this post was submitted on 06 Oct 2023
58 points (100.0% liked)

Privacy Guides

14845 readers
30 users here now

In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.

This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.

You can subscribe to this community from any Kbin or Lemmy instance:

Learn more...

Check out our website at privacyguides.org before asking your questions here. We've tried answering the common questions and recommendations there!

Want to get involved? The website is open-source on GitHub, and your help would be appreciated!

This community is the "official" Privacy Guides community on Lemmy, which can be verified here. Other "Privacy Guides" communities on other Lemmy servers are not moderated by this team or associated with the website.

Moderation Rules:

  1. We prefer posting about open-source software whenever possible.
  2. This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
  3. No soliciting engagement: Don't ask for upvotes, follows, etc.
  4. Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
  5. Be civil, no violence, hate speech. Assume people here are posting in good faith.
  6. Don't repost topics which have already been covered here.
  7. News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
  8. Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
  9. No help vampires: This is not a tech support subreddit, don't abuse our community's willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
  10. No misinformation: Extraordinary claims must be matched with evidence.
  11. Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
  12. General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.

Additional Resources:

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
58
DNS-based tracker blocking vs local app-based tracker blocking, (kerala.party)
submitted 11 months ago* (last edited 11 months ago) by [email protected] to c/[email protected]
24 comments fedilink hide all child comments
 

which is more effective, useful, and efficient?

top 24 comments
sorted by: hot top controversial new old
[–] [email protected] 31 points 11 months ago (3 children)

DNS-based blocking more complete for your whole network, independent of the device settings for tech-avers users/kids. DNS-based blocking is less flexible for all users in the network - especially when you need to make exceptions for certain sites. They are also limited to your home network, unless you have a VPN server. Therefore, for mobile devices app-based blocking is the main way to go. Consequently, both make sense and your use case is relevant.

[–] [email protected] 10 points 11 months ago (1 children)

You can do DNS based blocking on mobile, I'm doing it right now.

[–] [email protected] 4 points 11 months ago (1 children)

Private DNS FTW!

[–] [email protected] 4 points 11 months ago* (last edited 11 months ago) (4 children)

I'm using the https://rethinkdns.com/ app, which also gives me a firewall. You do not have to use the app though, you can configure a set of blocklists through their webpage, then add that to Private DNS.

Edit:word

[–] [email protected] 4 points 11 months ago

I've been using NextDNS foe a while. They do similar. I'll check out rethink though. Always. Open to something different

[–] [email protected] 2 points 11 months ago

OK, I was thinking of piHole (+ unbound) as local DNS blocker. Sure, there are other ways. Thanks for clarifying that!

[–] [email protected] 2 points 11 months ago

OK, I was thinking of piHole (+ unbound) as local DNS blocker. Sure, there are other ways. Thanks for clarifying that!

[–] [email protected] 1 points 11 months ago* (last edited 11 months ago) (1 children)

Sounds like it's pretty much the same as NextDNS this way. Did you ever use NextDNS? If the answer is yes: What made you go with RethinkDNS over NextDNS?

Edit: I just checked it out since it's free. It's probably great in combination with their app but without the app you lack a custom white- and blacklist and a query log. Means if you don't wanna use the app then you can just manage your filter lists but that's it. And there's only an app for Android so it's not very attractive to use on non-Android devices.

[–] [email protected] 1 points 11 months ago

I have not used Next DNS, before RethinkDNS I was using Invizible Pro.

[–] [email protected] 9 points 11 months ago (2 children)

There are services like https://nextdns.io/ that makes it super easy to use DNS-based tracker blocking on most devices.

[–] [email protected] 2 points 11 months ago

I've been using them for over a year and it works very well.

[–] [email protected] 1 points 11 months ago

Mullvad also has DNS with different kind of blockers: https://mullvad.net/en/help/dns-over-https-and-dns-over-tls/ And for the DNS blocking you don't need an account.

[–] [email protected] 4 points 11 months ago (2 children)

For android, you can enable the private DNS function (DNS over TLS) and specify a custom DNS server that has ad/tracker blocking without having to install any apps. That also has the benefit of encrypting your DNS lookups so nobody can spy on it.

[–] [email protected] 1 points 11 months ago

Or install the open source app AdAway that I guess goes over the DNS block of some servers.

