this post was submitted on 18 Apr 2024
122 points (98.4% liked)

Privacy

31872 readers
351 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
122
My experiences with Pi-hole (scribe.disroot.org)
submitted 6 months ago* (last edited 6 months ago) by [email protected] to c/[email protected]
 

Pi-hole has helped improve my "relationship" with Firefox, or better phrased with Firefox forks like LibreWolf and Tor browser. Cool thing with Pi-hole is that you can watch the query log and see what happened in the background while you were surfing the Internet. I learned that :

  • After removing the sponsored shortcuts in Firefox and putting your own shortcuts there Firefox will make connections each time you start the browser. So, if you would have icons on your quick start page in Firefox for let's say EFF, Lemmy, Mastodon, HackerNews, with each Firefox start up, it would query these sites. which I didn't like so much. Since then I've gone back to a complete blank start page, removing search and all those quick start icons, using just toolbar folders with bookmarks.

  • Pi-hole defaults to blocking telemetry for Firefox and Thunderbird.

  • Signal uses Google servers I saw via Pi-hole. I thought that they were using Amazon servers, but looking at Wikipedia for the history of Signal hosting I learned that Signal went back to Google for hosting.

  • Firefox push notification services are hosted on Google servers. LibreWolf removes a lot of Google things that Firefox has by default, but not the push parts. With Pi-hole it is very easy to block that.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 17 points 6 months ago (2 children)

That's for one device.

Where does a smart TV keep it's hosts file? IPhone? Android?

DNS (PiHole) works for all devices on your network, which I'd argue is better than a hosts file.

[–] [email protected] -2 points 6 months ago (1 children)
[–] [email protected] 11 points 6 months ago (2 children)

Why maintain the same thing in multiple places? If the pi-hole is blocking it, the pi-hole is blocking it. What added value is there in also maintaining the hosts file?

[–] [email protected] 2 points 6 months ago

On mobile or on networks with a bigger load on the DNS server it could make sense to make things faster, but otherwise a pihole is fine I think. If the pihole is not working as it should, that should be found out and fixed ASAP.

[–] [email protected] 1 points 6 months ago (1 children)

The amount of times I've seen people request help because Pi-hole was not blocking/functioning properly, well a hosts file just ensures nothing leaves that you want blocked. Besides, you may have different machines set up to be strict or permissive depending on their use case.

[–] [email protected] 5 points 6 months ago

With Pihole you can restrict or be permissive with different devices, based on MAC or IP address.

[–] [email protected] 2 points 6 months ago (1 children)

That’s for one network. That’s why I switched to Next DNS and have protection at home and everywhere else.

[–] [email protected] 3 points 6 months ago

I ran PiHole for years. It started as a way to block ads but then also a way to block games and YouTube for my kids so they get a break. I had to manually control this though. I switched to NextDNS last year because this can be done on a schedule and they can't get around it such as swapping to mobile data on their phones.

In the house though I run AdGuard because there's no way differentiate traffic for each of my kids NextDNS profiles. With AdGuard it can proxy DNS requests to take traffic from the TV in their bedroom and convert it to DNS over TLS so the traffic hits the correct profile. I don't use AdGuard for anything else. It does not filter anything. It's purely to make sure traffic hits the correct NextDNS profile.