We use mostly Apple equipment (MacBook, iPhone, iPad) and on our MacBooks we have Little Snitch which is an application-aware outgoing firewall that kills attempts to reach out to advertising sites, trackers, etc. This doesn't help the phones and tablets though.
We could do something through DNS perhaps, but it seems like adding the worst offenders to a URL Group to block would work as well. The only problem is, how would you save, modify, or update a URL Group in bulk (i.e. not one-at-a-time through the GUI)?
Or is this not best-practice and we should use a different mechanism (DNS Pi Hole or something similar)?
(I'm thinking I could feed my discoveries to Sophos somehow to get them to reclassify some sites to Advertising, but that feels slow, they might not agree with my classification, and some folks might want to actually visit the sites in question because they use their services.)
P.S. In the Managed TLS Exclusion List there is "ecure.echosign.com" which I imagine is a copy/paste error and should say "secure", but maybe not.
This thread was automatically locked due to age.
