six months with the pi hole: addendum(s)

content/post/2022/08/six-months-with-pi-hole.md

@@ -30,13 +30,15 @@ These are our top blocked domains:
 - `widgets.pexi.nl`, an ad agency that I reckon has local webshops as their clients. 
 - `securepubads.g.doubleclick.net`
 
-No big surprises there I think. Top allowed domains did have a few surprises, primarily Apple-based: `weather-data.apple.com`, `gateway.icloud.com`, and `gateway.fe.apple-dns.net`. Did you know that if you close your MacBook Air, it still issues requests to god-knows where? For example, to get weather data, that I never use? The Pi-Hole is also invaluable if you want to know which device in your home consumes what, and how much---my wife's iPhone is the clear winner, issuing more than twice as many requests as my work laptop! Also, did you know that the Nintendo Switch store used to query `google-analytics.com` without us knowing? Yeah. 
+No big surprises there I think. Top allowed domains did have a few surprises, primarily Apple-based: `weather-data.apple.com`, `gateway.icloud.com`, and `gateway.fe.apple-dns.net`. Did you know that if you close your MacBook Air, it still issues requests to god-knows where? For example, to get weather data that I never use, even though location services are disabled? The Pi-Hole is also invaluable if you want to know which device in your home consumes what, and how much---my wife's iPhone is the clear winner, issuing more than twice as many requests as my work laptop! Also, did you know that the Nintendo Switch store used to query `google-analytics.com` without us knowing? Yeah. 
 
 In total, about **10% of the queries are blocked**. That may not seem like a lot, but for last month, that's `36,000` junk queries that didn't need to be fired in the first place, which I'm sure can be increased if using more aggressive block lists. It also shows me that our devices are online way too much... Which I've already restricted to before 12h midnight. Then, the NAS goes down, and the Pi-Hole with DHCP server with it, meaning requests won't resolve. Brilliant!
 
 As I type this, I see a blocked log entry appearing for domain `geolocation.onetrust.com` for this laptop, and I have no idea where this comes from. Software like Adguard also logs the clients the request came from, which the Pi-Hole doesn't have info on. I've seen people add this domain to their whitelist because otherwise streaming services like Disney+ refuse to work---another bad practice that works against systems such as Pi-Hole. Some domains like `connectivitycheck.android.com` can't even be blocked without rendering your Android phone useless. 
 
+As cool as it sounds to also be able to block smartTV-related garbage, as explained in my initial Pi-Hole article, our ISP prevents us from installing the smartTV decoder behind the Pi-Hole. I have to temporarily switch DHCP providers and considered firmware flashing another modem, but as long as they don't open up, I'm struggling to keep the overly complex network setup up and running. I lost that battle---but hopefully not the war. 
+
 So far, I've been really pleased with our installation of the Pi-Hole: it consumes [a minimal amount of memory](/post/2022/02/how-to-setup-pi-hole-on-synology-nas/), is easy to configure, and provides much more control over our internet usage, even over devices where I can't touch the internals such as the Switch. 
 
-It's just sad it's becoming almost a mandatory device...
+It doesn't do everything though, and [uBlock Origin](https://ublockorigin.com/) is still very much needed. Blocked domains by the Pi-Hole will also show up in the uBlock logs (e.g. `googletagmanager`), even though the request won't return anything. In general, uBlock is more aggressive and better suited to combat ads. If a site stops working for you, you can disable it with one button press. Chuck in [I Don't Care About Cookies](https://www.i-dont-care-about-cookies.eu/) for good measure and you're all set!