this post was submitted on 12 Sep 2023
43 points (100.0% liked)

Privacy Guides

16825 readers
1 users here now

In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.

This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.


You can subscribe to this community from any Kbin or Lemmy instance:

Learn more...


Check out our website at privacyguides.org before asking your questions here. We've tried answering the common questions and recommendations there!

Want to get involved? The website is open-source on GitHub, and your help would be appreciated!


This community is the "official" Privacy Guides community on Lemmy, which can be verified here. Other "Privacy Guides" communities on other Lemmy servers are not moderated by this team or associated with the website.


Moderation Rules:

  1. We prefer posting about open-source software whenever possible.
  2. This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
  3. No soliciting engagement: Don't ask for upvotes, follows, etc.
  4. Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
  5. Be civil, no violence, hate speech. Assume people here are posting in good faith.
  6. Don't repost topics which have already been covered here.
  7. News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
  8. Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
  9. No help vampires: This is not a tech support subreddit, don't abuse our community's willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
  10. No misinformation: Extraordinary claims must be matched with evidence.
  11. Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
  12. General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.

Additional Resources:

founded 1 year ago
MODERATORS
 

What would i lose or gain?

all 27 comments
sorted by: hot top controversial new old
[–] [email protected] 24 points 1 year ago (2 children)

A pi-hole simply black holes DNS lookups from known advertising networks and malicious domains, so your computer is unable to connect to those domains. This is good because you probably want to block those domains, but it doesn't protect against everything. Adblocking in browser using uBlock Origin will achieve similar results, but only applies to the browser, not other applications on your computer, or say your phone or IoT device on the same network, which does DNS lookups via pi-hole. Both pi-hole and uBlock Origin do not provide any protection from hiding your real IP or your location. This is where a VPN comes in.

Personally, at the router, I black hole a minimal set of hosts from lists I know I will never want anything connecting to. For example, you could use one of the OISD lists: https://oisd.nl/. Then in your browser, you can add uBlock Origin and add more lists which you can selectively allow on websites. uBlock Origin has lists which block against internet annoyances, which pi-hole can't block against (since it's blocking DOM objects, and not DNS lookups). This is also useful because it's easier to control uBlock Origin in the browser, and you can disable it for only some sites. Adding a VPN in addition to this satisfies IP and location hiding, which you can add on the whole router if it supports that, or just your computer/browser if you want.

[–] [email protected] 4 points 1 year ago (1 children)

Thanks, good answer. The ISP's router won't run a VPN. If i ran a VPN on the pi-hole machine would that cover all devices on the network?

[–] [email protected] 3 points 1 year ago (1 children)

I don't think so, since the pi-hole (running on a raspberry pi or other computer) just acts as a DNS server which you configure as the DNS to be assigned to clients as they connect to the router.

If you're not able to configure a VPN on the router, then setting up a VPN on the computer you're using, not the raspberry pi, is the only option. This would only mask your computer's IP address. This would need to be repeated on your phone and other devices as well.

[–] [email protected] 1 points 1 year ago (1 children)
[–] [email protected] 4 points 1 year ago (2 children)

One thing you may want to consider is investing in your own WiFi router; you can ask your ISP to set their modem to “bridged mode” and this will turn off their WiFi and firewall and present you with a single gateway IP to connect to. You can then connect this to your own WiFi router.

Why would you want to do this?

Well, currently your ISP is managing the device all your network connects to; it likely is able to have real time updates of all the devices that enter and leave your home, where they are in your home, and what IPs those devices connect out to at any given time.

If you run your own router, you can set up your own VPN, but also your ISP now only knows where your router connects to, and knows nothing about what goes on inside your network.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

To add to this, some ISPs (^[1]^used to) charge monthly fees for using their router or modem. A $7/month adds up, and in a year or two, investing in your own hardware will pay for itself and give you more control.

[1] 10 years ago, you had to rent the routers, but nowadays, the router could be free. You can bet though they're getting that $7/month another way, and it's likely because they're selling your data.

[–] [email protected] 1 points 1 year ago

good info. thanks

[–] [email protected] 1 points 1 year ago (1 children)

So pi-hole is essentially the same as something like NextDNS, just self hosted?

[–] [email protected] 2 points 1 year ago

That's it. Self hosted, personalisable, and that can be used network-wide (as a DHCP server) AND as a VPN (in correlation with piVPN)

[–] [email protected] 10 points 1 year ago (2 children)

It depends on what you're trying to do. What exactly are you concerned about?

Most 'adblocking' is only in a desktop browser unless you use solutions like pi-hole or some alternative. Pi hole can help block some apps, services, and other devices on your home network from doing certain types of communicating in addition to blocking certain ad-related connections.

[–] [email protected] 4 points 1 year ago (1 children)

More of a general security/privacy kind of thing. Nooby trying to understand.

[–] [email protected] 5 points 1 year ago (1 children)

pi-hole or some variant can definitely help in some situations. For example, if you care about your computer OS or your TV phoning home, it may block some of those (with the right list).

It may also block some ads on other devices too, but many places are working around this by tunneling the ad data through their servers.

[–] [email protected] 1 points 1 year ago
[–] [email protected] 1 points 1 year ago
[–] [email protected] 8 points 1 year ago (1 children)

If you are using a vpn all the time, then I would not bother with pi-hole.

The vpn will use its own dns most likely. If you use your home dns that may make the vpn less private.

But pihole can block others apps telemetry, not just stuff in the browser. For example, it can block windows stuff.

Also, it has been able to block ads in apps.

[–] [email protected] 1 points 1 year ago

Thank you :)

[–] vrek 3 points 1 year ago (3 children)

The main difference to my knowledge between an ad blocker and pihole is while a ad blocker downloads the ad but doesn't show it a pihole blocks it from being downloaded.

In addition you can block anything(not just ads) so if you want to say block reddit you could add *.reddit.com to the block list and it will block it even though it's not a ad service.

[–] [email protected] 4 points 1 year ago* (last edited 1 year ago)

A good adblocker like ublock origin would bit download the ad. It is just as effective as DNS based blocking (pi-hole) with the added feature of also being able to do script blocking and cosmesic blocking.

[–] [email protected] 3 points 1 year ago (1 children)

uBlock Origin does actually block network requests before they leave your browser. The main difference is that Pi-hole can block requests from any application on all your networked devices. Theoretically you can achieve the same effect of a Pi-hole with a hosts file (except DNS caching), but that would involve setting up and maintaining one on every device you own... if that's even possible (looking at you, Android and IOS)

[–] [email protected] 1 points 1 year ago
[–] [email protected] 1 points 1 year ago

Thank you :)

[–] [email protected] 2 points 1 year ago

Secondary question: Using a VPN on the same pi-hole?

[–] [email protected] 2 points 1 year ago (1 children)

All three Privacy Guides recommended VPNs have ad- and tracking-blocking built-in with varying degree of customisation options. This feature can cover the basic benefits a PiHole would give you. If you want more control, I would suggest testing a tool like NextDNS instead of PiHole which gives you a custom DNS address you can set with some VPN providers, offering smoother interplay.

[–] [email protected] 2 points 1 year ago

Thank you, that's the plan