Rob O'Leary's VS Code - what's the deal with telemetry? made me re-evaluate our Pi-Hole setup I wrote about in February. One of the top blocked domains is incoming.telemetry.mozilla.org... Luckily, I'm not a VSCode user. Sublime still hasn't let me down, and I barely use more than 25% of its capabilities.

All those pervasive advertising attempts are more and more depressing. In Belgium, digital media companies are experimenting with the disallowance of fast-forwarding ads in-between TV shows. Our strategy so far has been to record stuff we really want to watch and simply skip the junk---I'm sure we're not the only ones who do that. Very soon, that won't be possible anymore, and it very much pisses me off.

Annoying YouTube ads made us switch to re-buying classic DVDs, ripping those, and watching them via our NAS. Ads are coming to Netflix. This is just baffling. You pay a great deal of money (we don't have Netflix, I hate subscription services, but we'll reserve that rant for another post) to a giant tech company, and its grubby hands just got even more greedy? Are you kidding me? Again, our advertisement and capitalism-driven economy is getting more and more depressing.

Installing a Pi-Hole only partially circumvents this: it simply blocks domains based off a community-maintained list. If Google serves ads from ad.google.com and it gets on a list, they simply revert to goo.ga/ads, which isn't on the list, which will get on the list, to which they revert to... It's a seemingly never-ending battle. Again, very depressing.

But it's better than nothing.

These are our top blocked domains:

• dit.whatsapp.net
• www.google-analytics.com
• gabe.hit.gemius.pl
• imasdk.googleapis.com
• advertising-cdn.dpgmedia.cloud, a local newspaper giant that loves to jam garbage in our face.
• www.googletagmanager.com
• sp.dpgmedia.net, that same local DPG Media.
• incoming.telemetry.mozilla.org
• widgets.pexi.nl, an ad agency that I reckon has local webshops as their clients.
• securepubads.g.doubleclick.net

No big surprises there I think. Top allowed domains did have a few surprises, primarily Apple-based: weather-data.apple.com, gateway.icloud.com, and gateway.fe.apple-dns.net. Did you know that if you close your MacBook Air, it still issues requests to god-knows where? For example, to get weather data that I never use, even though location services are disabled? The Pi-Hole is also invaluable if you want to know which device in your home consumes what, and how much---my wife's iPhone is the clear winner, issuing more than twice as many requests as my work laptop! Also, did you know that the Nintendo Switch store used to query google-analytics.com without us knowing? Yeah.

In total, about 10% of the queries are blocked. That may not seem like a lot, but for last month, that's 36,000 junk queries that didn't need to be fired in the first place, which I'm sure can be increased if using more aggressive block lists. It also shows me that our devices are online way too much... Which I've already restricted to before 12h midnight. Then, the NAS goes down, and the Pi-Hole with DHCP server with it, meaning requests won't resolve. Brilliant!

As I type this, I see a blocked log entry appearing for domain geolocation.onetrust.com for this laptop, and I have no idea where this comes from. Software like Adguard also logs the clients the request came from, which the Pi-Hole doesn't have info on. I've seen people add this domain to their whitelist because otherwise streaming services like Disney+ refuse to work---another bad practice that works against systems such as Pi-Hole. Some domains like connectivitycheck.android.com can't even be blocked without rendering your Android phone useless.

As cool as it sounds to also be able to block smartTV-related garbage, as explained in my initial Pi-Hole article, our ISP prevents us from installing the smartTV decoder behind the Pi-Hole. I have to temporarily switch DHCP providers and considered firmware flashing another modem, but as long as they don't open up, I'm struggling to keep the overly complex network setup up and running. I lost that battle---but hopefully not the war.

So far, I've been really pleased with our installation of the Pi-Hole: it consumes a minimal amount of memory, is easy to configure, and provides much more control over our internet usage, even over devices where I can't touch the internals such as the Switch.

It doesn't do everything though, and uBlock Origin is still very much needed. Blocked domains by the Pi-Hole will also show up in the uBlock logs (e.g. googletagmanager), even though the request won't return anything. In general, uBlock is more aggressive and better suited to combat ads. If a site stops working for you, you can disable it with one button press. Chuck in I Don't Care About Cookies for good measure and you're all set!