[–] [email protected] 1 points 11 months ago

I do this but one thing to note is that it can break some wifi capture portals and auth loops, so you might have to disable specified Wi-Fi, connect, and enable. Some wifi has private view DNS records for their capture portal or auth server like clearpass. Additionally, if your phone switches days to WiFi, but you need data to query or resolve your DNS provider and Android doesn't have it cached, then it can also fail.

[–] [email protected] 12 points 11 months ago (1 children)

If I had to pick only one of the two, I'd prefer local blocking because it cannot only not load ads, but also remove the placeholder/frame the ad would've been in. It's also better at circumventing anti-adblock scripts.

That being said, DNS-based blocking is great outside of browser use, and it blocks many ads and tracking attempts in mobile and desktop apps.

A combination of both is best, really. I use uBlock Origin in the browser (or AdGuard Pro with Safari on Mac and iPhone) and then NextDNS. NextDNS is configured rather conservative though, because it can cause things to break otherwise, and that's hard to manage when you're not the only use of your network.

[–] [email protected] 4 points 11 months ago

Another benefit of using uBlock Origin is the ability to use the cosmetic filters so you can remove elements from the page that aren't served as ads in the typical sense. As an example when you're reading an article and there's an obnoxious box half way through that says CONSIDER SUBSCRIBING etc. It's not loading any external resources, it's just inlined HTML. But you can enter element picker mode and if you are able to uniquely target that element you can filter it out.

[–] [email protected] 6 points 11 months ago (1 children)

Adguard with DNS + local blocking is the way.

[–] [email protected] 3 points 11 months ago (1 children)

I did this for the longest time until I realised that because AdGuard works best as a virtual VPN, it is unable to run alongside an actual VPN. Luckily my VPN (and many others) support ad blocking too.

[–] [email protected] 1 points 11 months ago (1 children)

Adguard VPN and Adguard (adblocker) can work simultaneously 😀😀😀

The only caveat is that Adguard VPN only works with their servers, so you can't, for example, VPN to your home or work network.

[–] [email protected] 3 points 11 months ago (1 children)

That's not what I'm talking about. I meant to say that AdGuard on mobile (Android) runs by pretending to be a VPN in order to intercept all connections and filter the ads out of them. This works great to remove ads in apps, etc.

However, because it hooks into the VPN interface you can't then run another VPN (for example Proton VPN) because Android only allows one VPN to run at any time.

[–] [email protected] 1 points 11 months ago (1 children)

Right. I understand that.

What i mean is that if you want to run a VPN with Adguard, then Adguard VPN is compatible.

Not ideal, I get it, but if you need to bypass geo restrictions or to keep your ISP from spying on you, then it works great.

[–] [email protected] 1 points 11 months ago (1 children)

Oh you're talking about AdGuard VPN not solely the main AdGuard product. Definitely not ideal. It doesn't offer the same level of features as my current VPN who offers ad blocking anyway. Not to mention a few suspicious quotes from their website:

AdGuard VPN protocol uses the most secure and fast encryption algorithm to date – AES-256

From the very outset, we resolved to develop and deploy an in-house VPN protocol instead of picking a canned solution — that’d be too easy

We are going to make our protocol implementation publicly available in the future. Sadly, right now we don't have enough time to prepare the project

we collect data about how you interact with our services, how much traffic you’ve used, and for how long have you been using our services

ADGUARD SOFTWARE LIMITED is a company registered in Nicosia, Cyprus, registered office is at Klimentos 41-43, KLIMENTOS TOWER, Flat/Office 25, 1061, Nicosia, Cyprus and acts as the data controller when processing your data

Considering Cyprus telecommunications laws it doesn't seem like the safest place to headquarter a telecommunications privacy company.

[–] [email protected] 2 points 11 months ago

Adguard has been a trusted company in the adblocking space for a very long time, and their CEO and company is quite openly active in the privacy and cybersecurityrealm, so that's important.

That said, their VPN is a really new product, so there's a lot of room for improvement.

They do have the best adblocking solution, in my opinion, so if VPN is also needed, they give you something for that. The alternatives are often messy or not totally compatible.

For me, it works great for bypassing geo restrictions, but my threat model isn't on the extreme end. I got a plan really cheap, so it saves me money over PIA and Windscribe, which i used previously (and sucked for streaming).

I do suggest that everyone find a solution that works for them, regardless of who they go with.