This sounds like good advice so upvoted. I’m a big fan of Raymond Hill¹’s products so I am curious about how much benefit Adguard provides if uBlock Origin is already blocking online trackers, ads and other annoyances.
¹ In this case, the developer – not the musician. I really liked the user interface of uMatrix.
It’s really nice to have ad and tracker domains blocked systemwide though I think you need to be more careful and set your device up as supervised to have more robust blocking (real always-on VPN functionality vs. best effort?).
And even then when I read about defects in Apple software that means a firewall like Little Snitch isn’t perfect (macOS) I think an external device (mobile VPN router?) is going to be essential for some threat models.
I can see how system-wide blocking would be useful. I’m personally very conservative and wary about apps that I install on my iPhone (I don’t use any ad-supported apps) so the browser is the “attack surface” that I’m most concerned about.
I already use uBlock Origin and iCloud Private Relay (as advised in your original post). I also use Private Browser tabs and regularly remove all “Website Data” from Safari (minor inconvenience in that I have to re-login to sites that I have an account on).
I’ve just installed AdGuard on my iPhone to try it out but see that the DNS protection requires a Premium subscription (it now occurs to me that I could possibly install Wireguard to connect to my VPS where I’m already running my own DNS server). I’ve also `never looked into supervised mode; I always assumed it wasn’t relevant for personal devices.
I’m a Firefox user myself but there are some very valid arguments against it on Android as well. Firefox on Android is significantly more vulnerable to exploits, lacks internal sandboxing and doesn’t properly isolate tabs from each other.
That's not totally true. Orion supports Chrome/FF WebExtensions, for example. The engine does (practically, even in the EU) have to be WebKit, but that's not the same thing as a "Safari skin."
There is Reynard if you're motivated too (Gecko-based, but it's not ready for prime time yet, and to get good performance you'll have to resort to some workaround to get JIT enabled, as it does not rely on Apple's BrowserEngineKit; one of the goals of the project is giving to not up-to-date iOS devices access to a modern browser).
Best iOS strategy that comes to mind is Safari:
(Using fresh private tabs for small privacy gain?) Better than third-party skinned browsers right? Always happy to be informed otherwise.(AdGuard does have an option to supplant uBlock in this stack btw, does “advanced” blocking https://adguard.com/kb/adguard-for-ios/web-extension/ which is nice but trust $mm-refusing uBlock dev gorhill forever)
This sounds like good advice so upvoted. I’m a big fan of Raymond Hill¹’s products so I am curious about how much benefit Adguard provides if uBlock Origin is already blocking online trackers, ads and other annoyances.
¹ In this case, the developer – not the musician. I really liked the user interface of uMatrix.
It’s really nice to have ad and tracker domains blocked systemwide though I think you need to be more careful and set your device up as supervised to have more robust blocking (real always-on VPN functionality vs. best effort?).
And even then when I read about defects in Apple software that means a firewall like Little Snitch isn’t perfect (macOS) I think an external device (mobile VPN router?) is going to be essential for some threat models.
(& uMatrix looks great!)
I can see how system-wide blocking would be useful. I’m personally very conservative and wary about apps that I install on my iPhone (I don’t use any ad-supported apps) so the browser is the “attack surface” that I’m most concerned about.
I already use uBlock Origin and iCloud Private Relay (as advised in your original post). I also use Private Browser tabs and regularly remove all “Website Data” from Safari (minor inconvenience in that I have to re-login to sites that I have an account on).
I’ve just installed AdGuard on my iPhone to try it out but see that the DNS protection requires a Premium subscription (it now occurs to me that I could possibly install Wireguard to connect to my VPS where I’m already running my own DNS server). I’ve also `never looked into supervised mode; I always assumed it wasn’t relevant for personal devices.
Thanks for the reply.
I’m a Firefox user myself but there are some very valid arguments against it on Android as well. Firefox on Android is significantly more vulnerable to exploits, lacks internal sandboxing and doesn’t properly isolate tabs from each other.
Firefox and Brave are both profoundly bad on iOS. Scrolling is a nightmare.
everything on iOS is just a safari skin
That's not totally true. Orion supports Chrome/FF WebExtensions, for example. The engine does (practically, even in the EU) have to be WebKit, but that's not the same thing as a "Safari skin."
There is Reynard if you're motivated too (Gecko-based, but it's not ready for prime time yet, and to get good performance you'll have to resort to some workaround to get JIT enabled, as it does not rely on Apple's BrowserEngineKit; one of the goals of the project is giving to not up-to-date iOS devices access to a modern browser).
Faster.