- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
which is more effective, useful, and efficient?
DNS-based blocking more complete for your whole network, independent of the device settings for tech-avers users/kids. DNS-based blocking is less flexible for all users in the network - especially when you need to make exceptions for certain sites. They are also limited to your home network, unless you have a VPN server. Therefore, for mobile devices app-based blocking is the main way to go. Consequently, both make sense and your use case is relevant.
You can do DNS based blocking on mobile, I’m doing it right now.
Private DNS FTW!
I’m using the https://rethinkdns.com/ app, which also gives me a firewall. You do not have to use the app though, you can configure a set of blocklists through their webpage, then add that to Private DNS.
Edit:word
I’ve been using NextDNS foe a while. They do similar. I’ll check out rethink though. Always. Open to something different
OK, I was thinking of piHole (+ unbound) as local DNS blocker. Sure, there are other ways. Thanks for clarifying that!
OK, I was thinking of piHole (+ unbound) as local DNS blocker. Sure, there are other ways. Thanks for clarifying that!
Sounds like it’s pretty much the same as NextDNS this way. Did you ever use NextDNS? If the answer is yes: What made you go with RethinkDNS over NextDNS?
Edit: I just checked it out since it’s free. It’s probably great in combination with their app but without the app you lack a custom white- and blacklist and a query log. Means if you don’t wanna use the app then you can just manage your filter lists but that’s it. And there’s only an app for Android so it’s not very attractive to use on non-Android devices.
I have not used Next DNS, before RethinkDNS I was using Invizible Pro.
There are services like https://nextdns.io/ that makes it super easy to use DNS-based tracker blocking on most devices.
I’ve been using them for over a year and it works very well.
Mullvad also has DNS with different kind of blockers: https://mullvad.net/en/help/dns-over-https-and-dns-over-tls/ And for the DNS blocking you don’t need an account.
For android, you can enable the private DNS function (DNS over TLS) and specify a custom DNS server that has ad/tracker blocking without having to install any apps. That also has the benefit of encrypting your DNS lookups so nobody can spy on it.
Or install the open source app AdAway that I guess goes over the DNS block of some servers.
I do this but one thing to note is that it can break some wifi capture portals and auth loops, so you might have to disable specified Wi-Fi, connect, and enable. Some wifi has private view DNS records for their capture portal or auth server like clearpass. Additionally, if your phone switches days to WiFi, but you need data to query or resolve your DNS provider and Android doesn’t have it cached, then it can also fail.
If I had to pick only one of the two, I’d prefer local blocking because it cannot only not load ads, but also remove the placeholder/frame the ad would’ve been in. It’s also better at circumventing anti-adblock scripts.
That being said, DNS-based blocking is great outside of browser use, and it blocks many ads and tracking attempts in mobile and desktop apps.
A combination of both is best, really. I use uBlock Origin in the browser (or AdGuard Pro with Safari on Mac and iPhone) and then NextDNS. NextDNS is configured rather conservative though, because it can cause things to break otherwise, and that’s hard to manage when you’re not the only use of your network.
Another benefit of using uBlock Origin is the ability to use the cosmetic filters so you can remove elements from the page that aren’t served as ads in the typical sense. As an example when you’re reading an article and there’s an obnoxious box half way through that says CONSIDER SUBSCRIBING etc. It’s not loading any external resources, it’s just inlined HTML. But you can enter element picker mode and if you are able to uniquely target that element you can filter it out.
Adguard with DNS + local blocking is the way.
I did this for the longest time until I realised that because AdGuard works best as a virtual VPN, it is unable to run alongside an actual VPN. Luckily my VPN (and many others) support ad blocking too.
Adguard VPN and Adguard (adblocker) can work simultaneously 😀😀😀
The only caveat is that Adguard VPN only works with their servers, so you can’t, for example, VPN to your home or work network.
That’s not what I’m talking about. I meant to say that AdGuard on mobile (Android) runs by pretending to be a VPN in order to intercept all connections and filter the ads out of them. This works great to remove ads in apps, etc.
However, because it hooks into the VPN interface you can’t then run another VPN (for example Proton VPN) because Android only allows one VPN to run at any time.
Right. I understand that.
What i mean is that if you want to run a VPN with Adguard, then Adguard VPN is compatible.
Not ideal, I get it, but if you need to bypass geo restrictions or to keep your ISP from spying on you, then it works great.
Oh you’re talking about AdGuard VPN not solely the main AdGuard product. Definitely not ideal. It doesn’t offer the same level of features as my current VPN who offers ad blocking anyway. Not to mention a few suspicious quotes from their website:
AdGuard VPN protocol uses the most secure and fast encryption algorithm to date – AES-256
From the very outset, we resolved to develop and deploy an in-house VPN protocol instead of picking a canned solution — that’d be too easy
We are going to make our protocol implementation publicly available in the future. Sadly, right now we don’t have enough time to prepare the project
we collect data about how you interact with our services, how much traffic you’ve used, and for how long have you been using our services
ADGUARD SOFTWARE LIMITED is a company registered in Nicosia, Cyprus, registered office is at Klimentos 41-43, KLIMENTOS TOWER, Flat/Office 25, 1061, Nicosia, Cyprus and acts as the data controller when processing your data
Considering Cyprus telecommunications laws it doesn’t seem like the safest place to headquarter a telecommunications privacy company.
Adguard has been a trusted company in the adblocking space for a very long time, and their CEO and company is quite openly active in the privacy and cybersecurityrealm, so that’s important.
That said, their VPN is a really new product, so there’s a lot of room for improvement.
They do have the best adblocking solution, in my opinion, so if VPN is also needed, they give you something for that. The alternatives are often messy or not totally compatible.
For me, it works great for bypassing geo restrictions, but my threat model isn’t on the extreme end. I got a plan really cheap, so it saves me money over PIA and Windscribe, which i used previously (and sucked for streaming).
I do suggest that everyone find a solution that works for them, regardless of who they go with.