Shameless plug (Founder here), but I’d highly recommend checking out [redacted] as an alternative!
We work on a number of major publications that 12ft does not, including NYT, WSJ, and several others. We have a full list of supported publications here: [link redacted]
Stopping the page load halfway through defeats the NYT paywall, last I remember. Either that or switching to Firefox reader mode, or combination of both.
Edit: Just retested. Went to nytimes.com, clicked on a story, got the paywall. Turned on FF reader mode and reloaded. Blam, there is the whole article.
This is so very easy to do correctly in the back end, such that without an authenticated session from a paying user, the full content simply does not leave the server.
I think they are leaving it easily bypassable on purpose. They know that some "piracy" is beneficial, like it is in music. The paywall has to have finely tuneed "difficulty dial", such that they get revenue, without throttling the exposure (which will negatively act on the same revenue).
A "Fort Knox" paywall is probably not revenue-maximizing, that is to say.
> i wonder how you see this playing out in the future
In the near future, we're planning to expand into more general adblocking; we're currently focused on growth & there's still a lot of internal discussion happening, but we're most seriously considering a Spotify-style or micropayments model... very early days though - we just officially launched last week!
It's not immediately clear from the page, but this app performs MITM on your local machine, requires sudo, and also updates automatically using super user privileges.
I don't really like that Apple has such privileges on my machine, but trusting paywall blocker with them seems absurd.
That's all true - we mention these directly on our FAQ ([redacted]) -- many are issues we plan to address as soon as possible -- the application 100% works in terms of functionality, but is definitely still under heavy development!
> Note that the first time you run Incoggo, you will need to enter your computer password.
That's a very understated way to say "we run stuff on your computer that require root privileges". It is explained later but there's no such thing as too many warnings about running 3rd party code under root on my computer.
> If you’re a very security-minded individual (or you use your computer for very sensitive tasks),
Who doesn't? Like, accessing my bank account? Accessing my email, where my bank account would sent 2FA/password reset? Uploading my ID photo to one of the dozens sites now that require that? I'm not sure we know each other well enough so I'd entrust you access to all that. Not even if that allows me to read Vanity Fair. I guess I'm one of those "very" individuals?
> Incoggo adds a file to your system’s sudoers.d folder that whitelists specific commands from requiring a sudo password to perform
Erm, does that mean any other tool would be free to use those commands under root now? Probably not the best idea.
> Incoggo also installs a trusted root certificate in your system keystore
Do I understand right that this gives it full untraceable MITM capability to any site I visit? I remember the government of Kazakhstan tried to do that to their citizens. They did it in a stupid way. They should have promised all citizens free access to Wall Street Journal.
I don't feel comfortable installing your application on the desktop. Why it should be a desktop app? What exactly is it doing and why can't it be just an extension for the browser?
There is this browser extension called Bypass Paywalls by magnolia1234. Looks like I'm sticking with it for now.
It's a 'local proxy' - meaning it runs entirely on your device, and filters network traffic. Beyond this, there are a wide variety of client-side filtering techniques that we use; we mix and match these based on the specific implementation of each publication (they're all pretty different in practice).
So as a few people have asked, this actually lets us use a variety of client-side unblocking techniques (like inbound request modification) that browser extensions can't (due to extension API limitations), and effectively unblock publications that the browser extensions don't (can't) — think major ones like WaPo and Bloomberg. The app also works across all browsers, not just Chrome / Firefox. As an aside, due to limitations caused by how cellular networks handle IPs, it's next to impossible for these sites to implement IP-based metering without severe adverse side effects, but the proxy does give very fine-grained control over how the user is presented to the end-site (including apparent IP address).
Right now, we don't make money or monetize at all, and are still exploring options. For the foreseeable future, we're 100% focused on growth and plan to raise VC funding to sustain operations. Ultimately, we want to find a monetization solution that works well for everyone and keeps our interests aligned with the best interest of our users.
TL;DR - we can unblock a lot of things with this approach that browser extensions can't; it also works across all browsers (esp. relevant for Safari users).
Digging in, there are a few reasons actually - first is, Chrome removes extensions with this kind of functionality from the Web Store constantly (only option would be to sideload).
Under the hood, Incoggo is also actually a local proxy (it adds a trusted root cert during the install process - we have some details on this / other potential issues / concerns on our forum). Reason for this being, Chrome extensions can't modify inbound requests in the way that's required to unblock several of the publications we support (NYT, Bloomberg, WaPo being key examples).
Sideloading would frankly make more sense to me. As it is, there are so many "gotchas" that I wouldn't be inclined to daily-drive this, especially since my Macbook sits in my drawer collecting dust. Plus, a lot of these security concerns aren't just minor whoopsies: adding lines to my sudoers file? That's not a practice that should be normalized for something like this. You're shaving an awful lot of yak for something that should have a more streamlined approach in the first place. If Safari causes you issues, I have no idea why you'd kowtow to a single browser with a fraction of the desktop browsing market share, throwing the rest of the options by the wayside. Maybe I'm coming at this from a different point of view, but you're cutting an awful lot of people out just to get an MVP that works for you. Hopefully some day Incog gets a more agnostic, safe implimentation.
Yeah that's totally fair & we try to be pretty upfront about the issues (FAQ + forum). There's definitely a lot of bubblegum and duct-tape on this at the moment - been putting a lot of work in to fix the bigger issues ASAP (been modeling a lot off the AdGuard approach / targeting parity).
Really making the longer-term bet here that with a lot of work, the underlying proxy infrastructure will enable a lot of really interesting possibilities, and the shorter-term bet that with this approach we can create the best / most effective adblocker for paywalls by far.
> it adds a trusted root cert during the install process
That's a non-starter for me. I do not want an application to be able to MITM all traffic.
Surely you just need to be able to MITM certain domains (the ones of the paywalled websites you unblock), can't you just create individual self-signed certificates for those and trust them one by one?
That's understandable - if you'd like a work around for now, the app has a 'pause' feature (which, if active, will cease to proxy traffic completely - you can just turn it on briefly as needed, then 'pause' it after loading the article).
The reason for the root cert is that in short order (after cleaning up our infra, etc.) we're actually planning to expand to a full-spectrum adblocker.
uh... doesn't watch just run the command over and over? I would have thought this would just print the entire file every n seconds. Now using tail with that instead of cat....
I think the point Ford was trying to make is that you should listen to your customers, but also think for yourself. If a customer says ‘I want a faster horse’, you need to ask, ‘what is it that they really want / what is it they’re actually saying?’.
In Ford’s case that might be something like: ‘I want it to be faster / easier / cheaper to get from point A to point B’. If the way to deliver that to a customer is better horses or a car, it doesn’t really matter so long as the desired value is provided.
