Day 1 (October 23)
All times are in EEST (GMT+3)
9:15-10:00 — Arrival & coffee
Crowne Plaza conference center (to the left from the hotel main entrance). Please show us your registration confirmation email at the counter.
Light breakfast and coffee await at the Sea view foyer.
10:00-10:10 — Opening note (Caroline Hill, eyeo)
Moderator: Caroline Hill, Product Owner Acceptable Ads Criteria, eyeo
Welcome to AFDS 2025: What to expect and other info
10:10-10:35 — System-wide ad blocking on Apple Devices (Andrey Meshkov, AdGuard)
Andrey Meshkov, CTO and Founder of AdGuard
Apple has recently introduced a new framework for system-wide URL filtering. Unlike traditional DNS filtering, it can filter full URLs while still preserving user privacy. Naturally, we at AdGuard were eager to be among the first adopters.
In this talk, I’ll walk you through how this new framework works, explain how it can be leveraged by ad blockers, and share our experience implementing it in our products
10:40-11:20 — What's new in Chrome (Oliver Dunk, Devlin Cronin, Google)
Oliver Dunk, Developer Relations Engineer, Google
Devlin Cronin, Technical Lead and Manager, Google
This talk will cover what we’ve been working on in the Chrome browser over the last year, since the last Ad-Filtering Dev Summit. This will be a group talk, with multiple presenters from Google Chrome
11:30–11:55 — From Manual Rules to AI Automation: Scaling Cookie Popup Protection at DuckDuckGo (Maxim Tsoy, DuckDuckGo)
Maxim Tsoy, Senior Software Engineer, DuckDuckGo
In this presentation, we will talk about our journey tackling cookie popup automation at scale. We will share some insights about what works, what doesn’t, and how LLMs are transforming this space
12:05-12:25 — Light-Side UX: How AdGuard Communicates Privacy (Sofia Orlova, AdGuard)
Sofia Orlova, UX writer at AdGuard
Privacy and ad-blocking tools involve complex technologies but are used by people with very different levels of expertise and linguistic backgrounds. The challenge is to communicate clearly, without oversimplifying or confusing users.
This talk outlines how AdGuard approaches UX writing and interface design to make privacy accessible. I’ll explain how we align language with user context, build layered interactions, and adapt terminology across platforms and audiences. Real examples will show how consistent communication supports both usability and user trust.
12:30-12:55 — Porting desktop ABP to mobile Safari (Toni Feliu, eyeo)
Toni Feliu, SDET, eyeo
Discover the journey behind AdBlock Plus for Safari’s transition from Safari Content Blockers to Manifest V3 web extensions on iOS. We’ll explore why we made the move, the challenges we faced, and how we implemented the migration, sharing practical insights and lessons learned along the way
13:00-14:00 — Lunch break
Lunch will be served at the Haven restaurant
14:00-14:15 — TechLore
Details coming soon
14:20-14:45 — Agents Need Adblocking, Too (Anton Lazarev, Brave)
Anton Lazarev, Staff Adblock Engineer, Brave
If you outsource the dirty work of looking at websites to your agentic browser, do you even need an adblocker at all? In this talk you’ll learn about Brave’s work pushing adblocking into the AI era: how filter lists will continue to remain relevant, how they’ll become cybernetically enhanced, and a sneak peek at their next evolution for fully headless browsing
14:50-15:10 — The impact of ad filtering on performance marketing in 2025 and 2026 (Alexei Terekhov, MitGo)
Alexei Terekhov, CMO, MitGo
I would like to talk about how ad-filtering tools negatively and positively affect the performance marketing industry and what challenges both sides face, how some companies lobby for their interests in this area, while others lose millions of dollars in revenue
15:15-15:45 — Inside AGLint v4: A Developer – Contributor – User perspective on linting adblock filters (Elizaveta Egorova, Dávid Tóta, AdGuard)
Elizaveta Egorova, Developer & Filter maintainer, AdGuard
Dávid Tóta, Developer, AdGuard
In this talk, we’ll explore the evolution of AGLint, a powerful linting tool designed specifically for adblock filter lists. AGLint v4 introduces a fully rearchitected linter engine, a faster and more flexible AST walker, improved parser support, a robust new code fixer API, and a redesigned linter rule interface that greatly improves extensibility.
In the first half, David, the main developer of AGLint, will present the major technical changes in v4, sharing the motivations behind the rewrite and the key architectural decisions that shaped the new engine.
