Topics

Your connection to the Internet, privacy and DNS

Gordon Haverland
 

Greetings.

A day or two ago, I ran across something at TheRegister.

Most people connect to the Internet via an ISP. So, they connect to
the Internet, and probably accept a DNS suggestion. And then any
time their computer goes to look up something; the conversion from
symbolic name occurs via the suggestion the ISP provides in the
initial handshake.

And this can occur if the computer talking to the ISP is a router, and
then it handles DNS requests for the LAN at your end.

Some websites are now screwing around with the DNS, such that it can be
easily possible to track every person on earth via DNS queries; and it
makes it more difficult to differentiate first party from third party
cookies for some browsers.

There are many kinds of Raspberry Pi, most of which can run some kind
of Linux. I believe some can run BSD and a few can run Android. There
might be other OS as well.

There is a project called Pi-hole, whereby one sets up a RPi as a DNS
for a LAN, and it filters DNS queries for the LAN. How much of a RPi
you need, I don't know. It seems that most RPi are in the middle
somewhere performance wise. The smallest RPi tend to be the Pi Zero
and possible clones of it. The biggest RPi is probably the Odroid
XU4. There is something like a 15-30 to 1 performance difference there
(the XU4 is about 15-30 times faster than the zero).

There are quite a few articles on how to set up and/or tune a Pi-hole.
There are also some articles about how much a Pi-hole affects browsing;
some web pages download less than 1% with Pi-hole than without.
Nominally all of that it advertising, some may be malicious.

--

Gord

Rick Forges
 

I've been running Pi-hole on a Pi3 for a few weeks now , works fine ; snappy. no prob. so far.

On Sun, Nov 24, 2019 at 9:36 AM Gordon Haverland <ghaverla@...> wrote:
Greetings.

A day or two ago, I ran across something at TheRegister.

Most people connect to the Internet via an ISP.  So, they connect to
the Internet, and probably accept a DNS suggestion.  And then any
time their computer goes to look up something; the conversion from
symbolic name occurs via the suggestion the ISP provides in the
initial handshake.

And this can occur if the computer talking to the ISP is a router, and
then it handles DNS requests for the LAN at your end.

Some websites are now screwing around with the DNS, such that it can be
easily possible to track every person on earth via DNS queries; and it
makes it more difficult to differentiate first party from third party
cookies for some browsers.

There are many kinds of Raspberry Pi, most of which can run some kind
of Linux.  I believe some can run BSD and a few can run Android.  There
might be other OS as well.

There is a project called Pi-hole, whereby one sets up a RPi as a DNS
for a LAN, and it filters DNS queries for the LAN.  How much of a RPi
you need, I don't know.  It seems that most RPi are in the middle
somewhere performance wise.  The smallest RPi tend to be the Pi Zero
and possible clones of it.  The biggest RPi is probably the Odroid
XU4.  There is something like a 15-30 to 1 performance difference there
(the XU4 is about 15-30 times faster than the zero).

There are quite a few articles on how to set up and/or tune a Pi-hole.
There are also some articles about how much a Pi-hole affects browsing;
some web pages download less than 1% with Pi-hole than without.
Nominally all of that it advertising, some may be malicious.

--

Gord




Robert Goshko
 

I have had my Pi-Hole up and running for a couple of months on a Pi3, even have OpenVPN setup so I can use it via my cellphone as well.

Works good, typically blocks around 20% of the DNS queries on my home network.


On Sun, Nov 24, 2019 at 4:06 PM Rick Forges <canuckbeemer@...> wrote:
I've been running Pi-hole on a Pi3 for a few weeks now , works fine ; snappy. no prob. so far.

On Sun, Nov 24, 2019 at 9:36 AM Gordon Haverland <ghaverla@...> wrote:
Greetings.

A day or two ago, I ran across something at TheRegister.

Most people connect to the Internet via an ISP.  So, they connect to
the Internet, and probably accept a DNS suggestion.  And then any
time their computer goes to look up something; the conversion from
symbolic name occurs via the suggestion the ISP provides in the
initial handshake.

And this can occur if the computer talking to the ISP is a router, and
then it handles DNS requests for the LAN at your end.

Some websites are now screwing around with the DNS, such that it can be
easily possible to track every person on earth via DNS queries; and it
makes it more difficult to differentiate first party from third party
cookies for some browsers.

There are many kinds of Raspberry Pi, most of which can run some kind
of Linux.  I believe some can run BSD and a few can run Android.  There
might be other OS as well.

There is a project called Pi-hole, whereby one sets up a RPi as a DNS
for a LAN, and it filters DNS queries for the LAN.  How much of a RPi
you need, I don't know.  It seems that most RPi are in the middle
somewhere performance wise.  The smallest RPi tend to be the Pi Zero
and possible clones of it.  The biggest RPi is probably the Odroid
XU4.  There is something like a 15-30 to 1 performance difference there
(the XU4 is about 15-30 times faster than the zero).

There are quite a few articles on how to set up and/or tune a Pi-hole.
There are also some articles about how much a Pi-hole affects browsing;
some web pages download less than 1% with Pi-hole than without.
Nominally all of that it advertising, some may be malicious.

--

Gord






--
...Rob

-- No trees were killed in the sending of this message.  However a large number of electrons were terribly inconvenienced.

09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

================================================
Robert Goshko
Registered Linux User #260513