Why are you recommending a tech company operating in Russia/Moscow, and how can PG be trusted doing it?

Hi,

I recently switched to an iPhone and checked the section for safari extensions on the Privacy Guides website, and I was extremely displeased to see AdGuard being recommended, which made me reevaluate how I see PrivacyGuides.

There’s a high chance that AdGuard could be compromised (emphasis on could). It’s a Russian company, with employees STILL WORKING IN MOSCOW (according to their subreddit posts - Reddit - Dive into anything).
“Our head office is physically located in Moscow, however, legally AdGuard is a Cypriot company and abides by the EU laws” ← this sounds extremely naive to me, as in saying “it’s illegal to start wars, and Russia is definitely not invading another country right now”.

Yes, it was bought by a Cyprus company a few years ago but the fact that it’s still originated in Russia and more importantly - has developers stationed there right now and working from there - is extremely alarming.

I can’t verify that what they submit to the iOS store is the same as what’s in their open source repo, and even if I could - are we really okay with trusting to route internet traffic (they have dns/vpn services) and trusting them with sensitive information (giving full ad blocking permissions means they can read password fields) to a company with employees that will have to comply with secret local government laws like in Russia? Do we really think that the Russian government already hasn’t tried to make its local tech companies comply with shady things and spy on others?

Those are serious questions. I’m very disappointed with PG unless there’s a really good case to be made here with significant proof that AdGuard can be trusted

Hmm, interesting. Is there a trustworthy, open-source alternative to AdGuard for content blocking in Safari?

I don’t know to what level it’s comparable, but this details a Mullvad https iOS config and one could use the Mullvad ad-block DNS config. I doubt this is accomplishes the same goals, just sharing. A subscription to mullvad is not required.

I think as long as the apps are free and open source, and the filter lists as public and customizable, you can’t exclude Adguard just because it comes from a “bad” country.

I can’t verify that what they submit to the iOS store is the same as what’s in their open source repo

That sounds like an iOS problem. Basically, you can’t trust any app from the App Store following that logic.

Do we really think that the Russian government already hasn’t tried to make its local tech companies comply with shady things and spy on others?

True, but then we know for a fact that companies like Google, Apple and Microsoft participate in the PRISM program. So the question is more: what’s your threat model, do you think you could be a target of the Russian government? If you’re someone like Navalny or Ukrainian, I can understand your perspective. For a random person in an “unrelated” country, it probably doesn’t matter.

This is not how it works - you are making these allegations so it is completely up to you to present proof that anything is wrong with AdGuard.

AdGuard is open source and they are on AdGuard · GitHub