In the second half, Liza, a filter list maintainer and contributor to the project, will share her experience collaborating on custom linter rules, and reflect on using AGLint in practice. Her perspective as both a contributor and end user will offer valuable insights into how the tool performs in real-world workflows.
This two-part talk brings together the voices of developer and maintainer, giving a complete view of AGLint’s evolution, from engine internals to practical adoption in the adblock ecosystem
15:50-16:10 — Coffee break
Served at the Sea view foyer
16:10-16:35 — Stealthy Fingerprinting Users with personalized blocking rules (Saiid El Hajj Chehade, EPFL)
Saiid El Hajj Chehade, PhD Candidate, EPFL (Swiss Federal Technology Institute of Lausanne)
Ad-blockers help privacy-conscious individuals to block trackers and advertising on the web. While many use ad-blockers as is, more cautious users customize their ad-blockers by activating additional specialized filter-lists for language-based blocking and more agressive blocking techniques. While these users think they are more protected against tracking, in this talk we show that they can actually be more vulnerable to tracking, and specifically fingerprinting. We present 4 attacks to identify active filter lists, 3 of which do not require any fingerprinting script, and 2 of which can work even if JavaScript is disabled, transparently to the user. We evaluate these attacks on publicly accessible datasets of ad-blocker forum users, and find a high degree of entropy and re-identification. We finish with recommendations to protect against this type of fingerprinting
16:40-17:30 — Browser panel
Traditional panel discussion. Browsers representatives: Tina Chenska (Opera), Anton Lazarev (Brave), Rob Wu (Mozilla), Devlin Cronin (Google), Sam MacBeth (DuckDuckGo).
17:40-17:45 — Closing the day 1, invitation to the networking party
Don’t leave just yet 😉
18:30-? — Networking party
Details coming soon
Day 2 (October 24)
9:15-10:00 — Arrival & coffee
Crowne Plaza conference center (to the left from the hotel main entrance). Please show us your registration confirmation email at the counter.
Light breakfast and coffee await at the Sea view foyer
10:00-10:10 — Welcome to day two (Caroline Hill, eyeo)
Moderator: Caroline Hill, Product Owner Acceptable Ads Criteria, eyeo
10:10-10:35 — How do we know it's working? Proving adblockers Production Health (Aga Czyżewska, eyeo)
Aga Czyżewska, Engineering Lead in Extensions Host Team, eyeo
This presentation will outline eyeo’s strategy for verifying the operational integrity of our ad-blocking extension in a production environment. We will delve into our methods for monitoring extension health. We’ll explore our solution designed to log crucial crash data. Our internal system helps us gather important information about these problems while fully respecting user privacy, and we’ll share real examples of how those systems helps us keep the extension reliable
10:40-11:05 — Covert Web-to-App Tracking via Localhost on Android (Aniketh Girish, IMDEA)
Aniketh Girish, PhD student, IMDEA Networks
Modern browsers and mobile operating systems are built on the assumption that web and app contexts remain isolated. Yet, our research revealed a covert communication channel—via the localhost interface—that breaks this boundary on Android.
This talk will detail the technical mechanisms behind these localhost channels, our measurements, the privacy implications, and the global response. We conclude with concrete recommendations for platform-level defenses, highlighting the need to rethink localhost permissions, IPC trust models, and cross-context auditing to prevent similar abuses in the future
11:10-11:30 — Ghostery TrackerDB (Philipp Claßen, Ghostery)
Philipp Claßen, Director of Data Engineering, Ghostery
The TrackerDB project was launched in 2023 when Ghostery open-sourced its previously proprietary tracker database. Given any URL or network request, its goal is to identify the tracker or service, explain its purpose, and reveal the company behind it. In this short talk, we’ll cover: How does it work? How can I use it in my own project? How can I contribute back?
11:35-12:00 — Beyond Filter Lists: Using LLMs to Rethink Ad Blocking (Maxim Topciu, AdGuard)
Maxim Topciu, Browser Extensions Team Lead, AdGuard
For years, ad blocking has relied on filter lists. This talk explores how Large Language Models (LLMs) can help us rethink this foundation, moving beyond simple rules to block ads based on their meaning and appearance.
I will share my ongoing experiments and cover:
— Semantic Ad-Blocking: How LLMs can enable a new class of filter rules, moving from keyword matching (`:contains()`) to true semantic understanding (`:contains-meaning()`) with embeddings.
