1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
|
---
title: "Android 'hosts'-based<br> adblocking without root"
date: 2023-07-11
layout: "blog"
toc: true
---
I hate how obnoxious tracking and advertising are online.
In Firefox I can just use an adblocker,
but for mobile apps it isn't so simple.
There, you basically have two options:
1. Run a "local VPN" that filters all requests,
but then you can't use a real VPN at the same time,
and you need to trust whoever wrote the app (use open-source!).
When I tried this, I found it also often turned itself off,
so... not ideal.
2. Root your phone to enable more powerful methods;
the easiest approach is to replace your
[`hosts` file](https://en.wikipedia.org/wiki/Hosts_(file)#Extended_applications)
with one that contains all domains you want to avoid.
However, rooting a phone can be tricky, and if you succeed,
all the authentication and banking apps you've collected over the years
will refuse to work unless you jump through even more complicated hoops...
Ah, I love it when apps decide what I can and can't do with my phone.
On Android, I recommend you take a look
at [AdAway](https://adaway.org/), which can do both methods.
But it turns out there's a better way under certain circumstances...
Are you running a custom Android ROM, like [LineageOS](https://lineageos.org/)?
Then you might be in luck!
Open your ***Settings*** app and look for the ***Build number***
in a section called ***About phone*** or similar.
Does the number contain the string ***"userdebug"*** (see below)?
If yes, congratulations, read on!
{% include image.html file="build-number-full.png" width="42%"
alt="'Build number' at the bottom of the 'About phone' section" %}
## Part 1: preparation
First, we need to enable developer settings on your phone.
You're already in the right place:
tap ***Build number*** several times
until it asks for your password as confirmation.
Once enabled, you can find a new entry ***Developer options***
in the ***System*** section of the ***Settings*** app.
There, in the ***Debugging*** section, enable both
***USB debugging*** and ***Rooted debugging***:
{% include image.html file="dev-settings-full.png" width="42%"
alt="Debugging settings in the 'Developer options' menu" %}
Next, you'll need a trusted PC to plug the device into
(yes, *trusted*, I mean it: you're about to give it root access to your phone).
Make sure it has the `adb` program installed;
read [this guide](https://www.xda-developers.com/install-adb-windows-macos-linux/)
to get it (or on Linux you can use the package manager).
Check it's working by running:
```sh
adb devices
```
Your device should show up, although it may have a weird name.
It'll say it's *"unauthorized"* until you accept
the pop-up that will appear on the phone.
Finally, prepare the `hosts` file you want to upload to the device.
I recommend [Steven Black's files](https://github.com/StevenBlack/hosts),
but you can also find others or even write one yourself.
## Part 2: pushing the file
If you have a *"userdebug"* build,
you can give `adb` root privileges by running:
```sh
adb root
```
This is required for the following commands to work
(if you don't trust me, try it).
Next, we need to get read/write access to Android's system files.
To do so, execute these commands:
```sh
# Turn off `dm-verity' system integrity checking.
# Note: it'll tell you to reboot, but in my experience
# this isn't necessary. It won't do any harm either.
adb disable-verity
# Request read/write access to the system
adb remount
```
Now we're ready to copy the `hosts` file you prepared to the device:
```sh
adb push path-to-desired-hosts-file /system/etc/hosts
```
If you want, you can check it succeeded
by reading the file from the phone:
```sh
# Enter a shell on the phone
adb shell
# Read its current `hosts' file
more /system/etc/hosts
# Leave the shell, back to your PC
exit
```
## Part 3: cleaning up
When you're satisfied, turn integrity checking back on and reboot the device:
```sh
# Re-enable `dm-verity' for security
adb enable-verity
# Reboot so the new `hosts' takes effect
adb reboot
```
Once rebooted, go back to ***Developer options***
and disable ***Root debugging***
and ***USB debugging*** for security reasons.
Then, if you wish, you can turn off ***Developers options*** entirely.
Congratulations, you've now made the domains listed in `hosts`
inaccessible for all apps on your phone, enjoy!
But beware: Android system updates may reset the `hosts` file,
although they don't always in my experience.
You can always easily check the file's contents after an update.
|