New Update uBlock Origin update thread

Jan Willy

Level 13
Verified
Top Poster
Well-known
Jul 5, 2019
607
1. Easy Medium Mode
Block third-party scripts and frames except (tilde is not) for country code's of Canada (CA), USA (US), UK and Top Level Domain's COM, IO, INF, NET, ORG
||$third-party,script,frame,to=~US|~UK|~com|~io|~inf|~net|~org
You forgot the asterisk *. In my eyes the rule should be
*$script,image,third-party,to=~com|~eu|~inf|~io|~ms|~net|~nl|~org

In easy hard mode you have to delete 'script,frame'.

Schermafbeelding 2023-03-02 121820.jpg
 
F

ForgottenSeer 97327

@Jan Willy thanks corrected (y)

Code:
1. Easy Medium Mode
Block third-party scripts and frames except (not = ~ ) for country code's of Canada (CA), USA (US), UK and Top Level Domain's COM, IO, INF, NET, ORG
||*$third-party,script,frame,to=~CA|~US|~UK|~com|~io|~inf|~net|~org

2. Easy Hard Mode
Block third-party except (not = ~) for country code's of Canada (CA), USA (US), United Kingdom (UK) and Top Level Domain's COM, IO, INF, NET, ORG
||*$third-party,to=~CA|~US|~UK|~com|~io|~inf|~net|~org

3. Block all third-party scripts and frames on (from) a specific website (example1.com)
||*$third-party,script,frame,from=example1.com

4. Block third-party scripts and frames anywhere linking to a specific website (example3.com)
||*$third-party,script,frame,to=example3.com

5. Block third-party scripts and frames on a specific website (example1.com) linking to another specific domain (example3.com)
||*$third-party,script,frame,from=example1.com,to=example3.com

6. Block nasty popups and popunders to an advertising network which will redirect them (often to adult websites, I used three real examples below)
||*$popup,popunder,to=trafficjunky.net|tsyndicate.com|opoxv.com

@oldschool, still needing guidance of Jan Willy SAN ;) with his coaching, I will be a Max100 in a few years :)

1677757280240.png
 
Last edited by a moderator:

ErzCrz

Level 23
Verified
Top Poster
Well-known
Aug 19, 2019
1,221
I have not been using uBo for some time and was disappointed that denyallow did not facilitate entities (any more) like AdGuard in denyallow (see post 227 of this thread).

Today I looked through the uBO Wiki to see whether it was replaced by something else and found that version 1.46 added some important new static rule features which makes them look more like dynamic rules. As I explained in post #227 I liked to add the 'problem free attack surface reduction of easy medium mode' to the static rules and use dynamic filtering to fine tune and weed out unnessecary stuf (and trial it a few weeks before 'promoting' them as a static rule in My Filter).

JanWillys easy medium mode static rule for Adguard: ||*^$script,subdocument,third-party,denyallow=com|eu|inf|io|ms|net|nl|org
Would look like this with the new uBlockOrigin syntax: ||*$script,subdocument,third-party,to=~com|~eu|~inf|~io|~ms|~net|~org
the ~ means not, so: not to com, not to eu | not to inf | not to io | (etc)




Happy uBO user again :) (y)(y)(y)(y)
Sorry, been at work. My only question on this is my dynamic rules contain a noop variable for my com, eu etc meaning it would be blocked if on the subscribed lists so how is that handled in the static filtering?
 
F

ForgottenSeer 97327

Sorry, been at work. My only question on this is my dynamic rules contain a noop variable for my com, eu etc meaning it would be blocked if on the subscribed lists so how is that handled in the static filtering?
2. Easy Hard Mode
Block third-party except (not = ~) for country code's of Canada (CA), USA (US), United Kingdom (UK) and Top Level Domain's COM, IO, INF, NET, ORG
||*$third-party,to=~CA|~US|~UK|~com|~io|~inf|~net|~org

The ~ means exclusion, so it is not an allow, but has the same effect as noop in dynamic rules. The TO - FROM really brings the ease of use of dynamic rules to static rules. Static rules have the advantage of more detail and more complex filtering options, so uBlockOrigin now is far ahead of other adblockers.
 

