Also, owners or routers able to run OpenWRT (which is actively maintained and in great shape since the merge with LEDE), you have access to several packages providing the same technical solution (DNS-based blocking). As far as I know, the most common and maintained is https://github.com/openwrt/packages/tree/master/net/adblock/... .
Super easy to install, full-featured, lots of lists to pick from, auto-updates lists, no need for an additional device, and you will benefit from router features produced by the openwrt community and maybe unavailable in your router proprietary firmware. Much recommended.
If that sounds attractive and it sounds like a good opportunity to change your crumbling unpatched router, the question "what's today's good cheap router running openwrt without trouble?" is frequently answered by https://www.reddit.com/r/openwrt/ :) .
On similar note there are scripts which will enable host-based ad blocking via DNS for other open source router firmware like DDWRT, Tomato, Asus WRT etc.[1]
But I presume Pi-hole has automatic updates to lists, data visualisations, better community support than the routers with open source firmwares which are often quite bug-ridden (not to belittle the effort though).
Curious about anyone's experience with adblock for OpenWRT.
I use Pi-hole now, and it works great. The one feature that I use quite a lot is the ability to disable it for a short period of time -- when I'm shopping for something, Google ads are sometimes actually useful!
I'd say I use that feature about once a month. That's the sum value of advertising for me.
Pi-hole is my most prized addition to my connected home. It was simple to set up, easy to manage, and easy to access for whitelisting. Now, all of my devices throughout my network benefit from the service, as opposed to relying on locally installed solutions.
I see it as an advantage for all the devices on your network. I mean, to block trackers from Windows computers, or Roku devices or android apps.
But as an adblocker - I feel like I'm missing something. It acts as a DNS server for your local network and blocks what's essentially a host file.
So how does it handle ads served through websockets?
How does it handle ads that come from the same domain as legitimate content (which is increasingly common)?
The complexity of rulesets by addons like ublock origin or PrivacyBadger seem to far surpass what PiHole is capable of.
I think PiHole has it's place on a network - obviously, but people have been promoting this thing like you can just get rid of your adblocker on your browser now.
People also downplay that this can be a pain in a home with a handful a streaming devices, each with a handful of apps. You end up whitelisting so much for those devices, you might as well whitelist the whole device just so the apps can work.
Your wife downloads a game on her phone, and you get that look like "ok, why isn't this working.. what did you do now?"
It just seems like a lot of effort for fairly imperfect results.
Sure installation is easy, but long term maintenance (the OS, the app, constantly whitelisting or troubleshooting when a new service or app breaks for someone in the house).
Over 50% of my DNS queries get blocked by the pihole [0]; and I've seen it much higher. Like you said, it's one of the most prized devices on my network.
Haven't you noticed any drastic reductions in speed?
My rpi 3b (not 3b+) just couldn't handle it. It had 2 users. Our DNS resolution times increased by about 200ms. It was awful. I stripped it back out and haven't bothered trying to set it up again.
(Other details: the RPI was hardwired, wireless disabled, and it was a fresh raspbian install with zero customization outside of adding pihole.)
The problem I have with Pi-Hole is that it is sometimes a pain for the end user. It's impossible to fine tune it on the user side, like one can do with ublock origin.
is there any security concerns with the pi itself? say your computer is infected with a really bad malware. it takes over your host, ignores your right to block out noise, and then the idea that pi-hole will be able to as a last resort block it out?
This is the dark side of DNS-over-HTTPs: it prevents the network operator from changing what is received by browsers. Sometimes this is legitimate, as in Pi-hole.
I wouldn't be surprised if soon Chrome defaults to DNS-over-HTTPs direct to base, except for the corporate intranet version. They just need to work out how to deal with wifi captive portals.
How would a web browser know which DNS it's using?
You set your DNS preference to point to the PI-hole and it should behave like any other DNS server. I guess it could attempt to resolve some spam domain like doubleclick.net and if it was incorrect it could complain...
Conceivably we could take a harder line on this, if we get a little deeper into the routing. We could make it so we only whitelist IP addresses outbound if we saw them come back through our DNS server, and network block everything else. Then if you bypass my DNS server, you don't get to talk to the Internet, unless you directly pick an address that something else has whitelisted that way.
