I’ll add to the VPN conversation because Derek has already said everything I would on pihole. I’ve run one, I liked it, but did have troubles towards the end. It probably needed to be reflashed or had SD card issues.
VPN is useful for exactly six things:
1. Obfuscating your location.
If you don’t want people to know where you live, run a VPN. They can get city-sized resolution off where you live based on IP address. If this doesn’t matter to you, press on.
2. Making advertising tracking slightly more difficult. It really doesn’t, unless you do a half dozen other things.
3. Securing your data on an untrusted Wi-Fi network. If you’re on coffee shop Wi-Fi, you should use a VPN to make sure nobody can intercept your information.
4. Accessing content that is geo-restricted. If you live in a country that don’t have access to certain shows, some of these restrictions can be bypassed with a VPN server located in a country that does.
5. Torrenting. You don’t want your ISP to send you ugly letters from movie companies. Too many, and they will disconnect you, and you could become the target of a lawsuit.
6. Accessing your home network securely from a remote location. If you run syncthing, have self hosted services, or a NAS you want to access remotely, you should use a VPN to your home. Wireguard is very easy to self host on a Pi, Anna I world look into that rather than depend upon what might be outdated software on your router.
In a corporate setting, there are some slightly different but similar scenarios. Running a VPN at home for almost any other reason at all does not yield benefits, but just moves one possible layer of trust to another place (your ISP to the VPN provider) and does nothing to actually make your data more secure. Trackers use a number of metrics, of which IP addresses are only one, so you’ll need to use a combination of things to avoid fingerprinting.
Consider your threat profile at all times. Security against an ad tracker or against doxxing online is very different from security from a state actor.
