Nostr Web Client

nostr:npub18ams6ewn5aj2n3wt2qawzglx9mr4nzksxhvrdc4gzrecw7n5tvjqctp424 & nostr:npub1wtuh24gpuxjyvnmjwlvxzg8k0elhasagfmmgz0x8vp4ltcy8ples54e7js (and anyone else who'd like their input) I have a few privacy/security questions that I'm having trouble wrapping my head around and wanted to know if you had any guidance for a pleb that is just getting into the self-custodial internet space. Maybe it could also help other plebs interested in taking control over their own internet.

1) I've got Pi-hole running and connected to my router, but I also know that my router has a toggle option for AdGuard. What would the reason be to prefer one over the other (other than that sweet Pi-hole dashboard)?

2) I understand the reasons for a VPN, but wouldn't that mean all your traffic is being passed on to someone else? Sure, many VPN's have a 'no data logging policy', but wouldn't that mean we'd have to emphasis(trust) their word to (a) be trustworthy and (b) they wont backpedal on in the future? There is a great incentive to actually be collecting your data covertly.

3) My understanding is that by using a VPN, you'd actually be subverting any DNS sinkhole because the traffic is being routed somewhere else, so what would be the benefit of using both? If there is a reason, how would you go about making them both work collaboratively?

4) Last but not least, any advice on removing trackers/ads from this cursed, demented piece of technology from hell that is the Samsung Smart TV?

Reply to this note

Please Login to reply.

Discussion

The Fishcake (nostr.build) 2y ago

Not sure what you are trying to achieve but here are my 31sats worth of option:

- DNS resolution is important part of your online experience, and the faster it is the better experience you’ll have. Pi-hole is fine as long as you have a decent config on it. Gives you a lot of flexibility. If you want a better experience, you can use something like https://nextdns.io/ (seems like a decent service with a lot of options)

- VPN is not something that will automatically give you security and privacy, and it’s mis-marketed to unaware people all the time. You also add extra point of slowness and centralization. If you are absolutely a high target and require complete anonymity, then better go and use some open hotspot on a new device that has no links back to you. Otherwise you gain nothing, just an illusion of anonymity.

- Onion is one more option for you to use, if speed is not a requirement, but it comes with its own challenges.

🐶🐾🫡 (this is my opinion based on my knowledge and experience)

liminal 🦠 2y ago

I've kept hearing to use a VPN especially when using nostr and have been considering it, but after getting my pihole up and running I learned about how running a VPN on it basically negated the effects so I was just like ⁉️⁉️, and with the other VPN questions I had I just decided to throw them in as well. Thanks for your input!

The Fishcake (nostr.build) 2y ago

Any time, thank you! 🐶🐾🫡🫂

Derek Ross 2y ago

I run a Pihole and have for several years. I don't have any experience with AdGuard. If you have AdGuard on your router then the only reason to run one yourself is to maybe have more control or maybe you like AdGuard better.

Sure, it's a trust me bro situation with VPNs. Mullvad VPN was contacted by authorities and had zero information to give them. They seem trustworthy because of this. But yes, they could backpedal. No one knows the future. I guess a less trust me bro situation here is for you to use Bitcoin to buy a VPS and setup Wireguard on it. Then use Wireguard on your home Internet to route traffic through the anonymous Wireguard VPS.

Yes. All traffic, including DNS resolution, goes through the VPN.

Nope. Sorry. Tell your Samsung agent I said hello.

liminal 🦠 2y ago

I've had a pi for a while and was finally in a situation where I could have my modem/router situation and configure it with a Pi-Hole. Happy and excited for the learning experience, I found out that my router has a setting to just switch on AdGuard so I'm really gauging what the options are and why.

With VPNs I've mostly thought they weren't as much a necessity as many YouTubers would claim and haven't explored that space, but after hearing about the reasoning wrt nostr its gotten me curious again. I might use one on my phone when I'm away from my home network.

That's a big oof on that last point 😭. Might end up just disconnecting it from the internet and running a HDMI whenever I need to use it 💁‍♂️

Much appreciated kind ser! 🫂

nobody 2y ago

I’ll add to the VPN conversation because Derek has already said everything I would on pihole. I’ve run one, I liked it, but did have troubles towards the end. It probably needed to be reflashed or had SD card issues.

VPN is useful for exactly six things:

1. Obfuscating your location.

If you don’t want people to know where you live, run a VPN. They can get city-sized resolution off where you live based on IP address. If this doesn’t matter to you, press on.

2. Making advertising tracking slightly more difficult. It really doesn’t, unless you do a half dozen other things.

3. Securing your data on an untrusted Wi-Fi network. If you’re on coffee shop Wi-Fi, you should use a VPN to make sure nobody can intercept your information.

4. Accessing content that is geo-restricted. If you live in a country that don’t have access to certain shows, some of these restrictions can be bypassed with a VPN server located in a country that does.

5. Torrenting. You don’t want your ISP to send you ugly letters from movie companies. Too many, and they will disconnect you, and you could become the target of a lawsuit.

6. Accessing your home network securely from a remote location. If you run syncthing, have self hosted services, or a NAS you want to access remotely, you should use a VPN to your home. Wireguard is very easy to self host on a Pi, Anna I world look into that rather than depend upon what might be outdated software on your router.

In a corporate setting, there are some slightly different but similar scenarios. Running a VPN at home for almost any other reason at all does not yield benefits, but just moves one possible layer of trust to another place (your ISP to the VPN provider) and does nothing to actually make your data more secure. Trackers use a number of metrics, of which IP addresses are only one, so you’ll need to use a combination of things to avoid fingerprinting.

Consider your threat profile at all times. Security against an ad tracker or against doxxing online is very different from security from a state actor.

liminal 🦠 2y ago

Wow, this cleared up a lot for me. Thanks so much for your input! So far, Pi-Hole is working great, and I've gotten it to be my DNS provider with Unbound. Its all been a great learning experience and maybe at some point I will need to use a some sort of VPN as I go further into the self-hosting world. Hopefully others could be pointed to this thread, or even add their own perspectives.