For rooted devices no problem at all, Adaway is easy to install and auto-updates, leaving no traces of advertisements. But Android is evolving, so that the techniques of getting your device rooted become less and less, since the rooting tools actually are using vulnerabilities.of Android. One of such a device now is in my hands, and after a week of hard attempts to get it rooted, I finally gave up, and sought for other ways to get rid of in-app ads. I don't have problems with browser ads, since I use Firefox with Adblock, but in-app ads are just killing me.
After some thinking I found that the only way of reaching my goal was my router. Most of nowadays routers have blocking capabilities included, such as by ip, by url, by keyword. But the problem is they are very limited, mostly to 32 terms, which excludes from the start the use of any blocking lists, which are enormous in 2015. The suggestions found by Googling the net where to include keywords of Google ad service urls, like pagead, doubleclick and so on. But that didn't work for me, probably because as the router says Compressed webpages that use HTTP compression technology cannot be filtered.
After I started analyzing my android device connections on the launch of hardly ad-coded apps, I observed that the most connections are routed to the 173.194.x.x. So I started with blocking some of its ip ranges, using * for the last octet. But, didn't work, Google is using several entire subnets, so I went a more radical way, replacing last two octets with *. It worked, but the drawbacks were unacceptable. No Gmail, no Google play or Google search, no Blogspot. It seems that Google uses the same ips for their required services and for not-required ad-services, how smart!
So what can we do? The other options for ip blocking in router is the port range, so I concentrated on how can I use. I notices that the Google ad-service is using port 80 only. Since most of their normal services are using SSL connections, you probably can unblock them by indicating 80 on the destination port. And it worked, most services reappeared, but not all, namely Blogspot doesn't like https, so no 443 port here, only 80, like ads. Another strange drawback was observed in Firefox. Since most of the sites are using Google service, like analytics and even ad-sense, pages didn't load till the end. And because of some smart web developers, who put the Google scripts before the <body>, you get stuck, because Firefox doesn't just want to give up. What else can we do? Well how can we use the other option in router: source port range? After repeating the analysis of my android device, I said Bingo again. Android apps usually used random ports, mostly in 30000-52000 range, while Firefox up above these. So:
After I started analyzing my android device connections on the launch of hardly ad-coded apps, I observed that the most connections are routed to the 173.194.x.x. So I started with blocking some of its ip ranges, using * for the last octet. But, didn't work, Google is using several entire subnets, so I went a more radical way, replacing last two octets with *. It worked, but the drawbacks were unacceptable. No Gmail, no Google play or Google search, no Blogspot. It seems that Google uses the same ips for their required services and for not-required ad-services, how smart!
So what can we do? The other options for ip blocking in router is the port range, so I concentrated on how can I use. I notices that the Google ad-service is using port 80 only. Since most of their normal services are using SSL connections, you probably can unblock them by indicating 80 on the destination port. And it worked, most services reappeared, but not all, namely Blogspot doesn't like https, so no 443 port here, only 80, like ads. Another strange drawback was observed in Firefox. Since most of the sites are using Google service, like analytics and even ad-sense, pages didn't load till the end. And because of some smart web developers, who put the Google scripts before the <body>, you get stuck, because Firefox doesn't just want to give up. What else can we do? Well how can we use the other option in router: source port range? After repeating the analysis of my android device, I said Bingo again. Android apps usually used random ports, mostly in 30000-52000 range, while Firefox up above these. So:
Of course if you use Google Chrome as your browser... but that's not my case. And since I use adblock in Firefox, allowing 173.194.x.x doesn't affect me either. For on the-go connections, the solutions is to use in-router VPN service, of course if it is available. That means that your Android device connections would pass firstly your router, making them even more secure, for example when you use Public hot-spots. So let's pray Google doesn't upgrade their ad-services to SSL unless they fix all the Android vulnerabilities first, which is not very soon I think and good for me.
Niciun comentariu:
Trimiteți un comentariu
Rețineți: Numai membrii acestui blog pot posta comentarii.