this post was submitted on 16 Sep 2024
11 points (86.7% liked)

privacy

2892 readers
54 users here now

Big tech and governments are monitoring and recording your eating activities. c/Privacy provides tips and tricks to protect your privacy against global surveillance.

Partners:

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
11
How do you filter ads and trackers outside of a browser while still using a VPN service? (self.privacy)
submitted 2 days ago by TheTwelveYearOld to c/[email protected]
7 comments fedilink hide all child comments
 

This is straightforward with browser addons like uBlock Origin where you can add and choose blocklists, but I did searches for doing so system wide and using a VPN but didn’t find clear answers. I could use a DNS service that provides blocklists but isn’t it best practice to leave DNS to the VPN provider? I looked up blocklists and VPNs but didn’t find relevant results.

On Android, I didn’t find any apps that let you filter blocklists and using your own VPN other than Rethink, but the blocklists feature requires using Rethink’s DNS.

So what’s the best way to filter ads and trackers on both 3rd party apps and on OS’s like Android (specific Samsung phones) while still using a VPN?

all 8 comments
sorted by: hot top controversial new old
[–] [email protected] 2 points 2 days ago

Adguard can work with adguard VPN to provide adblocking through the VPN. This applies to Android and Windows, and maybe even iOS versions.

With other VPNs, I've used some with their own adblocker, but they aren't nearly as good at filtering.

[–] [email protected] 2 points 2 days ago

The DNS config is really a totally separate piece from your Honeypot. Sorry, I mean your vpn.

You can use whatever DNS service you wish, or better yet set up your own with pihole or zenarmor or something like that.

[–] [email protected] 2 points 2 days ago (1 children)

You could set up a PiHole on your local network, and have the VPN's DNS be secondary.

[–] [email protected] 1 points 2 days ago (1 children)

Wouldn't that still leak your DNS? I guess that's not a big deal if you don't care about timing correlation attacks.

[–] [email protected] 2 points 2 days ago

Why would it? The PiHole would be on your local network, so it would never need to go past your router. So the request itself would be private, what matters is what you do with the response. Theoretically, the PiHole would only give responses for things it'll block (usually directing it to localhost or something), and have no response for everything else (check your configs).

So if you get a response from the PiHole, you route the request locally, which does nothing. If you don't get one, you'll check the secondary DNS, which is provided by the VPN service.

You should certainly confirm this before completely trusting it, but it should work fine.

[–] [email protected] 1 points 2 days ago

Essentially, you outsource the blocking to your VPN server in that scenario. You can have a blocklist of advertisers, trackers, or bad-behaviour like SSH/HTTPS scans, etc. You would generally download a list of misbehaving netblocks and block them on your firewall, then download a list of known-bad domain names, and block them from being resolved by DNS (i.e. just return 127.0.0.1, which is your local device, which always fails)

[–] [email protected] 1 points 2 days ago

@TheTwelveYearOld um... one can use their VPNs filtering.