This post is more than a year old and might not reflect our current knowledge and opinions anymore.

Farewell, Blokada

Yesterday, it seemed no app on our phone (a Pixel 6 running GrapheneOS, for that matter) was able to connect to the internet, despite having clearly been granted the network permission. After repeatedly trying to fix it through a reboot, we looked into our adblocker, Blokada 5, which was, after all, controlling all of our network traffic. It turned out that in fact it was erroring, stating an issue with connecting to some sort of API. So, we turned it off, expecting a temporary downtime.

As we had more time to look into it, it turned out Blokada 5 had been removed from app stores (both F-Droid and Google Play), and a new app named Blokada 6 had been made available on Play, with both the reviews as well as the website indicating that neither was the app open source anymore, nor could it be used without a subscription, unlike with Blokada 5. So, we went to check AlternativeTo for viable alternatives, as well as looking on PrivacyGuides, where we found nothing in that direction, and looking at F-Droid (or, rather, Neo Store in our case, an alternative F-Droid client), whereas on the latter we found an app called "Rethink: DNS + Firewall". On AlternativeTo, compelling apps seemed to be AdAway, NextDNS and DNS66. DNS66 seemed somewhat still in the making to us, NextDNS does, to our knowledge, require an account, and the free tier does limit the amount of monthly DNS queries you are able to do (though, to be fair, the limits do seem generous enough for most people, I suppose), besides, we have yet to decide whether we like the approach of cloud-based adblocking, and as for Rethink, it seemed somewhat similar to NextDNS, though we did not look into it thoroughly, yet. So, ultimately, we went with AdAway, which does lack the ability to change DNS resolvers, however, that was not something we were looking for in the first place ‒ integrity of DNS queries should be assured by DNSSEC, and as for encryption, well, ISPs do see the IP addresses you are visiting, so it is questionable how much additional information the domain name gives them (yes, we are aware that several domains may point to the same IP address, still, information gained from the exact domain name visited may be limited anyway, especially when such could also be gathered by using side channels such as packet size), and we are not concerned with censorship circumvention as of now. Regarding lists, we did not add any additional ones, but in fact disabled all but the one by Steven Black, as it seems it already includes the AdAway list, and we assumed that Pete Lowe's list might not be worth the additional network requests for updates, etc. Unlike DNS66, it also allows us to allow or deny additional hosts, a feature we appreciated in Blokada as well, as, for example, we can allow ads on Xe's website (to be precise, we are allowing EthicalAds ads on any site) this way (frankly, we find xer adblocker notice more annoying than the ads themselves, and, not being interested in the products and service advertised, we do not feel like we are being manipulated through the ads there, either). The main downside we are seeing is that AdAway is to our knowledge only availabe through the official F-Droid repo, not Play or IzzyOnDroid (the latter of which is surprising, considering it can be downloaded from GitHub Releases after all), which may come with some security issues, then again, as for Blokada 5, the same applied (there was a version on Play, however, if we recall correctly, the developers claimed it lacked some features).

Have you used Blokada previously (or are even using it now, still)? What are your thoughts on various adblockers on Android; do you feel there are better ones than AdAway for our usecase? Feel free to let us know, if you wish to do so.

Update 2023-01-28 09:39:17 +0100: We switched to DNS66 as AdAway kept both "losing connection" (as in, Android was unable to connect to it, apparently) and preventing DNS lookups it should have allowed. Allowlists are still possible by adding a local file as a list to allow.