I'm thinking about this, and feeling like the PiHole is a nice start, and I mean that sincerely, not sarcastically or dismissively, but what we need is a whole-house reverse firewall with that sort of capabilities, including everything the PiHole already does. If you did TLS interception, you could also pretty much implement uMatrix at the household level, for instance.
Why hasn't anyone, or pi-hole themselves, made a public DNS that does this? Pass everything not on the blocklist thru to 1.1.1.1.
The fact that this requires special hardware, bash commands, etc is severely limiting the audience. The more people blocking ads the quicker the internet changes.
There are a few services that are public DNS with ad blocking, but now you're trusting them with private data. The plus side is that you don't have to run anything yourself.
I run my own knot-resolver server that forwards everything to 1.1.1.1 over TLS and I generate an .rpz that is basically the same filter list as pihole. Most DNS traffic ends up at Cloudflare, so you may as well go straight to the source.
If you're running some type of hypervisor (ESXi, Proxmox, etc.), you can create a tiny VM running Debian and load Pi-hole on it. No need for extra hardware and wires.
I run mine on exactly that: a Dell R720 sitting on a rack next to my desk from within a Debian 9 virtual machine inside ESXi.
I actually want to do the opposite: transition this to dedicated hardware (like a Pi, but worried about performance) that is a little less noisy. This is shockingly quiet for a 2U but I am a stickler for silence.
I use ESXi and one of the VMs is pfSense. pfSense has an additional software package called pfBlocker, which is highly configurable and just plan awesome for blockings ads/trackers/etc for the LAN. pfSense has tons of other options - I setup a vLAN and all of my IoT devices are segregated onto it. That way they can't interact with the rest of the devices on the LAN.
With all the fervor around ad-blocking what I fail to see is how do you propose those sites that you visit, read their content to make money ? Are you willing to pay every site you visit or encourage them to put up pay walls ??
What's wrong with the "old" way, where you visit a Mopar automotive related website and saw Mopar car part ads? Or when you visit a computer magazine and saw ads for computer parts? Or when you went to NYT and saw basic shit like paper towels and fall fashion?
It became a problem when everyone and their sister started needing to know what kinds of kinks I'm into just to sell me dish detergent.
I don't have to care about if they make money or not.
That's not my business. If they want to make money, they'll shift to other profit models that don't involve intrusive tracking and annoying advertisements.
The "fervor" you mention has more to do with ads becoming ever more intrusive, third party content slowing down page loads, consuming bandwidth, and potentially being used for malware distribution than it does with wanting to take food off another person's table.
I regularly try browsing without adblocking on, and it's a constant nightmare. If sites held their advertising networks accountable to any reasonable set of standards, they wouldn't be in this situation.
The content I appreciate, I have found ways to support it.
Few of the important things on the Web are spyvertising-supported, or wouldn't promptly be replaced by something community-driven and free if they went away or became paid-only (stackoverflow, for instance). It's mostly junk.
[EDIT] to expand, I think the piles of spyvertising money funding sites & services is a big part of the decline of truly free sites and open protocols, and make running a paid site (or app, or whatever) harder since you're competing with "free" (but spying on you). Less incentive to use them, less incentive to contribute to them. The whole system's perverse and harmful and it would 100% not be the end of the world, or the end of nice things for free/cheap, if it just disappeared tomorrow.
I bought a TV that, because of the pihole, I know phones home approximately once every thirty seconds about my viewing habits.
In the world we live in something like a pihole isn't an ideological position, it's a necessity to not have everything we do end up rolling into someone else's ad profile on my household.
I disable my adblocking for sites that use reasonable ads.
If I go to a site and am bombarded with pop ups, auto playing video ads, etc., then yeah why wouldn't I block them? With the malware and tracking that is often injected into ads I have no problem using my adblocker at all times and disabling it for pages that ask politely.
I'm happy to click on ads on sites that I frequent and would like to support. I think there's absolutely a balance here, and for many years the advertising industry has abused their stay.
Have ads that relate to content, not to visitor. Like it was back in the days. When I visit a sci-fi site I'd like to see ads for sci-fi movies, books and paraphernalia. Not an ad for a pair of shoes I happened to search a week ago. Profiling is spooky and it's an offend to privacy. Not to mention that it doesn't work that well. Just because I search something on Google doesn't mean it's the only thing I'm interested in buying.
