ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

News and Reviews > Mini-Reviews by Members

AdGuard: the better Ad Muncher?

<< < (7/8) > >>

x16wda:
For this method to work correctly, Adguard imports its own root certificate in certificate store that your browser uses. If https-connection filtering is enabled, Adguard automatically detects browsers installed on your computer and installs the root certificate in their stores.
-Jibz (June 10, 2015, 03:48 PM)
--- End quote ---
However I installed Pale Moon for testing after Adguard was in place, and almost every site I go to triggers a warning. I have not yet seen a way to make it recheck for browsers to "fix"... there ought to be a button somewhere. Guess I will resort to looking it up. <grumble>  :P

Cloq:
@Jibz

Thanks for link. Not sure how I feel about trusting an "unknown" company to be a man-in-the-middle for ssl... seems a bit risky(?)

mwb1100:
Thanks for link. Not sure how I feel about trusting an "unknown" company to be a man-in-the-middle for ssl... seems a bit risky(?)
-Cloq (June 10, 2015, 07:54 PM)
--- End quote ---

That is a concern that many people have.  However, to be able to strip ads, the unencrypted HTTP data needs to be examined.  The choices seem to be:

  - live with ads in https sessions
  - use a man-in-the-middle solution such as AdGuard
  - use an ad blocker that is a browser plug-in so that it can filter the data after the browser has decrypted it

I'm not sure of the relative security risks/benefits between the second and third options, but they seem to be somewhat similar to me (a decidedly non-expert in this area).  Maybe the third option has a smaller 'attack surface'? And I'm not sure that the trust level for a typical browser plug-in author/provider would necessarily be any higher than AdGuard's.


Cloq:
Think I will wait till adguard gives you a way to whitelist sites from ssl filtering.

Release notes from their current version states they are working on that:

Coming Soon:
Fully disable SSL interception for the websites using “Extended Validation” certificates. This type of certificates is mostly used by financial companies, banks, etc.

Cloq:
I have asked for a feature request for adguard (support forum), hopefully it will get accepted. :D

---------------
Currently it seems adguard supports ssl filtering for all ssl (minus the exclusion whitelist), this seems to be too all encompassing from a security stand point.

Please provide a way (for advanced users/settings) to allow ssl filtering *only* on user blacklist and not on all (as is currently) ssl sites. This method gives a greater degree of control over what ssl sites get filtered.
---------------

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version