for that purpose). I use Next-DNS without blocking ads, but with beta AI/ML malware protection enabled. Next DNS also blocks cloacked CNAME first-party trackers.
 
Last edited by a moderator:

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,505
Hi, I added a new source and created a new blocklist version for the most used Ad & Tracking networks in the EU and US. The intended use of this is to combine it with three AdGuard filters and your local language EasyList filter. You can disable all other filters in AdGuard and uBlockOrigin. Please report your experiences with this minimal approach.

EU_US_most_used
Link: https://raw.githubusercontent.com/Kees1958/W3C_annual_most_used_survey_blocklist/master/EU_US+most_used_ad_and_tracking_networks


AdGuard filters to add
1 AdGuard Optimized Easylist for website specific advertisements

2. Adguard URL tracking parameter filter

3.AdGuard CNAME trackers blocklist (when you don't use NextDNS)


Easylist Filters
Add your language specific Easylist filter using the user interface of AdGuard or uBlockOrigin extension
This list does nothing for me with uBlock Origin on Microsoft Edge:
0 of 0 used.
 
F

ForgottenSeer 92963

Thread author
@Gandalf_The_Grey

Sorry I don't use this list myself (because I use Next DNS, which blocks cloacked first-party CNAME at DNS level). I checked the link and noticed that AdGuard has commented out all the rules. So you are right that list is useless now. I have removed it in my first post.

Thanks for informing me, really appreciate your feedback (y)
 
Last edited by a moderator:
F

ForgottenSeer 92963

Thread author
@Jan Willy , @rain2reign , @Gandalf_The_Grey (y)

All Dutch members who reacted, maybe the start of a Dutch Chapter within malwaretips.com ;)

When you notice any false positives feel free to report here (or on GitHub). Also when notice a difference in adblocking or tracking protection compared with the set of blocklists you normally use, please post which websites it concerns and which blocklist you normally use.

Thanks
 

Jan Willy

Level 11
Verified
Top Poster
Well-known
Jul 5, 2019
544
It would be nice if a version of your own blocklist could be added to NextDNS.
 
F

ForgottenSeer 92963

Thread author
It would be nice if a version of your own blocklist could be added to NextDNS.
That is hard to implement. DNS level blocking is more like host file first party blocking. All the rules have $third-party added, so only facebook has exceptions (domain is not =~) specified so facebook, whatapp and instagram work well.

As much as I think malware domains should not be blocked by adblockers (are better blocked at DNS-level), I also think that ad and tracker blocking should not be done at DNS level (are better blocked by adblocker browser extensions).
 

Jan Willy

Level 11
Verified
Top Poster
Well-known
Jul 5, 2019
544
That is hard to implement. DNS level blocking is more like host file first party blocking. All the rules have $third-party added, so only facebook has exceptions (domain is not =~) specified so facebook, whatapp and instagram work well.

As much as I think malware domains should not be blocked by adblockers (are better blocked at DNS-level), I also think that ad and tracker blocking should not be done at DNS level (are better blocked by adblocker browser extensions).
O. k. I understand. Thanks for your explanation.
 
F

ForgottenSeer 92963

Thread author
What are the major the differences between my Ad & Tracking list and EasyPrivacy?

1. My list is suitable for people living in North America and European Union
2. My list also uses the input of questionnaires of most used web technology by W3C and online advertising industry itself.

Why does 'EU-US most used' contain NO generic filters?
1.Generic filters are often to generic causing false positives: they require overrides and exceptions, causing extra rules (and CPU cycles)
2.Generic filters are a blast from the past: the advertising industry uses other (easier to maintain) mechanisms (like URL parameters and pixel tracking).

Why does 'EU-US most used' contain NO (cloacked) first party filters?
1. Cloacked first party are third-party trackers looking like first-party via a (canonical) domain name mapping. This 'cname-record' trick to assign an alias is done at Domain Name System, therefor it can be much easier tackled/blocked at DNS-level.
2. First-party tracking through first party sub-domains is a moving target and
a) there is no defense against server side tracking when you log-in to a website you agree to data usage OR
b) when you don't log in, the website has to obey the privacy rules applicable (so your privacy is somehow protected by law) and simply knows enough (IP addres and browser fingerprinting) that it can identify returning visitors (without knowing it is you, until you sign up/log in).



1632728597368.png

1632727268547.png

In my opinion generic blocks and specific first party blocking are as useful as a shopkeeper putting a lot of effort holding his hands over a small crack in his shop window, while leaving his front door open and the cash checkout unattended. Using Next DNS (against cname cloacking) and AdGuard's (remove) URL paramater list offer far better coverage than the old fashioned first party (subdomains) and generic rules in EasyPrivacy.

Although this might seem like a rant against EasyPrivacy, it is not. The blocklists of Easylist are the best maintained lists available. Brave puts a lot of effort in them to remove stale (obsolete) rules and when you use the optimized version of AdGuard all exotic rules (rules which are scarcely or never used) are also removed. So please when you don't want to use my list, use AdGuard EasyPrivacy optimized version (link to Brave study showing 90% of easylist rules are nearly never used)
 
Last edited by a moderator:
F

ForgottenSeer 92963

Thread author
@Kees1958
I know that you are not a supporter of ad- and trackerblocking on DNS-level. AFAIK it's the only way to block ads and trackers on smart TV's.
Good tip

As far as I know (but please correct me when I am wrong) the DNS settings of the end devices override DNS settings of the router if no further measures are taken to prevent end devices or end users to use their own DNS settings. So you could setup Next DNS in the router with Privacy (ad blocking enabled). Your mobile phones probably use the default internet gateway of your mobile network operator and you can easily assign another Next DNS configuration (ad blocking disabled) on the PC's of your household.

Until now NextDNS does not require a confirmation when you sign up, so you can use a one-time-use email or an alias to have more NextDNs configurations (also an easy way to circumvent the 300.000 free DNS resolves per month maximum).

EDIT
After some research I was able to change the DNS in my smart-TV box. When I setup the DNS on my PC in my wireless card adapter, my VPN service did connect, but I could not connect to the Internet. Therefor I decided to use Next_DNS A (adblocking) in the router and over rule it with Next DNS config B (only malware blocking) in the browser on my PC. I created a third Next DNS config (also only malware blocking) for my wife's laptop. This seem to work fine along side my VPN which I have configured a a wireless adapter.
 

Jan Willy

Level 11
Verified
Top Poster
Well-known
Jul 5, 2019
544
AdGuard DNS and Next DNS own filter (simply because they are maintained by DNS providers. So problably best suited to use at DNS level. No other rational or experience/opinion behind this choice).

What do you use?
Only Steven Blacks filterlist. This list is included in NextDNS own filterlist and there supplemented by (for me unnecessary) Asian-oriented filterlists. The main goal is blocking trackers, what imho can be done very well at DNS-level, just like blocking malicious sites.
 

rain2reign

Level 8
Verified
Well-known
Jun 21, 2020
363
Is use Quad9 now, since i had some issues with NextDNS timeouts for a while. But i used to use the default recommended NEXTDNS list (because of StevenBlacks list), perflyst Smart-TV list and GoodbyeAds for smartphones within the router network. Worked great for a long time, but i havent switched back since going to Quad9 yet.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top