this post was submitted on 13 Apr 2024
97 points (94.5% liked)

Privacy

32506 readers
965 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I'm talking full phone and blocking. Not just browser.

Edit: So many options! Thanks guys I'll go through them all and see what one I think will work best for me. I appreciate it.

top 50 comments
sorted by: hot top controversial new old
[–] extrahazmat@lemm.ee 33 points 8 months ago (4 children)

Pihole on the home network and my phone has constant VPN connection to the home network via Wireguard.

[–] nossaquesapao@lemmy.eco.br 4 points 8 months ago (2 children)

Out of curiosity, you have to open a port in the router for that to work, right? How does that work in the security aspect? Do you need to do some constant maintenance in your setup or something in order not to be vulnerable?

[–] rambos@lemm.ee 5 points 8 months ago (1 children)

While you have to open a port for wireguard, it doesnt respond to anything other than your clients with a key. It should be safe enough without any maintenance, but security updates are always a good idea. If you don't want to open port there are alternatives like tailscale or zerotier, but I have never tried them

[–] barbara@lemmy.ml 2 points 8 months ago* (last edited 8 months ago)

Meshvpns like you described work good but having a real WAN connection works best in my experience.

[–] extrahazmat@lemm.ee 3 points 8 months ago

Yes, wireguard requires an open port. No security issues in the years I've had this setup.

[–] rizoid@lemmy.dbzer0.com 2 points 8 months ago (1 children)

I have the same configuration running on all my devices, my kids and my wife's too, it's wonderful.

[–] CyberDine@lemmy.world 1 points 8 months ago

Did you use a guide to configure it all? I'd love to get started but networking has always been a weak spot for me

[–] lemmyingly@lemm.ee 2 points 8 months ago (2 children)

How much battery do you think this consumes? I've always thought an always on VPN set up but never tried it as I assumed it would drain the battery too quickly.

[–] jjlinux@lemmy.ml 2 points 8 months ago

The battery consumption is negligible. I use Invisible Pro with so many different types of blocks and circumventions that it's almost ridiculous, and it runs at about a 3% in 24 hours. Invisible Pro has to be way up on the battery sucking scale for similar products.

[–] michael_palmer@lemmy.sdf.org 1 points 8 months ago

1-2% with always on VPN. My kernel is very old (3.18) and it doesn't have wireguard kernel module.

[–] friek@sh.itjust.works 1 points 8 months ago

This is the way.

[–] gilgameth@lemmy.world 26 points 8 months ago* (last edited 8 months ago) (1 children)
[–] brb@sh.itjust.works 2 points 8 months ago

AdAway is amazing. I've used the rooted version for 10 years now and it just works

[–] LWD@lemm.ee 23 points 8 months ago (2 children)

My personal favorite is RethinkDNS, which is technically capable of running your favorite VPN provider alongside blocking ads and blocking/logging domains on a per-app basis.

It's a bit frustrating to set up for my taste, but it definitely works. (Kudos to Mozilla for sponsoring their project, BTW.)

[–] Sunny@slrpnk.net 3 points 8 months ago

RethinkDNS is super awesome! 🙌

[–] Cheradenine@sh.itjust.works 2 points 8 months ago

It also works with Orbot

[–] then_three_more@lemmy.world 20 points 8 months ago (1 children)

You want a DNS based adblocker. I like nextdns because I can customise it.

[–] lemmyingly@lemm.ee 1 points 8 months ago (2 children)

Can you customise it down to the domain?

load more comments (2 replies)
[–] Blizzard@lemmy.zip 18 points 8 months ago (2 children)

AdGuard can filter all (or select) traffic blocking ads in other apps.

[–] EveryMuffinIsNowEncrypted@lemmy.blahaj.zone 2 points 8 months ago* (last edited 8 months ago) (2 children)

Doesn't that require root? Or am I getting it confused with another solution with "ad" in the title? :/

[–] lemmy_nightmare@sh.itjust.works 6 points 8 months ago (2 children)

The one you are thinking is Adaway which makes changes to the system host file.

AdGuard creates a local VPN connection and lets all traffic run through that blocking based on filters. Your VPN slot is taken up here.

NextDNS just changes your phone DNS to its servers and blocks based on filters. Here, your VPN slot is essentially free for use with actual VPN apps.

[–] EveryMuffinIsNowEncrypted@lemmy.blahaj.zone 2 points 8 months ago* (last edited 8 months ago)

Your VPN slot is taken up here.

Oof, yeah, that wouldn't work for me anyway since I currently use a VPN. Lol.

Thanks for clearing it up though! :)

NextDNS just changes your phone DNS to its servers and blocks based on filters. Here, your VPN slot is essentially free for use with actual VPN apps.

