this post was submitted on 13 Apr 2024
99 points (94.6% liked)

Privacy

32424 readers
518 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I'm talking full phone and blocking. Not just browser.

Edit: So many options! Thanks guys I'll go through them all and see what one I think will work best for me. I appreciate it.

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 34 points 8 months ago (4 children)

Pihole on the home network and my phone has constant VPN connection to the home network via Wireguard.

[–] [email protected] 4 points 8 months ago (2 children)

Out of curiosity, you have to open a port in the router for that to work, right? How does that work in the security aspect? Do you need to do some constant maintenance in your setup or something in order not to be vulnerable?

[–] [email protected] 5 points 8 months ago (1 children)

While you have to open a port for wireguard, it doesnt respond to anything other than your clients with a key. It should be safe enough without any maintenance, but security updates are always a good idea. If you don't want to open port there are alternatives like tailscale or zerotier, but I have never tried them

[–] [email protected] 2 points 8 months ago* (last edited 8 months ago)

Meshvpns like you described work good but having a real WAN connection works best in my experience.

[–] [email protected] 3 points 8 months ago

Yes, wireguard requires an open port. No security issues in the years I've had this setup.

[–] [email protected] 2 points 8 months ago (2 children)

How much battery do you think this consumes? I've always thought an always on VPN set up but never tried it as I assumed it would drain the battery too quickly.

[–] [email protected] 2 points 8 months ago

The battery consumption is negligible. I use Invisible Pro with so many different types of blocks and circumventions that it's almost ridiculous, and it runs at about a 3% in 24 hours. Invisible Pro has to be way up on the battery sucking scale for similar products.

[–] [email protected] 1 points 8 months ago

1-2% with always on VPN. My kernel is very old (3.18) and it doesn't have wireguard kernel module.

[–] [email protected] 2 points 8 months ago (1 children)

I have the same configuration running on all my devices, my kids and my wife's too, it's wonderful.

load more comments (1 replies)
[–] [email protected] 1 points 8 months ago

This is the way.

[–] [email protected] 26 points 8 months ago* (last edited 8 months ago) (1 children)
[–] [email protected] 2 points 8 months ago

AdAway is amazing. I've used the rooted version for 10 years now and it just works

[–] [email protected] 23 points 8 months ago (2 children)

My personal favorite is RethinkDNS, which is technically capable of running your favorite VPN provider alongside blocking ads and blocking/logging domains on a per-app basis.

It's a bit frustrating to set up for my taste, but it definitely works. (Kudos to Mozilla for sponsoring their project, BTW.)

[–] [email protected] 3 points 8 months ago

RethinkDNS is super awesome! 🙌

[–] [email protected] 2 points 8 months ago

It also works with Orbot

[–] [email protected] 22 points 8 months ago (1 children)

You want a DNS based adblocker. I like nextdns because I can customise it.

[–] [email protected] 1 points 8 months ago (1 children)

Can you customise it down to the domain?

[–] [email protected] 1 points 8 months ago (1 children)

If you mean blocking specific websites, then yes. It's in the parental control section

[–] [email protected] 1 points 8 months ago

Nice. I use Mullvad DNS for the same purpose.

They seem to have many different endpoints depending on what you want to block, which is customizable only down to the type of content. Ads, trackers, malware, adult content, gambling, social media.

If I understand it properly, they have 64 different endpoints for their DNS. But I'm not sure if all of these are publicly facing or if you have to be connected via their VPN service for all of them to be accessible.

[–] [email protected] 19 points 8 months ago (2 children)

AdGuard can filter all (or select) traffic blocking ads in other apps.

[–] [email protected] 2 points 8 months ago (1 children)

You can also use their DNS server without having to install anything

[–] [email protected] 2 points 8 months ago* (last edited 8 months ago)

That is true but then it applies to everything and you can't pick and choose which app to filter and which not (I exclude banking app for example), what level of filtering you want for each app (my phone is not rooted so there are some apps which will reject https filtering), and additionally I can quickly turn off and on filtering in the app for example when there's a need for troubleshooting why something is not loading etc. In short, with an app you have more control and access to stats:

[–] [email protected] 2 points 8 months ago* (last edited 8 months ago) (2 children)

Doesn't that require root? Or am I getting it confused with another solution with "ad" in the title? :/

[–] [email protected] 6 points 8 months ago (2 children)

The one you are thinking is Adaway which makes changes to the system host file.

AdGuard creates a local VPN connection and lets all traffic run through that blocking based on filters. Your VPN slot is taken up here.

NextDNS just changes your phone DNS to its servers and blocks based on filters. Here, your VPN slot is essentially free for use with actual VPN apps.

[–] [email protected] 2 points 8 months ago* (last edited 8 months ago)

Your VPN slot is taken up here.

Oof, yeah, that wouldn't work for me anyway since I currently use a VPN. Lol.

