Anti-tracking tools on iOS devices

Reading this Ars Technica article about DuckDuckGo’s anti-tracking tool:

DuckDuckGo is positioning App Tracking Protection as something like Apple’s App Tracking Transparency for iOS devices, but “even more powerful.” Enabling the service in the DuckDuckGo app for Android (under the “More from DuckDuckGo” section) installs a local VPN service on your phone, which can then start automatically blocking trackers on DDG’s public blocklist. DuckDuckGo says this happens “without sending app data to DuckDuckGo or other remote servers.”

While comparing this tool to iOS’ App Tracking Transparency is a easy and free marketing win for DuckDuckGo, I would like to point out that equivalent tools do exist on iOS.

The closest equivalent to this on iOS would be the 1Blocker app which has a “firewall” functionality that blocks trackers within apps using DNS based blackholing. It does this by using iOS VPN APIs to set itself as a VPN that just provides a local DNS server. 1Blocker also provides browser ad-blocking using Safari’s content block APIs.

I don’t use 1Blocker’s DNS blackholing functionality as running a VPN can cause a significant/noticeable drain on my phone’s battery life. But otherwise it gets the job done. I am not 100% sure as I don’t use Android and cannot test this but the DuckDuckGo tool is also using Android’s VPN functionality and theoretically will see similar battery drain.

On my home wifi network, I rely on my local pi-hole setup to do DNS blackholing of trackers. When on cellular data or on other wifi networks I rely on NextDNS and its iOS app which uses iOS’ native DoH (DNS-over-HTTPS) functionality to send my DNS traffic to NextDNS. The app can be configured to turn itself off on certain wifi networks which is what I’ve done so I don’t end up inefficiently sending DNS traffic to NextDNS when I have a caching resolver on my LAN.

The above NextDNS method of blackholing has no discernible battery drain issues. The only downside here is sending your DNS query traffic to NextDNS which I’m fine with as I trust them to not be shady with said data.

It truly is depressing just how much data a lot of apps hoover up in the name of “analytics” or “telemetry”. I have long lost any trust on providing this kind of data to developers so I simply just block all of it. Sorry to the decent developers who do use telemetry in a privacy sensitive way.