Jan Willy

Level 13
Verified
Top Poster
Well-known
Jul 5, 2019
607
The TO - FROM really brings the ease of use of dynamic rules to static rules.
I agree. Very nice that TO and FROM now are part of the uBO syntax. Although FROM means nothing else as the existing DOMAIN. Nevertheless, I prefer using medium mode (MM) as long as it will be available (MV3?). If you use the from MM converted filter rules, there is a significant risk that they interfere with the rules of filterlists. Especially the exclusion part of the converted filter rules can have an undesired effect. If you don't use network filter lists then there is no problem. If I understand well, you use MM to create finally your own filterlist in addition to the browsers filterlist. So you don't use external filterlists and will not experiencing the risk I described. But just using MM is for the time being the easiest way.
 

ErzCrz

Level 23
Verified
Top Poster
Well-known
Aug 19, 2019
1,221
2. Easy Hard Mode
Block third-party except (not = ~) for country code's of Canada (CA), USA (US), United Kingdom (UK) and Top Level Domain's COM, IO, INF, NET, ORG
||*$third-party,to=~CA|~US|~UK|~com|~io|~inf|~net|~org

The ~ means exclusion, so it is not an allow, but has the same effect as noop in dynamic rules. The TO - FROM really brings the ease of use of dynamic rules to static rules. Static rules have the advantage of more detail and more complex filtering options, so uBlockOrigin now is far ahead of other adblockers.
Great, thanks. Tested both on a adblock test page and got the same results with both in terms of number of blocked items. I think the static rule one ran the page a little faster I think. Will experiment with it some ;)
 

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,779
Great, thanks. Tested both on a adblock test page and got the same results with both in terms of number of blocked items. I think the static rule one ran the page a little faster I think. Will experiment with it some ;)
first ever test for me at an adblock test page, with win10_vm, Edge and blocked 142/142! 100%, ublock origin & privacy badger (also running ddg, F-Secure & Mullvad vpn) Good I guess??
 

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,697
I don't buy into any of these tests. The best test is how web pages appear to individual users. Everyone's browsing habits are different. The tests have extremely limited value and many unkowns , e.g. coding, methodology, etc.
 

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,779
I don't buy into any of these tests. The best test is how web pages appear to individual users. Everyone's browsing habits are different. The tests have extremely limited value and many unkowns , e.g. coding, methodology, etc.
thanks, good to know, for me, mostly with Edge, webpages render well, or seem to, occasionally I notice a blank space where an ad would be.
 
F

ForgottenSeer 97327

Great, thanks. Tested both on a adblock test page and got the same results with both in terms of number of blocked items. I think the static rule one ran the page a little faste1 dynamic rule: CNN.COM SEGMENT.COM * BLOCK translates to: ||$*third-party,from=CNN.COM,to=SEGMENT.COMr I think. Will experiment with it some ;)
It is true that static rules are a bit faster than dynamic rules and dynamic rules are a bit faster than cosmetic rules, but it would surprise me that you would notice it.

When you are the type of "set and forget" user, using dynamic rules for easy medium is probably the most convenient way to implement this. When you like to switch on hard mode on some websites to further strip them, it is easier to move the 'easy hard mode' or 'easy medium mode' blocking rules to the static rules section. In the picture below EDGE on STRICT seems to miss SEGMENT.COM (there is also a SEGMENT.IO). It is easy for me to block SEGMENT.COM with dynamic rules. I usually keep this dynamic rule for a few weeks and when it does not give me any problems I make it a static rule (1) when I encounter SEGMENT.COM on another website, I experiment with it for a while (does not break website functionality) and add it to my first static rule (2). When I encounter it on a third, I usually make it a generic rule (3)

1 dynamic rule: CNN.COM SEGMENT.COM * BLOCK translates to static rule: ||$*third-party,from=CNN.COM,to=SEGMENT.COM
2.dynamic rule: DOMAIN2.CO.UK SEGMENT.COM * BLOCK translates to static rule: ||$*third-party,from=DOMAIN2.CO.UK,to=SEGMENT.COM
3.dynamic rule: * SEGMENT.COM * BLOCK translates to static rule: ||SEGMENT.COM$third-party

1677834614635.png
 

ErzCrz

Level 23
Verified
Top Poster
Well-known
Aug 19, 2019
1,221
It is true that static rules are a bit faster than dynamic rules and dynamic rules are a bit faster than cosmetic rules, but it would surprise me that you would notice it.
Probably some other variable made it feel faster. I think one of my older more strict rulesets did better on those test pages but it also differs from browsers.

