wgroeneveld
/
brainbaking
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

six months with the pi hole

This commit is contained in:
Wouter Groeneveld 2022-08-25 17:45:44 +02:00
parent 0441ace8d4
commit 8095add9db
2 changed files with 49 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
content/notes/2022/08/22h14m31s21.md Normal file
View File

@ -0,0 +1,7 @@
---
date: 2022-08-22T14:31:21+02:00
context: "https://evgenykuznetsov.org/en/reactions/2021/re-287185934/"
---
Yes and yes. See https://brainbaking.com/post/2021/05/beyond-webmention-io/ and https://git.brainbaking.com/wgroeneveld/go-jamming

42
content/post/2022/08/six-months-with-pi-hole.md Normal file
View File

@ -0,0 +1,42 @@
---
title: Six Months With a Pi-Hole
date: 2022-08-25T17:09:00+02:00
categories:
- software
tags:
- pi-hole
---
Rob O'Leary's [VS Code - what's the deal with telemetry?](https://www.roboleary.net/tools/2022/04/20/vscode-telemetry.html) made me re-evaluate our Pi-Hole setup [I wrote about in February](/post/2022/02/how-to-setup-pi-hole-on-synology-nas/). One of the top blocked domains is `incoming.telemetry.mozilla.org`... Luckily, I'm not a VSCode user. Sublime still hasn't let me down, and I barely use more than `25%` of its capabilities.
All those pervasive advertising attempts are more and more depressing. In Belgium, digital media companies are experimenting with the disallowance of fast-forwarding ads in-between TV shows. Our strategy so far has been to record stuff we really want to watch and simply skip the junk---I'm sure we're not the only ones who do that. Very soon, that won't be possible anymore, and it very much pisses me off.
Annoying YouTube ads made us switch to re-buying classic DVDs, ripping those, and watching them via our NAS. [Ads are coming to Netflix](https://time.com/6175837/netflix-ads-coming/). This is just _baffling_. You pay a great deal of money (we don't have Netflix, I hate subscription services, but we'll reserve that rant for another post) to a giant tech company, and its grubby hands just got even more greedy? Are you kidding me? Again, our advertisement and capitalism-driven economy is getting more and more depressing.
Installing a Pi-Hole only partially circumvents this: it simply blocks domains based off a community-maintained list. If Google serves ads from `ad.google.com` and it gets on a list, they simply revert to `goo.ga/ads`, which isn't on the list, which will get on the list, to which they revert to... It's a seemingly never-ending battle. Again, very depressing.
But it's better than nothing.
These are our top blocked domains:
- `dit.whatsapp.net`
- `www.google-analytics.com`
- `gabe.hit.gemius.pl`
- `imasdk.googleapis.com`
- `advertising-cdn.dpgmedia.cloud`, a local newspaper giant that loves to jam garbage in our face.
- `www.googletagmanager.com`
- `sp.dpgmedia.net`, that same local DPG Media.
- `incoming.telemetry.mozilla.org`
- `widgets.pexi.nl`, an ad agency that I reckon has local webshops as their clients.
- `securepubads.g.doubleclick.net`
No big surprises there I think. Top allowed domains did have a few surprises, primarily Apple-based: `weather-data.apple.com`, `gateway.icloud.com`, and `gateway.fe.apple-dns.net`. Did you know that if you close your MacBook Air, it still issues requests to god-knows where? For example, to get weather data, that I never use? The Pi-Hole is also invaluable if you want to know which device in your home consumes what, and how much---my wife's iPhone is the clear winner, issuing more than twice as many requests as my work laptop! Also, did you know that the Nintendo Switch store used to query `google-analytics.com` without us knowing? Yeah.
In total, about **10% of the queries are blocked**. That may not seem like a lot, but for last month, that's `36,000` junk queries that didn't need to be fired in the first place, which I'm sure can be increased if using more aggressive block lists. It also shows me that our devices are online way too much... Which I've already restricted to before 12h midnight. Then, the NAS goes down, and the Pi-Hole with DHCP server with it, meaning requests won't resolve. Brilliant!
As I type this, I see a blocked log entry appearing for domain `geolocation.onetrust.com` for this laptop, and I have no idea where this comes from. Software like Adguard also logs the clients the request came from, which the Pi-Hole doesn't have info on. I've seen people add this domain to their whitelist because otherwise streaming services like Disney+ refuse to work---another bad practice that works against systems such as Pi-Hole. Some domains like `connectivitycheck.android.com` can't even be blocked without rendering your Android phone useless.
So far, I've been really pleased with our installation of the Pi-Hole: it consumes [a minimal amount of memory](/post/2022/02/how-to-setup-pi-hole-on-synology-nas/), is easy to configure, and provides much more control over our internet usage, even over devices where I can't touch the internals such as the Switch.
It's just sad it's becoming almost a mandatory device...