If sites actually curated the ads they display instead of saying "Give us money and we'll let you and whoever's paid you show whatever you want and run whatever scripts you want" they wouldn't get blocked by the pi-hole. I'm sick of malicious ads on even major sites because everyone's too lazy to give a damn.
Those websites designed a bad model for collecting revenue; it was based on the assumption that viewers would watch their ads out of some misplaced sense of guilt, while the ads and data collection become more and more intrusive.
It is not our responsibility to prop up their poor model. If these sites want to make their case that they won't survive without our eyes on their ads, then they can open their books for us to look at the costs and revenues and decide for ourselves whether or not we should help them. But at the end of the day, it is their problem, not ours.
Ad blocking via DNS is relatively easy right now because a content provider like CNN.com will use a domain like “ads.evil-surveillance-media.com” to load their ads into your browser. But what happens if all these companies switch to just using their own domain to load ads? If the ads as well as the content BOTH come from CNN.com then there will be no easy way to filter the ads out. This will be the next stage in this war between ads and adblockers.
With the prevelence of ad blocking tech, the question becomes why haven't they already?
The answer being that content providers can't be trusted to self report metrics that determine how much advertises pay. At least not for pay per view/client/etc models.
The people that self select themselves from viewing advertisements might be doing advertisers a favor. They're perhaps less likely to make purchases based on impressions//click ads on purpose; per dollar, ad campaigns might be more effective without said people.
This has been warned about for a while now and it's not actually terribly difficult for sites to implement. Why don't they? Simple - click fraud. The ad networks don't trust the sites to accurately report click numbers, so they insist on running their own code. For this reason, the number of truly first-party ads will be limited for a long while.
Adblocker plugins already do content-level filtering because of this, not just for ads but various tracking and other annoyances.
I do that for the sites that have the banner that hides if you scroll down, but pops out the moment you scroll one pixel back, or sites that put up "please don't leave me" modals the moment your cursor strays out of the window.
Is it easy to disable adblocking on sites that won't work with adblockers? I like to have the option to disable adblocking in my toolbar. For example, certain bank websites, business websites, etc.
People here are gushing amazing over pihole but I don't find it that amazing in the least. In fact what you're describing is one of the most annoying parts of it. I still use it and I did donate to it but it's hardly without it's annoyances. In fact if I didn't already own one I wouldn't build another.
There isn't a chrome extension or anything to white list a site quickly. You have to go back into the interface, login, and whitelist, go back and load the page then you'll find that you needed to whitelist a few subdomains/cdns as well. This is really fun when you've got all your devices using the Pihole for DNS and you can't load something on your phone/TV and need to run to your laptop to deal with it.
If you just got your pihole you probably threw in a bunch of community generated lists and you'll find a good amount of stuff you do visit gets blocked. You can get to Google but not Google drive, so you whitelist it. And you do this over and over again until you finally get annoyed because you just want to make a car payment so you permanently disable it for 5 minutes, or 60 minutes if you've gotten annoyed enough.
Sometimes weeks will go by and you'll forget you even had it disabled at all.
FWIW, I also don't use NoScript because I find it incredibly annoying. This is one step further from the NoScript annoyance because you have to go into the webUI and make your changes.
If you don't mind NoScript you'll probably be fine with Pihole. Or if you have the time to curate and pick lists that fit exactly within your browsing habits.
Yes, there are both manual whitelists and blacklists. There are also easily accessible options for disabling the adblocker permanently or temporarily, in the latter case on a timer of your choosing e.g. for 5 minutes.
Yes, pihole has an easy to use Web interface that allows you to whitelist individual sites. You can also disable adblocking for 5 minutes, or 10 minutes, or until you tell it to start blocking again.
File this away for the holidays, too: Pi-holes and NAS backup devices make good gifts.
I know it doesn’t sound very sentimental, but the first time I showed my relatives what the Internet looks like without ads, I think those were the strongest hugs I ever got from family members.
I've just tried it via the install script they provide and it was amazing. Took me through a simple checklist of stuff automating everything it could and giving me nice Curses interfaces for stuff where it needed me. Up and running within 5 mins!