Anyway, thanks for the additional info. Will play around with it at the weekend.
 

silversurfer

Super Moderator
Verified
Top Poster
Staff Member
Malware Hunter
Aug 17, 2014
11,256
uBOLite_0.1.23.3066 released today on github, not available yet on Chrome web store but there is the previous (new) version 0.1.23.3038 been released two days ago:

uBOLite_0.1.23.3066​


Release notes
  • Updated filter lists


uBOLite_0.1.23.3038​


Release notes
  • Fix an issue which might have prevented some redirect filters from being properly triggered (cd21a0b)
  • Updated filter lists
 

plat

Level 29
Top Poster
Sep 13, 2018
1,793
I was made aware just a short while ago that some list maintainers may not support Manifest v.3 (or Chrome browser versions after May 2023). If anyone is using any list of Dandelion Sprout's--in my case: Annoying Banners and Overlays List--pls keep this in mind and maybe start to consider viable substitutions (perhaps some from oisd for example).


If i learn of any others I'll post them where appropriate.
 

silversurfer

Super Moderator
Verified
Top Poster
Staff Member
Malware Hunter
Aug 17, 2014
11,256
uBlock Origin 1.47.4 stable build (released 3 days ago, according to github) it's available on Chrome web store and Opera addons, but yet missed for Edge and Firefox.
 

Gandalf_The_Grey

Level 84
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,414
Yes, updating automatically when the new version is available on addon/extensions web store, when just depends on the browser: Chrome, Edge, Firefox, Opera.
At the moment only the stores of Chrome and Opera have the latest version, Firefox and Edge are still on 1.47.2, but you can expect an update for those (hopefully) soon.
 

plat

Level 29
Top Poster
Sep 13, 2018
1,793
I check the Dashboard filter lists page kind of routinely as often, individual lists like uBO Quick Fixes need updating--often daily (and the Auto-update function on that page is enabled). You can also force some updates by clicking "Purge all caches" and then "Update now." But the latest version will come when it comes. Firefox is always among the last to offer it.

If you back up your lists and settings via the Settings page, you can always install the latest version from the browser's web store when it's available. I had to do that the other day as the new version just wasn't coming down the pipeline for some reason.
 

silversurfer

Super Moderator
Verified
Top Poster
Staff Member
Malware Hunter
Aug 17, 2014
11,256
uBlock Origin 1.48.0 released today on github, but probably takes a while until available on all app stores...
To install the stable build:

New​


Readiness status at browser launch​


uBO's readiness at browser launch time is a particularly prickly issue on Chromium-based browsers,[1] especially more so since Chromium 110. This leads to numerous reports of "uBlock stopped working", which are simply caused by the fact that at launch time the browser started to load webpages before uBO was ready to filter properly (because the filter lists were not fully loaded in memory).

To reduce the number of reports caused by this issue which is outside of uBO's control, uBO's toolbar icon will now reflect its readiness status at browser launch.
  1. A yellowish toolbar icon means that uBO is currently loading all filter lists into memory and as such is not ready to filter properly:
    Screenshot from 2023-03-18 12-50-34
  2. If additionally there is a yellowish ! badge while uBO is working toward readiness, this means network requests were fired by the browser which could not be processed by uBO, potentially leading to ads/trackers/etc. not being filtered in some of the already opened webpages:
    Screenshot from 2023-03-18 12-25-30
  3. Once uBO is ready to filter properly, a yellowish ! badge on a normally colored toolbar icon means that the current webpage was not filtered properly at browser launch, potentially causing the current webpage to be afflicted by ads/trackers/etc.:
    Screenshot from 2023-03-18 11-58-36
  4. To remediate the browser launch filtering issue on a given webpage, you can simply force a reload of that webpage, which as a result will bring back the badge to be rendered as expected:
    Screenshot from 2023-03-18 11-58-42

For Chromium-based browsers, it is possible to automate step 4 above by checking the setting Suspend network activity until all filter lists are loaded in Filter lists pane in the dashboard. Caveat: in the past some users have reported this negatively interfered with page loading at browser launch time in some cases (example, example), hence why it is optional and not enabled by default in Chromium-based browsers.

With Firefox-based browsers, you should typically only see step 1 and 4 above, unless you disabled the setting Suspend network activity until all filter lists are loaded, which is enabled by default in Firefox.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top