The brotherhood of pi-hole


#1

https://www.bloomberg.com/news/features/2018-05-10/inside-the-brotherhood-of-pi-hole-ad-blockers

In 2016 someone showed up in the team’s chat room with a carrier pigeon avatar, a number of sophisticated technical suggestions, and what sounded like inside information. “He was like, ‘You know, this isn’t going unnoticed,’ ” Drobnak says. “Or, ‘The advertising business, this is something that concerns them.’ ” The carrier pigeon was active for about two to three months, then disappeared.

Was just wondering why offices don’t use pi-hole.
I’ve got it setup at home, while out and about I use openVPN to connect to my home network and… oh boy… heaven. Surfers heaven.

Found the above article. Looks like pi-hole is creating worry for the advertisement business.
SAFEnetwork is also going to be an issue for them, and issue they won’t be able to code around ingrained privacy.

For now… I think I’ll be treating people to raspberryPi with openVPN sauce.

I think if you can afford it, pay this forward to your friends and relatives. For us technology guys it’s easy, the entry barrier to our friends and relatives is the tech, but we can help them.


#2

I guess they just don’t really care about blocking ads. If you try to visit a porn or gambling website (or maybe even crypto!), you’ll probably find that they’re running similar software to block such domains.


#3

That’s pretty cool. I’d never heard of this.


#4

I’ve got Adblock Plus on my machine - it’s pretty much the first thing I do when I set up a new machine. I guess one of the attractions of the likes of Pi-hole is that it gets round sites that detect adblockers and nag you to turn them off?


#5

I’ve to double check, but I think I read somewhere that pi-hole is easier detected than (some) ad blocker browser extensions.
From experience: some sites detect both.


#6

Yup. Cuts them off at the source.
I recommend it. Try it. :slight_smile:
It not only removes adverts from traditional places you would expect, browsers… but in all devices and apps. No annoying adds in your game or news apps.

And with open VPN you can have the security anywhere you go.


#7

Sounds pretty cool actually - this could be the reason I’ve been looking for to get a Raspberry Pi!


#8

is it MitM-ing the encrypted traffic? so that means you need to install a self signed cert an all the devices? (otherwise it could only block the whole ip/server, not just eg the ad block detection script)


#9

When at home you don’t need to install anything on your devices. You tell your router to check with the pi first, the pi then checks the URL against a list and then if it matches a blacklist it drops the request.

If you want security out and about, you can get that using openVPN , I created a cert on a pi at home acting as my VPN access. That cert you would need to install on all devices.


#10

There’s no way that the pi can get the URL of encrypted traffic, it can only see the IP address domain name of the server. A browser plugin would work better, as it can get more data. But it’s nice to have this for other things, like your super smart ad plagued fridge :wink:


#11

40% of my traffic is blocked. Imagine… almost 50% of your data package you pay for from your internet service provider is eaten up by adverts.

Here is a screenshot of my log.

Using openVPN to get in to my pihole protected home network from my mobile device reclaims my data allowance. It just makes financial sense.


#12

It becomes your primary DNS server and blocks them there by pointing the adware domain names to itself and serves up a blank page

Now if they go to direct addressing using IP address then Pi-Hole would be bypassed. But that is more expensive since the advert services would require a dedicated IP address


#13

You don’t need a Raspberry Pi for it actually. If you have another always on Linux PC that works too


#14

I don’t have any “always on” devices but now that you mention it I should have an old laptop somewhere I could convert for this process…


#15

Probably cheaper to buy a Pi since the electricity costs will be lower.


#16

Good point - I could try it out first with an old machine I guess and then if I like the results pickup a pi to dedicate to the job.


#17

You may want to check out FreedomBox.

https://wiki.debian.org/FreedomBox/Features

It offers this, and many other features.


#18

It is pi-day today, and raspberrypi are running a competition to win a raspberry pi today.

Details here…


#19

Does that mean though if your Pi / other device fails your internet connection dies? Unlikely I know but it is a vulnerability?


#20

You should be able to configure more than 1 Dns server (/etc/resolv.conf on Linux). So if the first fails, the next Dns server is used. But I’ve had trouble (without having put much time in it) to overwrite the default automatic settings of Linux Mint that always overwrite what I put manually in /etc/resolv.conf.