I keep meaning to set one up one of these days. Does anyone know what effect a Pi-hole has on internet speed? I play a few games where latency is a big deal, and don't really want to artificially throttle my internet.
It actually has a positive impact on the Internet speed! Your DNS results are cached locally so the latency is very low, plus blocking ads at the DNS level means you're not even downloading the ad creatives, resulting in a higher speed as well.
Echoing other posters. I had the same concern about throttling internet, but realized that your traffic doesn't flow through the pi-hole, just DNS requests (and those are cached). I've noticed no throttling.
I love pi-hole. It's very passive and easy to use. My only issue was when the pi hosting it went down for whatever reason and I didn't know immediately, so I thought my ISP connection went down. I just had to restart the pi to get it going again. It's only happened once in around 6 months. And it's running on one of my older pi!
Specify a secondary DNS server to avoid your network going down due to a DNS failure. The downside to this will be that you won't know if the Pi-Hole instance goes down other than possibly seeing Ads.
I haven’t tried Pi-Hole yet but this was the impetus I needed to decide to set it up tonight.
I commented on a different post last night, that I was a bit shocked and saddened to see their Patreon is only pulling in $1,700/mo.
Do they have another significant revenue stream? Is it just too much hassle to bother signing up to Patreon to commit to even $1/mo? Do they have something on the Admin panel where users can click to pay directly?
I’m not judging, I don’t even have a Patreon account. I’m curious how such an apparently crucial and useful piece of software — one that no doubt is responsible for providing millions of dollars of value to its users, and perhaps blocking tens of millions of dollars in ads — how can the project be sustainable after 53 releases and 2,700 issues on Github while pulling in less than $24k/yr?
This is an astonishingly huge amount of money for an open source project to raise directly from its users. Most open source projects get basically nothing.
I like Pi-hole but it ended up causing more trouble than it was worth for me.
First, certain streaming websites would fail and it was too much trouble to try to find the URL to whitelist.
Then after I had disabled it from the Pi-hole interface everything was fine but it wasn't actually active. No problem...until I forgot my router was using it as a DNS server and I moved and didn't set my Pi up yet. Then it took me a couple weeks going back and forth with Comcast to find out that my router was still pointing to a DNS server that wasn't running.
Somehow my FireTV bypassed the bad DNS server at one point (still no idea how this happened cause my router was routing all traffic through the IP for pi-hole) and that made me realize that I can get data from Comcast somehow so maybe it really was my router.
Yes, this isn't the ultimate solution, but what you said is an overstatement.
The biggies like YouTube, Facebook, Instagram, etc serve ads from their own domains, but almost everything else uses an ad network which can be blocked.
> most ads in your phone apps come from ad intermediaries
I don't know about the intermediaries you are talking about, but all the ad-ridden proprietary mobile apps that I use (the ones that don't self host ads) are blocked by DNS based ad blockers.
The one thing that these DNS based ad blockers can't do however, is block in page annoyances which is why using an extension like uBlock Origin is still necessary.
I haven't moved mine off of the Pi personally, but I've read positive reports of people using Digital Ocean or similar to host PI-Hole. That could also, in theory, allow it to be used while remote or for mobile devices.
I love the idea of pi-hole.
However, I run my own local DNS server already. And my DNS server is actually serving some local domains for various servers, etc. on the network.
Can I in any way get the list of domains to block from the pi-hole project and use them in my own regular Bind DNS server?
Apparently it blocks some domains necessary for the Washington Post articles to load. Whitelisting washingtonpost.com doesn't remove the adblock notice :(
I was looking at their github repo and couldn't immediately see where pihole gets its block lists, just a very large soup of shell scripting that seems to make a lot of assumptions about your Linux distro.
Anybody familiar with this code able to point out where it does the "interesting" work?
Can you tell from the command line what version Pi you're running? I think mine's an original B+, but not sure. I typically get sub-millisecond DNS resolution (presumably from cache).
I love the pi-hole, but I can't seem to figure out how to get resolving of .local hostnames back when I use it. Like, I can no longer ping my media server at media.local, I have to use the exact IP address. Not a deal breaker, but annoying.
