Advanced Privacy: Some extremely common trackers not blocked
- /e/ version: Tested under 1.3 and 1.4
- Device model(s): Tested on Xiaomi Redmi Note 8T
- Device rooted: no
Summary
Some rather ubiquitous trackers pass through the filter since they are currently missing from the filter list. This includes trackers from Facebook and Google.
This also leads to AP listing fewer trackers for one and the same app than AppLounge and Exodus Privacy do. This undermines user confidence in the effectiveness of AP.
The problem
You can read the detailed discussion around the issue in this forum thread.
The relevant tracking endpoint URLs are (likely not an exhaustive list):
facebook.net
*.facebook.net
graph.facebook.com
www.facebook.com
firebaseremoteconfig.googleapis.com
firebaselogging-pa.googleapis.com
firebase-settings.crashlytics.com
*.crashlytics.com
*.sentry.io
*.revenuecat.comEDIT: Removed *.metric.gstatic.com from the list since it seems to be a harmless connectivity check that should not be blocked.
However, these are just based on analyzing basically just a single app with NextDNS, so it stands to reason that there are a lot more that currently pass through the filter.
Note that blocking www.facebook.com is necessary to prevent some apps with the Facebook SDK built in from phoning home, but would also block access to the facebook website from browsers, but the other facbook domains have no discernable negative effect on anything. It might make sense to have the "www.facebook.com" listed as a separate tracker so the user could selectively allow it for their browser to access the facebook website.
In general, being able to view a log of connections by an application and adding the ability to add custom entries to AP would be helpful for testing and tracking down these types of issues.