- Aug 19, 2019
- 1,222
So many options with uBO, I find myself often going with simple rules but looks like it's time I review my setup with it.
I keep coming back to Medium Mode. It's simple and elegant.So many options with uBO, I find myself often going with simple rules but looks like it's time I review my setup with it.
I keep coming back to Medium Mode. It's simple and elegant.
True, but not everyone drives in strange countries. Some people dislike travel with its unpredictable nature, inconveniences, uncomfortable beds, bad food, etc. and find home is where the heart is!With Easy-hard mode all your doors are locked when you drive in strange countries
So what? It only is a band-aid for that specific instance, it does not solve the problem. uBlock medium mode simply does not block xmlhttprequests nor fetch nor websocket nor DOM nor ....gorhill added a commit to uBlockOrigin/uAssets that referenced this issue Apr 11, 2017Sites can bypass 3p-script block with an XHR request. · Issue #2527 · gorhill/uBlock
Describe the issue Sites can bypass 3p-script block by eval()ing a XHR request. The only way to block this is to block all third party connections. (3p block) The connection shows up in the console...github.com
fix gorhill/uBlock#2527
True, but not everyone drives in strange countries.
I still find Medium Mode the simplest for me. It also remains true to my surfing axiom: Stay safe, not paranoid!
In which case, one may use hard mode, which is no more difficult.uBlock medium mode simply does not block xmlhttprequests nor fetch nor websocket nor DOM nor ....
6 of one, a 1/2 dozen of the other ...Hard mode will actually ensure that profiling by 3rd parties is completely foiled, though at the expense of having to fix most web sites. For privacy-minded users, medium mode seems to be the optimal approach.
That is why Kees1958 adviced to whitelist some TLD's by nooping them, which makes hard mode easy to useIn which case, one may use hard mode, which is no more difficult.
Edit: and this from Gorhill
6 of one, a 1/2 dozen of the other ...
Rare is the browser extension that can satisfy both passive and power users. But that’s an essential part of uBlock Origin’s brilliance—it is an ad blocker you could recommend to your most tech forward friend as easily as you could to someone who’s just emerged from the jungle lost for the past 20 years.
If you install uBlock Origin and do nothing else, right out of the box it will block nearly all types of internet advertising—everything from big blinking banners to search ads and video pre-rolls and all the rest. However if you want extremely granular levels of content control, uBlock Origin can accommodate via advanced settings.
We’ll try to split the middle here and walk through a few of the extension’s most intriguing features and options…
I think I posted this elsewhere but WTH! It turns out I really like classic hard mode, and the more I use it the more I like it. If one has some experience with medium mode, hard mode is a breeze with little learning curve - the crux of which is identifying the big 3rd party players. Also, surprising how many sites aren't broken right out of the box. Feel the power of µBO!That is why Kees1958 adviced to whitelist some TLD's by nooping them, which makes hard mode easy to use
Actually Legitimate URL Shortener Tool
uBlock Origin works best on Firefox · gorhill/uBlock WikiThis document explains why uBO works best in Firefox.
CNAME-uncloaking
Ability to uncloak 3rd-party servers disguised as 1st-party through the use of CNAME record. The effect of this is to make uBO on Firefox the most efficient at blocking 3rd-party trackers relative to other other browser/blocker pairs:
The dark green/red bars are uBO before/after it gained ability to uncloak CNAMEs on Firefox.
Source: "Characterizing CNAME Cloaking-Based Tracking on the Web" at Asia Pacific Network Information Centre, August 2020.
HTML filtering
HTML filtering is the ability to filter the response body of HTML documents before it is parsed by the browser. For example, this allows the removal of specific tags in HTML documents before they are parsed and executed by the browser, something not possible in a reliable manner in other browsers. This feature requires the webRequest.filterResponseData() API, currently only available in Firefox.
Browser launch
At browser launch, Firefox will wait for uBO to be up and ready before network requests are fired from already opened tab(s). This is not the case with Chromium-based browsers, i.e. tracker/advertisement payloads may find their way into already opened tabs before uBO is up and ready in Chromium-based browsers, while these are properly filtered in Firefox. Reliably blocking at browser launch is especially important for whoever uses default-deny mode for 3rd-party resources and/or JavaScript. There is an advanced setting available to tentatively mitigate this issue in Chromium-based browsers (disabled by default), see suspendTabsUntilReady (this setting should be left untouched in Firefox-based browsers).
Pre-fetching
Pre-fetching, which is disabled by default in uBO, is reliably prevented in Firefox, while this is not the case in Chromium-based browsers. Chromium-based browsers give precedence to websites over user settings when it comes to decide whether pre-fetching is disabled or not. See documentation for "Disable pre-fetching" .
WebAssembly
The Firefox version of uBO makes use of WebAssembly code for core filtering code paths. This is not the case with Chromium-based browsers because this would require an extra permission in the extension manifest which could cause friction when publishing the extension in the Chrome Web Store.
For more about this, see: No way to use WebAssembly on Chrome without 'unsafe-eval' · Issue #7 · WebAssembly/content-security-policy.
Storage compression
The Firefox version of uBO use LZ4 compression by default to store raw filter lists, compiled list data, and memory snapshots to disk storage. LZ4 compression requires the use of IndexedDB, which is problematic with Chromium-based browsers in incognito mode -- where instances of IndexedDB are always reset, causing uBO to always launch inefficiently and with out of date filter lists (see #399). An IndexedDB instance is required because it supports storing Blob-based data, a capability not available to browser.storage.local API.
In my eyes it's a matter of trust. When they say that they don't track or profile me, I believe them until proven otherwise.Vivaldi/Brave need a minimum user base allowing Google ads to be replaced by Vivaldi/Brave advertising.
youtube.com###main
, since gstatic is just Google's domain for their (CDN) static content loading by up- and downloading to/from the nearest Google server near your IP or location. That line should only block an image with that same name, and nothing else.Learn to use the logger and you can pinpoint the source of the issue. It takes some time but is well worth it.So I decided to get off my lazy behind and after some shenanigans, I saw the issue was uBO-related. So I began disabling each filter one by one and lo and behold