During the process of managing my Home Assistant server, I discovered a neat little tool named Pi-hole and decided to give it a whirl. It's a DNS server which uses blacklists to block ads and various flavors of crapware. So far it's been working really well, without any negative side effects that I've noticed.
Among the things I've discovered by browsing the reports:
- Google Chrome sends out a handful of DNS requests for random domains every time it starts up, to try and detect DNS hijacking
- My son's phone goes bonkers at midnight and requests a few thousand Google ads. I'm thinking maybe there's a bad app installed on there. That alone counts for 80% of the blocked requests.
- There are a lot of apps that phone home to the mother ship. I knew it happened, but I'm blown away by the actual scale of it. It's ridiculous. Not just the advertising, but the privacy leaks.
- Just from DNS, there is a lot you can infer about site a person is visiting. TLS won't help you there.
My next step is deciding whether to deploy this via VPN on my phone. I like the idea, but not sure if I want the hassle of it.