— Multimodal Detection: I’ll demonstrate using LLMs to analyze both text and images together for more robust detection of visual and native advertising.
— Automating Annoyances: A look at how LLMs can go beyond ad blocking to handle related annoyances, like automatically navigating and rejecting cookie consent forms.
We will conclude by discussing the practical future of this LLM-driven approach, comparing specialized models against the powerful, general-purpose LLMs being built directly into our browsers
12:05-12:30 — Enhancing Ad Blocker Quality Assurance Using AI (Tina Chenska, Opera)
Tina Chenska, QA Engineer, Opera
Ad blockers are evolving fast, and so are the challenges of testing them. In this talk, we’ll explore how AI can bring new capabilities to ad blocker testing process in Opera Browser – from detecting visual changes on web pages to automating the discovery of test scenarios. We’ll look at practical approaches for integrating AI into browser-based testing workflows, discuss potential pitfalls, and share lessons learned from real-world experiments. Whether it’s improving accuracy, speeding up test creation, or uncovering edge cases, AI opens up new possibilities for making ad blocker testing smarter and more efficient
12:35-12:55 — Automating Ad commits (Ryan Brown, Brave)
Ryan Brown (fanboy), Filterlist author, Brave
Tooling to automate and improve coverage in Easylist using NWSS.js
13:00-14:00 — Lunch break
Lunch will be served at the Haven restaurant
14:00-14:25 — Tales from Blocklist Maintenance (Peter Lowe, First)
Peter Lowe, DNS Abuse Ambassador, First
Anecdotes from 27 years of maintaining a blocklist
14:30-14:55 — Local Frames: Exploiting Inherited Origins to Bypass Content Blockers (Anton Lazarev presenting for Alisha Ukani)
Anton Lazarev, Staff Adblock Engineer, Brave (presenting for Alisha Ukani, PhD Student, UC San Diego)
We present a study of how local frames (i.e., iframes loading content like “”about:blank””) are mishandled by a wide range of popular Web security and privacy tools. As a result, users of these tools remain vulnerable to the very attack techniques against which they seek to protect themselves, including browser fingerprinting, cookie-based tracking, and data exfiltration. The tools we study are vulnerable in different ways, but all share a root cause: legacy Web functionality interacts with browser privacy boundaries in unexpected ways, leading to systemic vulnerabilities in tools developed, maintained, and recommended by privacy experts and activists
15:00-15:25 — Filtering Bad Ads using LLM Assisted AdBlocking (Ritik Roongta, New York University)
Ritik Roongta, PhD Student, New York University
Blanket adblocking leads to a lot of breakages in the wild. At the same time, ads tracking puts users at risk. Standards such as Acceptable Ads or Coalition for Better Ads also focus on aesthetic dimensions and not on ad content. We plan to improve upon these adblocking standards by incorporating bad ad content.
We plan to use LLMs to assess the ad images and police ad exchanges that default over a defined timeframe
15:30-15:50 — Coffee break
Served at the Sea view foyer
15:50-16:10 — Collaborative Paths to Privacy Enhancing Advertising (Leigh Freund, the NAI)
Leigh Freund, President & CEO, The NAI
This session will explore practical approaches to achieving privacy enhancing digital advertising in a way that benefits publishers and advertisers and enables a free and open internet, but also empowers consumers to exercise their privacy rights. We’ll highlight industry public policy strategies for pragmatic and meaningful legislation and regulation globally, efforts to implement privacy enhancing technologies by companies and organizations, and collaborative opportunities to re-architect the digital advertising industry with consumer privacy embedded by design
16:15-16:25 — Beyond the Surface: Uncovering Hidden Threats in Online Ads (Mohamed Elgendi, malwarebytes)
Mohamed Elgendi, Senior Software Engineer, Malwarebytes
Hidden in Plain Sight: Malicious code can lurk inside ad images, invisible to the naked eye. Discover how attackers use steganography to bypass defenses—and how modern ad security can fight back
16:30-17:20 — Filter maintainers panel
Peter Lowe, Ryan Brown (Brave), David Tota (AdGuard), Elizaveta Egorova (AdGuard), Sam Macbeth (DuckDuckGo). Moderated by Andrey Meshkov (AdGuard)
17:30-17:40 — Closing note
Saying goodbyes with the hope to meet next year