this post was submitted on 28 Oct 2023
108 points (95.8% liked)
Privacy
31991 readers
871 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
... any app can bypass easily your DHCP DNS provided... and as I said, I don't install any weird app on my phone, I just use it as a phone, to communicate, chat and to download podcasts to listen on night. Win. While you just win at your local home network... xD
While my phone: https://doc.e.foundation/support-topics/advanced_privacy
win win?
It can't bypass my network DNS if only my DNS server is allowed to send out via port 53.
It's really fun to see how some devices are completely panicking. (I only have some chromecast music devices which do not need any internet) Anyway, I do hate that there are manufacturers who hardcode a dns into MY devices.
For the time I'm outside my network I do have a VPN which allows me to acces my pi-hole from outside (I never felt that the speed or latency is especially low)
There are even routers which allow you to re-route specific ports to specific devices. So, even if the device wants 8.8.8.8 the firewall would reroute it to my dns server
If you want a privacy friendly option that works from in/and outside your network without all the hassle above I can also recommend proton VPN which also procides tracker and ad blocking.
Yeah, I already have ProtonVPN subscription that I don't really use... my smartphone OS already have built-in filter... And I can enable Tor network to all my phone connections which is safer from a plain VPN (but more problematic as many webs blocks you, that's when I can use ProtonVPN with Secure Core which is super cool yeah! :D).
But I don't like the idea of having a VPN that allows a device from outside my LAN access in. I would feel super paranoid and unsafe, knowing there is a way to get in.
And... my Smart TV is mainly used by my mom... still no ads but just saying... if I have a good PC... with many screens... why would I want a TV, I'm too addicted to PC. xD I can even access to the TV tuner with my PC with a HDHomeRun, and I just do
mpv http://ip_of_hdhomerun/channel
for example.In my network it can only do that if the app has a hardcoded encrypted DNS server because I use NAT rules to force all unencrypted DNS to be processed by my OPNsense (which uses NextDNS as upstream DNS servers). And I highly doubt many apps even have a hardcoded DNS server anyway (no matter if unencrypted or encrypted).
That's your personal use case but not everyone elses. I do much more with my phone. For example browsing. And I think most people do it too. Anyway, as long as you use mobile internet even your OS on your phone could spy on you with tracker domains. Most people don't use a custom ROM so you're just one of few people who this doesn't apply to.
Wrong. I use NextDNS so I have it everywhere. ;)
I have it everywhere too and I was talking about Pi-Hole.
Firefox and Telegram for example has built-in DNS if I'm not wrong. (you can disable it easily)
We are sharing our use cases. And my context was "I don’t understand why people even talks about Pi-Hole" and you are replying to this, not saying anything about NextDNS, just Pi-Hole.
EDIT: Also, I think using your phone for other things is wrong, they aren't really designed for that, they aren't that secure as a PC can be.
Well, you said "you" so I thought you were talking about me since you replied to my comment.
Right. I don't know about Telegram but in Firefoxes case I think it's disabled by default. I specifically checked that on my Firefox so it won't bypass my OPNsense.
You don't see it, do you? First you talk about your use case but then you talk about other people. So not your use case anymore. In their use case a Pi-hole, AdGuard Home, NextDNS or whatever else maybe makes sense and isn't a bad choice.
Erm... what?? Smartphones are designed for many different things. Browsing the internet is just one of many things it's made for. It's called "smartphone" for a reason.
No, it is not off by default, it is set on "Default Protection: Firefox decides when to use secure DNS to protect your privacy.".
What happened here is: People shares their use-case, I say I don't understand why they do that, and I share my use case... I don't understand what's wrong with that... or what's your problem here. It's cool to know you are using NextDNS, it is not a self-hosted RPi that runs Pi-Hole that only works on local network.
Then you replied me with:
Which is all super cool, but not related with what I said about Pi-Hole.
Smartphones are still phones (makes call when you type a number) but smart to have a contact list, a browser, calculator... that makes it smart, like accessing to your bank with their app that normally then ensure to be safe to use, but it wasn't initially designed for that, it's not a PC (I know it can do the same, but you are forcing a small device to do something that isn't designed to do), it started without being secure by design, they needed many Android versions to start implementing security and still there is some mess with permissions. It is not designed to game, watch Instagram or stuff that makes you addicted to their content..., and then it usually gets too hot and only damages your health and the device health. Now it evolved and companies tries to make you addicted to it to collect as more data as they can to provide you some ad-targeting, while making it cheap as they can with those labor-forced works (stealing resources on other countries) to make a super-mega-fast-all-in-one device that makes you think you are a professional photographer for example, adds you fake filters... That's all bullshit, and I think this is the main reason why kids are growing so wrongly, too many shit influencers and toxic society, people living in their bubble and browsing from devices like those. Most apps require many permissions that allow to collect many data, and NextDNS does nothing about this if those apps bypass your system DNS.