Hi everyone,
I just came across some news relating to Brave browser and Duckduckgo trying to work around and avoid the terrible Google AMP. Another example of proprietary, monopolistic and hidden (from the end user) technology.
Brave, DuckDuckGo to unplug Google’s AMP where possible
DuckDuckGo’s browsers and extensions now protect against AMP tracking
My question is: would there be a way to detect AMP at router level instead of relying on a search engine or a web browser? Something working a bit like the DNS adblocker?
1 Like
To detect AMP, you must decrypt HTTPS connections, because URLs are cencrypted in HTTPS communications. Without decrypting, you only see destination server IP in communitacion and possibly the requested host in SNI requests (ESNI is coming which hides even this).
Decrypting HTTPS effectively creates Man-in-the-middle attack. While you could do that by creating your own certificate auythority, installing it into every web client/browser in your network (others would complain about untrusted certificate), dynamically creating own certificates for every possible web on the fly, and handle SSL errors instead of letting browser do that.
Still, it’s not guaranteed to work because of some sites use DNS CAA records which provide information about which certificate authorities may provide certificates for their hosts, not listing yours. Thus, you would have to fake DNS records as well, and with DNSSEC, you would have to provide fake big part of DNS tree with own DNS keys, and install own version of root keys into verifying clients, because many DNS clients know the root keys and can find out you have modified it.
At the end, there are reports of https clients that have certificates built in and would complain no matter what you install in the system.
Simply said, you would remove the “s(ecure)” from https, it’s complicated and repeatedly creates troubles.
Installing amp-removing extentions is the correct way to go.
2 Likes
OK - makes sense. Thank you for the answer.
1 Like
Interesting but that doesn’t address the privacy/security aspects, and the fact taht Google are introducing proprietary technologies right in the middle of web contents delivery…
2 Likes