A French programmer by the name of Alex Dieulot has figured out a way to circumvent Apple’s new ad-blocking feature that Apple rolled out for their new iPhone 6s and iPhone 6s Plus smartphones in iOS 9. Dieulot explains how advertising scripts will need to evolve to circumvent iOS 9 ad-blockers in a blog post on his website aptly titled,“How to bypass iOS 9 content blocking.”
--------------------------------------------------------------------------------------------------------------------------Advanced Price Comparison App for Online Shopping ->Download "Approprice" Mobile App Today
Download from Google Play
#appropriceworld #pricecomparkiyakya #smartshopper #paisebachao #excellentmobileapps #Flipkart #Snapdeal #Amazon #Ebay #Shopping
-----------------------------------------------------------------------------------------------------------------------
Download from Google Play
#appropriceworld #pricecomparkiyakya #smartshopper #paisebachao #excellentmobileapps #Flipkart #Snapdeal #Amazon #Ebay #Shopping
-----------------------------------------------------------------------------------------------------------------------
Meaning, the domains that host the ads send data independently to your browser or iOS 9 device at the same time as the server that hosts the website, working in parallel with each other. Ad-blockers block these other domains, allowing only the domain hosting the website to send you data.
The basic premise behind Dieulot’s method is to take advantage of the fact that iOS devices have limited resources in regards to memory, processing power and battery capacity. Translated, this means that iOS 9 ad blockers cannot have excessively long block lists, which are the lists that contain all the domains that are not allowed to send data, or ads, to an iOS 9 device.
“The bigger the list, the more time and memory necessary to enforce its rules as pages load,” Marco Arment wrote in a blog post announcing Peace, the ad-blocking app he developed for iOS 9 and then later pulled from the App Store. This caused a minor stir in the Apple community and led to Apple issuing their first ever mass-refund.
“Diminishing returns set in quickly,” Arment wrote. “The ideal list has just enough entries to block most ads and trackers that we’ll encounter on most sites we’ll visit, but not so many that we’re burdening Safari with thousands of entries it will probably never use…a reasonably sized blocklist [has] about 2,000 entries.”
What Dieulot proposes is camouflaging third-party content and scripts, aka ads, as first-party content and scripts from the website actually being visited. To do this, he suggests that third-party vendors direct traffic through a website’s subdomains instead of using their own domain. This can be done by modifying a website’s DNS records.
By funneling traffic through “http://3idvduyaj.iDigitalTimes.com/analytics.js,” for example, an iOS ad-blocker app would fail to read that as content coming from a third-party app vendor and instead believe it originated from iDigitalTimes. The back portion of the URL can obfuscated with random letters and numbers as well, and file extensions are not needed if a vendor’s webserver is configured correctly.
For the moment, an iOS 9 ad-blocking app can only block domain names and URLs, since Apple has not allowed iOS 9 ad-blockers to block IP addresses. iOS 9 ad-blockers are very limited in their abilities, which hampers the scope of what they can do. An iOS 9 ad-blocking app cannot read through or analyze Web traffic for example – it can only pass certain rules to iOS Safari of what to block.
Apple could fix this in an update by allow iOS 9 ad-blockers to block the IP addresses that subdomains are rerouting to, but third-party vendors could try to circumvent that by using dynamic IP addresses instead of static ones. Another possibility is that iOS 9 ad-blockers only white list certain third-party sites, like Twitter or YouTube, but this could hamper Web development.
The last possible option if Apple figures out how to plug the leak is to have websites host a third-party vendor’s scripts and relevant content on their own servers. But, unless you have strike up a partnership with a mass hosting site like Squarespace, good luck trying to roll it out.
No comments:
Post a Comment