Thanks for clearing it up though! :)

NextDNS just changes your phone DNS to its servers and blocks based on filters. Here, your VPN slot is essentially free for use with actual VPN apps.

That sounds promising! :D

load more comments (1 replies)
[–] [email protected] 11 points 8 months ago (1 children)
[–] [email protected] 3 points 8 months ago

+1 for nextdns, it allows me to track all the connection requests and it saves the logs on Swiss.

[–] [email protected] 10 points 8 months ago (2 children)

I use Blokada - but not the latest version since the company switched from the free open-source standalone app paradigm to a cloud-based continual paid subscription model. It seems like Blokada version 4 (obtained either from the company's webpage or F-droid I forget which) blocks a heck of a lot more stuff than version 5 for some reason.

On the other hand, it also noticeably heats up my phone if a not-well-behaved app (examples include Freemium games) continually resubmits queries over & over again every (or even multiple times a) second. You can block every request that it makes... but it can also keep making them so... at some point you may question whether the cost is worth it.

This arguably relates more to "tracking" than actual advertisements, since there can only be a finite number of the latter but the former can happen all day every day even when the app is not running, if it decides to be aggressive about checking in with its home base. These days, even if you do pay for something, your data is STILL the actual "product" that is the reason the company is in business at all to obtain.:-(

[–] [email protected] 8 points 8 months ago (2 children)

If you still want to use a VPN style adblocker, I moved from Blokada some time ago to Adaway. Works the same.

[–] [email protected] 3 points 8 months ago (1 children)

Thank you for helping fill out this list. May I ask why you moved away from Blokada? Version 5 is bad ofc, and 6 is far, FAR worse, but 4 worked well for me.

It looks like AdAway has some nice features since I saw it last, like the ability to whitelist a particular app. If it does not require root permissions, it might be a clear winner even.

[–] [email protected] 3 points 8 months ago

blokada to netGuard and the reason is precision

https://github.com/M66B/NetGuard/releases or izzysoft or fDroid

it doesn't need root

load more comments (1 replies)
[–] [email protected] 4 points 8 months ago (1 children)

I use Blockada 5 and haven't noticed any heating issues, it might be worth a go! I did have to enable most of the lists to get good coverage (and then a couple custom selected on/off over time) but I mostly don't think about it after a little setup. The only thing I do have to worry about is swapping which VPN is on when I want a real VPN- but fortunately the VPN I like (Mullvad) has adblock built in too.

[–] [email protected] 3 points 8 months ago (1 children)

Yeah I still use Blokada 5 on my daily driver - it generally works "well enough" for most things, so I never bothered to switch to 4 on it. But I did notice that if you try to play a game on it, it's like the ad blocker isn't even there, whereas version 4 worked a lot better straight away. I may just not have played around enough with the settings of 5 though:-).

[–] [email protected] 3 points 8 months ago

I use 5 and I noticed it was hit or miss so I just said fuck it and enabled all of the available lists lol haven't seen an ad since

[–] [email protected] 9 points 8 months ago (1 children)

AdGuard. You can get a lifetime license through stack social for anywhere between $16-$30. It also does HTTPS filtering.

[–] [email protected] 2 points 8 months ago

Same I love adguard. I only wish there was a way to use it with a third party VPN (without root)

[–] [email protected] 8 points 8 months ago (1 children)
[–] [email protected] 2 points 8 months ago

+1 for LibreDNS! I don't see it mentioned enough.

[–] [email protected] 6 points 8 months ago

Go to your Settings app. Click on Network and Internet. Click on Private DNS. Click on Private DNS provider hostname and a type. "p2.freedns.controld.com". Click OK and you're done.

[–] [email protected] 6 points 8 months ago

RethinkDNS is a great option unless you already have something in place that you want to use as well.

For example, I have a pi-hole and a server that I'd like to use 24/7. There's a few ways to do it, but I'm an idiot and need a simple, hard-to-ruin method. So I use the pi-hole as an exit node with TailScale

[–] [email protected] 5 points 8 months ago* (last edited 8 months ago)

uBlock Origin on Mull browser (if not Firefox), Mullvad DNS or NextDNS for "Private DNS" (its DNS-over-HTTPS iirc) if you are not rooted

[–] [email protected] 4 points 8 months ago* (last edited 8 months ago) (1 children)

Probably a good VPN with adblocking features. Iirc, protonvpn and mullvad do this pretty well. I've tried the dns methods like other people mention and on some public networks, it won't work because they force a specific dns so you need to vpn for it to work.

[–] [email protected] 1 points 8 months ago

And if they force a particular DNS they're is a reason for that and I don't use that Wi-Fi

[–] [email protected] 4 points 8 months ago

Use ublock origin

[–] [email protected] 3 points 8 months ago

I'm a fan of nextdns

[–] [email protected] 3 points 8 months ago
[–] [email protected] 2 points 8 months ago

Proton VPN , or just change DNS to DNS.adguard.com

load more comments
view more: next ›