If you point the PiHole Upstream DNS to your router's DNS (Or whatever DNS server is hosting the .local domains) it should resolve .local hostnames again. I think by default it uses 8.8.8.8 or 8.8.4.4
Make sure Pihole has your local DHCP/DNS server setup as the first resolver. So it will check your router for example before checking externally. Then again, you might be using Pihole as your DHCP server?
Explain your setup some more and I can add more details.
Yes, there are few things like that. I think this project is a good start but needs some features like local zone support (being the authoritative NS for you local domain).
I was planning on installing this on my RPi3B but I wonder due to its low compute power could result in a somewhat slower experience in my home network. Could anyone comment on what his experience has been in this case?
I have set up a Siri Shortcut on my phone so that I can disable the blocking for 5 minutes very easily. Highly recommended if you have family members that occasionally need something unblocked.
I run pihole on Raspberry Pi with recommended block lists and it’s been an absolute pleasure. Raspberry Pi runs with a static IP I changed DNS settings the devices I want to go through pihole.
If your run a NAS on your network that has some extra horsepower, most of them can run containers now.
I run both pi-hole and my own DNS server inside my network as containers on the NAS. I then have my router configured to default to the pi-hole and then the DNS server.
Advantage of my own DNS server is it exclusively resolves using DNS-over-TLS so my queries are private.
Final fallback for resolution is 1.1.1.1 but based on logs my setup hasn’t hit the fallback.
I imagine you could also use a container to host VPN.
Not just a dream, but a reality: https://www.pfsense.org/. (pfBlockerNg rather than pi-hole, but I think those are equivalent in functionality; someone correct me if I'm wrong)
Given how Google has, literally this morning, informed me that they're discontinuing text-only AdSense units, I can't think of a more appropriate time.
You'll need to be able to install Raspbian, run the install script, give it a static ip address and configure your router to use that ip address as its DNS server.
have a nanopc-t4 laying around that i wanna try for a pi-hole + opnsense install. looks like i'll need to add a usb3 ethernet card unless i want to live with 50% the line speed and putz around with tagged vlans using a single nic...although 50% of 1GBit is a lot more throughput than i can get through my isp.
The issue with that is that WiFi is a lot higher latency than Ethernet (even rPi Ethernet which goes over USB) and DNS is one of those things that hurts a bit with higher latency.
WalterSobchak|6 years ago
unknown|6 years ago
[deleted]
ronjouch|6 years ago
Super easy to install, full-featured, lots of lists to pick from, auto-updates lists, no need for an additional device, and you will benefit from router features produced by the openwrt community and maybe unavailable in your router proprietary firmware. Much recommended.
If that sounds attractive and it sounds like a good opportunity to change your crumbling unpatched router, the question "what's today's good cheap router running openwrt without trouble?" is frequently answered by https://www.reddit.com/r/openwrt/ :) .
Fnoord|6 years ago
[1] https://community.ubnt.com/t5/EdgeRouter/DNS-Adblocking-amp-...
Abishek_Muthian|6 years ago
But I presume Pi-hole has automatic updates to lists, data visualisations, better community support than the routers with open source firmwares which are often quite bug-ridden (not to belittle the effort though).
[1]:https://wiki.dd-wrt.com/wiki/index.php/Ad_blocking
creeble|6 years ago
I use Pi-hole now, and it works great. The one feature that I use quite a lot is the ability to disable it for a short period of time -- when I'm shopping for something, Google ads are sometimes actually useful!
I'd say I use that feature about once a month. That's the sum value of advertising for me.
LeoPanthera|6 years ago
ChikkaChiChi|6 years ago
If you aren't using it, you should!
loudtieblahblah|6 years ago
But as an adblocker - I feel like I'm missing something. It acts as a DNS server for your local network and blocks what's essentially a host file.
So how does it handle ads served through websockets?
How does it handle ads that come from the same domain as legitimate content (which is increasingly common)?
The complexity of rulesets by addons like ublock origin or PrivacyBadger seem to far surpass what PiHole is capable of.
I think PiHole has it's place on a network - obviously, but people have been promoting this thing like you can just get rid of your adblocker on your browser now.
People also downplay that this can be a pain in a home with a handful a streaming devices, each with a handful of apps. You end up whitelisting so much for those devices, you might as well whitelist the whole device just so the apps can work.
