this post was submitted on 31 Aug 2024
60 points (96.9% liked)

Privacy

31981 readers
249 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I already know that private DNS is important for privacy. I'm using Quad9 btw.

But recently I hear a lot about NextDNS and similar providers that give more advanced features such as custom filters and domain blocking. I'm getting interested in that topic now as I have to use some proprietary apps with a lot of trackers in them.

However I'm really struggling to find useful information about what domains to block, what settings to use in one or another use case etc. I don't have much experience with firewalls and server stuff either which makes it even harder.

So, could anyone share some good resources on this so I can get started? Or should I just not worry about it and use a whole other system such as firewall?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 15 points 2 months ago (2 children)

Have a look at RethinkDNS, https://docs.rethinkdns.com/dns/ their wiki is pretty good. They have recommended block lists, and also have a feature that let's you search inside block lists to see what they actually cover.

If you are on Android they have a companion app, you do not need to use it though. The app adds a good firewall (capture and redirect port 53 for example) and detailed logs if you want. You can block domains and specific IP addresses.

It's all FOSS too

[–] [email protected] 1 points 2 months ago (1 children)

I was recommended by a well-known privacy guide to use Rethink with AhaDNS Blitz, but it seems to fail often; nothing resolves until the VPN is stopped and restarted. Any ideas or advice?

[–] [email protected] 1 points 2 months ago

I don't have any experience with AhaDNS Blitz.

With RethinkDNS I have had occasional failures on their Max resolver, changing to Sky then works. That has only happened two times though, and was fixed with a few hours.

Sorry I can't be more help.

[–] [email protected] 7 points 2 months ago (1 children)

+1 for the android app ! If you're "paranoid" you can block all apps by default and only allow apps you trust to connect to the internet. You can even for each app allow certain domains or IP's, even wildcard domains for exemple to allow googles video chain like r3---sn-25glene6.googlevideo.com for only certain apps and not others... Like it's fully customizable !!!

You can even hook your personal wireguard connection with DNS server like pihole...

RethinkDNS is awsome !

[–] [email protected] 2 points 2 months ago

I really like the block all apps by default. I read release notes, download something, scan with App Manager. If that's all good then it can connect to the internet.

And I use the Wikipedia app so I can block intake-analytics.wikimedia.org and the app still works.