That sounds promising! :D

load more comments (1 replies)
[–] ominouslemon@lemm.ee 2 points 8 months ago (1 children)

You can also use their DNS server without having to install anything

[–] Blizzard@lemmy.zip 2 points 8 months ago* (last edited 8 months ago)

That is true but then it applies to everything and you can't pick and choose which app to filter and which not (I exclude banking app for example), what level of filtering you want for each app (my phone is not rooted so there are some apps which will reject https filtering), and additionally I can quickly turn off and on filtering in the app for example when there's a need for troubleshooting why something is not loading etc. In short, with an app you have more control and access to stats:

[–] sabreW4K3@lazysoci.al 11 points 8 months ago (1 children)
[–] tigerjerusalem@lemmy.world 3 points 8 months ago

+1 for nextdns, it allows me to track all the connection requests and it saves the logs on Swiss.

[–] OpenStars@startrek.website 10 points 8 months ago (2 children)

I use Blokada - but not the latest version since the company switched from the free open-source standalone app paradigm to a cloud-based continual paid subscription model. It seems like Blokada version 4 (obtained either from the company's webpage or F-droid I forget which) blocks a heck of a lot more stuff than version 5 for some reason.

On the other hand, it also noticeably heats up my phone if a not-well-behaved app (examples include Freemium games) continually resubmits queries over & over again every (or even multiple times a) second. You can block every request that it makes... but it can also keep making them so... at some point you may question whether the cost is worth it.

This arguably relates more to "tracking" than actual advertisements, since there can only be a finite number of the latter but the former can happen all day every day even when the app is not running, if it decides to be aggressive about checking in with its home base. These days, even if you do pay for something, your data is STILL the actual "product" that is the reason the company is in business at all to obtain.:-(

[–] RootBeerGuy@discuss.tchncs.de 8 points 8 months ago (2 children)

If you still want to use a VPN style adblocker, I moved from Blokada some time ago to Adaway. Works the same.

[–] OpenStars@startrek.website 3 points 8 months ago (1 children)

Thank you for helping fill out this list. May I ask why you moved away from Blokada? Version 5 is bad ofc, and 6 is far, FAR worse, but 4 worked well for me.

It looks like AdAway has some nice features since I saw it last, like the ability to whitelist a particular app. If it does not require root permissions, it might be a clear winner even.

[–] merde@sh.itjust.works 3 points 8 months ago

blokada to netGuard and the reason is precision

https://github.com/M66B/NetGuard/releases or izzysoft or fDroid

it doesn't need root

[–] growsomethinggood@reddthat.com 4 points 8 months ago (1 children)

I use Blockada 5 and haven't noticed any heating issues, it might be worth a go! I did have to enable most of the lists to get good coverage (and then a couple custom selected on/off over time) but I mostly don't think about it after a little setup. The only thing I do have to worry about is swapping which VPN is on when I want a real VPN- but fortunately the VPN I like (Mullvad) has adblock built in too.

[–] OpenStars@startrek.website 3 points 8 months ago (1 children)

Yeah I still use Blokada 5 on my daily driver - it generally works "well enough" for most things, so I never bothered to switch to 4 on it. But I did notice that if you try to play a game on it, it's like the ad blocker isn't even there, whereas version 4 worked a lot better straight away. I may just not have played around enough with the settings of 5 though:-).

[–] B1naryB0t@lemmy.dbzer0.com 3 points 8 months ago

I use 5 and I noticed it was hit or miss so I just said fuck it and enabled all of the available lists lol haven't seen an ad since

[–] BoisZoi@lemmy.ml 9 points 8 months ago (1 children)

AdGuard. You can get a lifetime license through stack social for anywhere between $16-$30. It also does HTTPS filtering.

Same I love adguard. I only wish there was a way to use it with a third party VPN (without root)

[–] hellequin67@lemm.ee 8 points 8 months ago (1 children)
[–] AnActOfCreation@programming.dev 2 points 8 months ago

+1 for LibreDNS! I don't see it mentioned enough.

RethinkDNS is a great option unless you already have something in place that you want to use as well.

For example, I have a pi-hole and a server that I'd like to use 24/7. There's a few ways to do it, but I'm an idiot and need a simple, hard-to-ruin method. So I use the pi-hole as an exit node with TailScale

[–] shortwavesurfer@monero.town 6 points 8 months ago

Go to your Settings app. Click on Network and Internet. Click on Private DNS. Click on Private DNS provider hostname and a type. "p2.freedns.controld.com". Click OK and you're done.

[–] jinwk00@lemm.ee 5 points 8 months ago* (last edited 8 months ago)

uBlock Origin on Mull browser (if not Firefox), Mullvad DNS or NextDNS for "Private DNS" (its DNS-over-HTTPS iirc) if you are not rooted

[–] possiblylinux127@lemmy.zip 4 points 8 months ago

Use ublock origin

[–] pineapplelover@lemm.ee 4 points 8 months ago* (last edited 8 months ago) (1 children)

Probably a good VPN with adblocking features. Iirc, protonvpn and mullvad do this pretty well. I've tried the dns methods like other people mention and on some public networks, it won't work because they force a specific dns so you need to vpn for it to work.

[–] Delusion6903@discuss.online 1 points 8 months ago

And if they force a particular DNS they're is a reason for that and I don't use that Wi-Fi

[–] randombullet@programming.dev 3 points 8 months ago

I'm a fan of nextdns

[–] sag@lemm.ee 3 points 8 months ago