Your wife downloads a game on her phone, and you get that look like "ok, why isn't this working.. what did you do now?"
It just seems like a lot of effort for fairly imperfect results.
Sure installation is easy, but long term maintenance (the OS, the app, constantly whitelisting or troubleshooting when a new service or app breaks for someone in the house).
programbreeding|6 years ago
[0] https://i.imgur.com/dPZzYjL.png
isbjorn16|6 years ago
My rpi 3b (not 3b+) just couldn't handle it. It had 2 users. Our DNS resolution times increased by about 200ms. It was awful. I stripped it back out and haven't bothered trying to set it up again.
(Other details: the RPI was hardwired, wireless disabled, and it was a fresh raspbian install with zero customization outside of adding pihole.)
bungie4|6 years ago
zouhair|6 years ago
w_s_l|6 years ago
unknown|6 years ago
[deleted]
Piskvorrr|6 years ago
https://news.ycombinator.com/item?id=20044430 [/tinfoilhat]
pjc50|6 years ago
Paul Vixie got very upset when he discovered that his chromecast bypasses local DNS settings to go directly to Google: https://news.ycombinator.com/item?id=19170671
I wouldn't be surprised if soon Chrome defaults to DNS-over-HTTPs direct to base, except for the corporate intranet version. They just need to work out how to deal with wifi captive portals.
imglorp|6 years ago
You set your DNS preference to point to the PI-hole and it should behave like any other DNS server. I guess it could attempt to resolve some spam domain like doubleclick.net and if it was incorrect it could complain...
jerf|6 years ago
I'm thinking about this, and feeling like the PiHole is a nice start, and I mean that sincerely, not sarcastically or dismissively, but what we need is a whole-house reverse firewall with that sort of capabilities, including everything the PiHole already does. If you did TLS interception, you could also pretty much implement uMatrix at the household level, for instance.
dogecoinbase|6 years ago
lern_too_spel|6 years ago
someexgamedev|6 years ago
The fact that this requires special hardware, bash commands, etc is severely limiting the audience. The more people blocking ads the quicker the internet changes.
Edit: thanks for the replies!
jamesog|6 years ago
There was discussion a few days ago: https://news.ycombinator.com/item?id=20012687
jzelinskie|6 years ago
I run my own knot-resolver server that forwards everything to 1.1.1.1 over TLS and I generate an .rpz that is basically the same filter list as pihole. Most DNS traffic ends up at Cloudflare, so you may as well go straight to the source.
https://gist.github.com/jzelinskie/3d2b11830224993fc8a7441b3...
dsr_|6 years ago
include "/etc/bind/ad-blacklist";
/etc/cron.daily/update-ad-blacklist
or equivalent for unbound, maradns.... whatever.
vengefulduck|6 years ago
_eht|6 years ago
JustSomeNobody|6 years ago
Or could fund it with some targeted ads. Oh, wait.
F00Fbug|6 years ago
whalesalad|6 years ago
I actually want to do the opposite: transition this to dedicated hardware (like a Pi, but worried about performance) that is a little less noisy. This is shockingly quiet for a 2U but I am a stickler for silence.
Some pix: https://imgur.com/a/0xwcfNN
nawtacawp|6 years ago
bilal4hmed|6 years ago
zelon88|6 years ago
It became a problem when everyone and their sister started needing to know what kinds of kinks I'm into just to sell me dish detergent.
scohesc|6 years ago
That's not my business. If they want to make money, they'll shift to other profit models that don't involve intrusive tracking and annoying advertisements.
ChikkaChiChi|6 years ago
I regularly try browsing without adblocking on, and it's a constant nightmare. If sites held their advertising networks accountable to any reasonable set of standards, they wouldn't be in this situation.
The content I appreciate, I have found ways to support it.
asark|6 years ago
[EDIT] to expand, I think the piles of spyvertising money funding sites & services is a big part of the decline of truly free sites and open protocols, and make running a paid site (or app, or whatever) harder since you're competing with "free" (but spying on you). Less incentive to use them, less incentive to contribute to them. The whole system's perverse and harmful and it would 100% not be the end of the world, or the end of nice things for free/cheap, if it just disappeared tomorrow.
m3rc|6 years ago
In the world we live in something like a pihole isn't an ideological position, it's a necessity to not have everything we do end up rolling into someone else's ad profile on my household.
ztoben|6 years ago
If I go to a site and am bombarded with pop ups, auto playing video ads, etc., then yeah why wouldn't I block them? With the malware and tracking that is often injected into ads I have no problem using my adblocker at all times and disabling it for pages that ask politely.
