I really want to be able to read this and know wtf it means. I have so much skill to up.
Comment on Paramount+ unskipabble ads
dan@upvote.au 1 year agoAdGuard Home is better than PiHole since it supports DNS over HTTPS out-of-the-box, which prevents your ISP from inspecting and modifying your DNS requests/responses. The ISP can do that even if you’re using a custom DNS server, since regular DNS is unencrypted and unauthenticated.
By default it uses Quad9 via DoH.
LavaPlanet@lemmy.world 1 year ago
CmdrShepard@lemmy.one 1 year ago
DNS is like a big phone book telling you that navigating to “google.com” = IP address 75.209.123.456, for example. Your ISP can see these requests and add information to them like ads. Using AdGuard DNS encrypts these requests so they can’t be modified.
shutuuplegs@reddthat.com 1 year ago
Same can be done with Pi-hole. Yes it isn’t ootb, but it is easy to do.
There are still challenges with doh and isp packet scanning. Even without clear text dns, your isp still knows where you go, if not from the lookups. They still inspect traffic and destinations and can make very detailed inferences, even without https inspection on DoH or other packets.
Pihole is fully for free. AdH seems to be the same for now, but it is a company running it, they want to make money. I would be a bit worried about this.
This also doesn’t stop devices from doing their own dns over https. Adguard home and pihole will try to block the DoH locators (canaries) but can’t actually stop a tv from connecting to a known ip if it wants to.
Don’t get me wrong. I highly recommend something, and adguard home is nice, but I’m not convinced by its the right long term solution nor does either solution provide the sum total.
dan@upvote.au 1 year ago
I’m surprised they don’t use it by default though. People usually use solutions like PiHole and AdGuard Home because they want to configure it via a UI rather than at the command line, so needing to do extra manual command-line steps to get DoH working with PiHole isn’t ideal.
AdGuard Home is licensed under GNU GPL. They can’t relicense it unless they get permission from everyone that’s contributed code (and if anyone disagrees, their parts must be deleted or rewritten).
shutuuplegs@reddthat.com 1 year ago
Code yes, but the information, lists, and capabilities beyond that no.
I do think it’s a low risk, but it is not zero.
They could also do some nefarious stuff if they get bought out.
Don’t get me wrong I hope they last and I’m just plain wrong, but pihole works great and is a bit more pure.
About ui/ux, you are one hundred percent right. People want and demand simple. Single click install and setup is what is really needed and pihole loses resoundingly in that, especially if combined with encrypted dns request forwarding.