Frequently Asked Questions
Q: Are there any plans for Mac OSX GUI?
Currently not, unless someone wants to volunteer. There are several reasons for that:
  • I didn't really like developing on OSX. In particular, I dislike ObjectiveC and Cocoa.
  • Developing a GUI for OSX is going to be harder than for other platforms. The GUI and the background service will have to be separate processes and communicate with each other.
  • BFilter was intended to "just work", so only a few people will want to change its configuration.
Q: Are there any plans for HTTPS filtering?
When dealing with HTTPS, we have two options for removing ads:
  • Denying connections to certain hosts.
    BFilter supports this method starting with version 1.0.8, but providing a list of hosts to block is up to the user. Blocking HTTPS hosts is done by adding lines like this to the urls.local file:
    FORBID http://host.com:443
  • Decrypting and re-encrypting the traffic between the brower and the server.
    This method is not implemented. The main problem with this method is that HTTPS was designed to prevent exactly that. The browser would notice something is wrong and warn you about it. This would happen on every HTTPS site you visit. Although it's possible to silence the warnings, it won't be possible to tell if something is really wrong.
Q: Does BFilter detect text ads?
Not really. Text ads are hard to detect heuristically, while blocking them host-by-host is just not worth it, in my opinion. However, text ads are sometimes detected by one of generic heuristics, like "too many unrelated scripts", which means a script is creating a chain of scripts originating from different hosts.
Q: How do I enable access to BFilter from other computers?
You'll need to edit the config file, either directly, or using Tray Icon -> Configuration -> Advanced. Find the listen_address parameter. By default, it's set to 127.0.0.1:8080, where 127.0.0.1 is the local address of your computer, ureachable from outside. Now, suppose you have a home network and you want to allow every computer on that network to access BFilter. If your computer has a static address on that network, you just use that address instead of 127.0.0.1. In all other cases you will have to open access to the whole world like this:
listen_address = :8080
and rely on a firewall to disallow connections from outside.
Q: BFilter slows down web surfing. What can be done about it?
In versions prior to 1.1 this could happen because BFilter fetches external scripts to analyze them, but unlike a browser, can't cache them. Script caching was implemented in version 1.1. If you are using the command-line version, make sure you pass --cachedir argument to bfilter's executable.
Q: After I configure my firewall to allow BFilter to connect to the Internet, any program will be able to do so through BFilter, without my firewall noticing.
That's a valid concern. These days every other installer phones home, not to mention various kinds of spyware trying to sneak through.
The ideal solution would be to configure your firewall to treat 127.0.0.1:8080 as a remote (and/or untrusted) address. Unfortunately, I know no firewall that is capable of this. Most of them don't care about local connections at all. My solution is to configure Internet Explorer not to use BFilter, while using a different browser for web serfing. Because most of spyware and home-phoning software just use IE's settings, they won't go through BFilter and will be caught by your firewall.