Open ignoramous opened 3 years ago
Hi there and thanks for this feedback, we really appreciate your input.
These are all valid concerns and we thank you for raising them. I can see from the GitLab issue that this seems to be an on-going discussion and that the Blokada team seams keep to tackle some of the identified issues (notably with version 5).
With that said, we agree that Blokada isn't the only option available and that it might not be the best. We settled on Blokada as it's one of the few free option for iOS users allowing us to do two birds one stone (we also considered NetGuard for Android). In order to offer diversity to our supporters, would you be willing to write a guide on how to install and use Rethink DNS to block ads? We would use the same tags and title as blokada so that website visitors would to be presented with multiple options.
I can see from the GitLab issue that this seems to be an on-going discussion and that the Blokada team seams keep to tackle some of the identified issues (notably with version 5).
The Blokada team's response is here: https://archive.is/U9FBb
The recent commits reveal that they are addressing some of the issues and only for F-Droid flavour. Not on iOS, not on any other Android builds. The server-side things they do aren't open-source, so it isn't possible to confirm for an outsider just how other reported issues were addressed.
We settled on Blokada as it's one of the few free option for iOS users allowing us to do two birds one stone
Makes sense, but Privacy International endorsing apps must be a higher bar than that, in my honest opinion. I'd again refer you to responses from F-Droid maintainers on the thread I linked to.
...would you be willing to write a guide on how to install and use Rethink DNS to block ads?
I can, but having RethinkDNS up on Privacy International's website isn't the reason for my report. RethinkDNS + Firewall is an anti-censorship and an anti-surveillance tool. Blocking ads is just one side-effect.
Thanks.
Hi there,
I see Privacy International has a guide up on Blokada. I did an informal review of its code and found that the developers aren't really transparent about how private the app is and what its actual capabilities are.
go.blokada.org
through an analytics company, rebrandly.For code refs, see this hacker-news comment: https://news.ycombinator.com/item?id=26310349
Given my findings, F-Droid has flagged Blokada for violating user's privacy: https://gitlab.com/fdroid/fdroiddata/-/merge_requests/8536
The Blokada admins were privately informed about these shortcomings on Telegram over a period of time, starting in December, 2020, and are aware of it.
This isn't a slight on Blokada, which is a commendable project given away for free and made open source, though there is a case to be made whether Blokada (version 4) plagiarized code from Julian Klode's DNS66 project. Lack of transparency has been a theme which is worrying, and add to the fact there's little distinction between Blokada, the non-profit, and Blokada, the for-profit, things get murkier.
In light of this, Privacy International might want to re-consider endorsing Blokada on its website.
Disclosure: I co-develop a similar app, and worked on Android Enterprise & Security team at Amazon Research for 5 years.
cc: @la-carvalho