I'm happy to click on ads on sites that I frequent and would like to support. I think there's absolutely a balance here, and for many years the advertising industry has abused their stay.
aw4y|6 years ago
elorant|6 years ago
wlll|6 years ago
Causality1|6 years ago
yulaow|6 years ago
ProAm|6 years ago
intopieces|6 years ago
I choose who deserves my attention carefully. Internet ads have not earned it.
dsr_|6 years ago
f00_|6 years ago
giantbomb.com sells premium subscriptions and merch and does okay
idiot900|6 years ago
SantalBlush|6 years ago
It is not our responsibility to prop up their poor model. If these sites want to make their case that they won't survive without our eyes on their ads, then they can open their books for us to look at the costs and revenues and decide for ourselves whether or not we should help them. But at the end of the day, it is their problem, not ours.
unknown|6 years ago
[deleted]
jto1218|6 years ago
mikepasek|6 years ago
uponcoffee|6 years ago
The answer being that content providers can't be trusted to self report metrics that determine how much advertises pay. At least not for pay per view/client/etc models.
The people that self select themselves from viewing advertisements might be doing advertisers a favor. They're perhaps less likely to make purchases based on impressions//click ads on purpose; per dollar, ad campaigns might be more effective without said people.
matoro|6 years ago
ben509|6 years ago
I do that for the sites that have the banner that hides if you scroll down, but pops out the moment you scroll one pixel back, or sites that put up "please don't leave me" modals the moment your cursor strays out of the window.
nerdponx|6 years ago
Lxr|6 years ago
jdlyga|6 years ago
swozey|6 years ago
There isn't a chrome extension or anything to white list a site quickly. You have to go back into the interface, login, and whitelist, go back and load the page then you'll find that you needed to whitelist a few subdomains/cdns as well. This is really fun when you've got all your devices using the Pihole for DNS and you can't load something on your phone/TV and need to run to your laptop to deal with it.
If you just got your pihole you probably threw in a bunch of community generated lists and you'll find a good amount of stuff you do visit gets blocked. You can get to Google but not Google drive, so you whitelist it. And you do this over and over again until you finally get annoyed because you just want to make a car payment so you permanently disable it for 5 minutes, or 60 minutes if you've gotten annoyed enough.
Sometimes weeks will go by and you'll forget you even had it disabled at all.
FWIW, I also don't use NoScript because I find it incredibly annoying. This is one step further from the NoScript annoyance because you have to go into the webUI and make your changes.
If you don't mind NoScript you'll probably be fine with Pihole. Or if you have the time to curate and pick lists that fit exactly within your browsing habits.
samhh|6 years ago
blantonl|6 years ago
logosmonkey|6 years ago
BrentOzar|6 years ago
I know it doesn’t sound very sentimental, but the first time I showed my relatives what the Internet looks like without ads, I think those were the strongest hugs I ever got from family members.
ris|6 years ago
philjackson|6 years ago
tbirrell|6 years ago
mewfree|6 years ago
dopylitty|6 years ago
NoNotTheDuo|6 years ago
samfriedman|6 years ago
otachack|6 years ago
cptskippy|6 years ago
zaroth|6 years ago
I commented on a different post last night, that I was a bit shocked and saddened to see their Patreon is only pulling in $1,700/mo.
Do they have another significant revenue stream? Is it just too much hassle to bother signing up to Patreon to commit to even $1/mo? Do they have something on the Admin panel where users can click to pay directly?
I’m not judging, I don’t even have a Patreon account. I’m curious how such an apparently crucial and useful piece of software — one that no doubt is responsible for providing millions of dollars of value to its users, and perhaps blocking tens of millions of dollars in ads — how can the project be sustainable after 53 releases and 2,700 issues on Github while pulling in less than $24k/yr?
pjc50|6 years ago
This is an astonishingly huge amount of money for an open source project to raise directly from its users. Most open source projects get basically nothing.
unknown|6 years ago
[deleted]
mavsman|6 years ago
First, certain streaming websites would fail and it was too much trouble to try to find the URL to whitelist.
