| 9 years ago: https://www.cnbc.com/2016/09/14/adblock-plus-defends-new-whi... Estimated 198 million people using ad blockers The sluggishness of the www without an ad blocker, not to mention the extent of the surveillance, has only gotten worse in the last 9 years What is the number of ad blocker users today But there are many ways to avoid ads; "ad blockers" are only way Users have choices Ad blockers are tied to the so-called "modern" browser coupled with "browser extensions"; some "modern" browser users might be running in guest mode where extensions are not allowed These browsers and extensions come with inherent trust and "security" issues The so-called "modern" browser is so large and complex that users generally do not edit or compile it themselves If there is something about the software they do not like, then they do not remove it and recompile; instead they may complain via online comments, or in the case of a small few, write "browser extensions" As it happens, the source code and compilation of these "modern" browsers is generally controlled by corporations, their business partners or competitors, that each have a financial interest in internet advertising services Whomever controls the source code for the browser can disable browser extensions; this was recently illustrated when Google disabled uBlock Origin (cf. "uBlock Origin Lite") in Chrome uBlock and other ad blockers rely on "blacklists" or "blocklists" These lists try to predict every possible domainname or IP address that is an ad server, tracker, telemetry endpoint, etc. The number of domainnames and IP addresses associated with ads, tracking and telemetry is not fixed, it is very large and constantly changing Generally it is unlikely any single www/mobile user will encounter all of the servers listed during their lifetime Nevertheless the ad blocker will "auto-update" and download these lists The user is unlikely to review these lists; for those that do, some might find there are some shocking domains in these lists Every user is different Another method of avoiding ads is via "DNS blocklists" It has the advantage of not requiring a so-called "modern" browser or extensions It can also use wildcards But it suffers from the same problems as the blocklists used by ad blockers mentioned above In addition, it is susceptible to "CNAME cloaking", which required changes to ad blockers and other methods using blocklists https://petsymposium.org/popets/2021/popets-2021-0053.pdf There are other methods to avoid ads that are neither "ad blockers" nor "DNS blocklists" For example, it is possible to avoid ads using DNS without using "blocklists" The user simply determines what domainname and IP addresses they want to visit and places them in a root.zone file^1 The user serves this zone to all their computers There is no recursion, no need for a forwarder like dnsmasq/pi-hole, no need for a cache like unbound, etc. and certainly no need for third party DNS service like NextDNS There is no "CNAME cloaking" problem This is a "root" authoritative nameserver run by the user (I have been using a custom root.zone for over 16 years) By analogy it is common for personal computer users to adopt configurations for network firewalls (e.g., ipf, ipfs, netfilter, pf, npf, etc.) with default "deny all" rules that block all traffic by default; the computer user then specifically adds further rules to create exceptions to allow only the traffic that the user wants The list of exceptions is arguably comparable to a "whitelist" or "allowlist" Perhaps the important difference from the "whitelist" mentioned in the CNBC article is that this one is controlled by the computer owner, not the software developer or the advertiser Personal computer owners using a default deny rule in a firewall config are not attempting to predict all possible src or dst addresses to which they do not want to connect, like ad blocker blocklist do 1. Over the years, the method of determining what names and addresses are needed to enjoy a set of |