Then after I had disabled it from the Pi-hole interface everything was fine but it wasn't actually active. No problem...until I forgot my router was using it as a DNS server and I moved and didn't set my Pi up yet. Then it took me a couple weeks going back and forth with Comcast to find out that my router was still pointing to a DNS server that wasn't running.
Somehow my FireTV bypassed the bad DNS server at one point (still no idea how this happened cause my router was routing all traffic through the IP for pi-hole) and that made me realize that I can get data from Comcast somehow so maybe it really was my router.
HugoDaniel|6 years ago
Also beware as most ads in your phone apps come from ad intermediaries that are either dynamic or constantly change.
Pi-Hole is a cool project but please take in consideration those two when using it. We are far from the 90's in ad-tech.
IceWreck|6 years ago
> most ads in your phone apps come from ad intermediaries
I don't know about the intermediaries you are talking about, but all the ad-ridden proprietary mobile apps that I use (the ones that don't self host ads) are blocked by DNS based ad blockers.
The one thing that these DNS based ad blockers can't do however, is block in page annoyances which is why using an extension like uBlock Origin is still necessary.
Jake_Z|6 years ago
it worked pretty well
misiti3780|6 years ago
LocalPCGuy|6 years ago
unknown|6 years ago
[deleted]
hosteur|6 years ago
Theizestooke|6 years ago
neuronic|6 years ago
drhayes9|6 years ago
sneak|6 years ago
https://github.com/pi-hole/pi-hole/issues/2704
ancaster|6 years ago
I'm using this[1] but I'm surprised there isn't something more official/baked.
[1] https://github.com/mr-bolle/docker-openvpn-pihole
ampsonic|6 years ago
https://hub.docker.com/r/linuxserver/openvpn-as/
asveikau|6 years ago
Anybody familiar with this code able to point out where it does the "interesting" work?
creeble|6 years ago
>root@pihole:~# uptime > 17:02:51 up 587 days, 22:34, 1 user, load average: 0.03, 0.03, 0.05
jrace|6 years ago
llamataboot|6 years ago
foxyv|6 years ago
https://discourse.pi-hole.net/t/change-upstream-dns-server-i...
whalesalad|6 years ago
Explain your setup some more and I can add more details.
StreamBright|6 years ago
programmarchy|6 years ago
javipas|6 years ago
ampsonic|6 years ago
ekblom|6 years ago
ycombonator|6 years ago
kdot|6 years ago
rufius|6 years ago
I run both pi-hole and my own DNS server inside my network as containers on the NAS. I then have my router configured to default to the pi-hole and then the DNS server.
Advantage of my own DNS server is it exclusively resolves using DNS-over-TLS so my queries are private.
Final fallback for resolution is 1.1.1.1 but based on logs my setup hasn’t hit the fallback.
I imagine you could also use a container to host VPN.
stu2010|6 years ago
If you're intending to use OpenVPN, you could easily justify a basic x86 pfSense or linux router: https://arstechnica.com/gadgets/2016/04/the-ars-guide-to-bui...
glup|6 years ago
yegle|6 years ago
pixelbath|6 years ago
patentatt|6 years ago
Teledhil|6 years ago
tmpfs /var/log tmpfs nosuid,nodev 0 0
jackallis|6 years ago
baseballdork|6 years ago
unknown|6 years ago
[deleted]
leeoniya|6 years ago
anyone have this type of setup?
xchip|6 years ago
dijit|6 years ago
jrgoj|6 years ago
nerdponx|6 years ago
40four|6 years ago
Previous discussions =>
https://news.ycombinator.com/item?id=19258717
https://news.ycombinator.com/item?id=13857887
unknown|6 years ago
[deleted]
jwr|6 years ago
drwagner|6 years ago
OrgNet|6 years ago
Nas808|6 years ago
dokka|6 years ago
Jake_Z|6 years ago
philjackson|6 years ago
nutbutter|6 years ago
bmedwar|6 years ago
rolltiide|6 years ago