Privacy
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
All kind of achieve the same thing, but in different ways.
Pi-Hole is the completely free way of doing ad and tracker blocking at the DNS level. Free as in free beer and free as in free speech.
AdGuard is free as in free beer but not as in free speech.
Both solutions mentioned above have to be self-hosted.
NextDNS is a managed service for which you have to pay a (very small) monthly fee for. The advantage is that - once setup - it pretty much just works (exception being custom updates to filter lists, but that applies to the other two as well). What's cool about that is that it's reachable from outside your local network, so you can use it on your phone or whatever even when you're not at home (they offer apps and profiles for easy setup). You can expose your Pi-Hole/AdGuard DNS to the outside world, but this has some caveats and probably higher latency/worse availability.
Opinions differ when it comes to privacy, but I'd say they (NextDNS) are trustworthy/not selling your data as this doesn't seem to be their business model. Obviously, with Pi-Hole you don't have to trust anyone (except the code authors unless you study the code yourself), so when in doubt Pi-Hole wins in this regard.
Be careful when setting up either of these as the default DNS service in your home network, especially when other users are in your network, as the default configuration of either of these will break some websites, services and apps to stop working and you (the admin) would have to handle the errors your users are getting by adding exceptions and/or different filters. The good news is that there are more conservative filter settings available that will still block most ads and trackers while being way less likely to break anything.
Eli5 free as in free beer and free as in free speech?
Free beer is freeware, but it can be closed source.
Free speech is freeware that's also open source with a permissive license, so you can create an opinionated version of it.
Free as in beer - Free in the sense of costing no money.
Free as in speech - Free in the sense of having no restrictions; libre.
AdGuard is free as in free beer but not as in free speech.
I think in the context of this discussion, they are talking about AdGuard Home, which is GPL. So it's also free as in free speech.
Oh you're right. Didn't even realize AdGuard was GPL in its "Home" version.
Yeah, it's essentially completely different software. Their naming scheme makes it even more confusing.
Be careful when setting up either of these as the default DNS service in your home network
So any DNS based blocker is going to have the same problem. I can report though that adguard home with the default blocklists and adding in the oisd big list hasn't broken anything. It isn't until I start adding keyword/regex based blocking that stuff starts breaking. And then it's mostly streaming apps that break. They have gotten smarter over the years about what to do when they can't find their ad/tracker servers.
I use Pi-Hole and works great. I’ve heard about AdGuard and seems the same thing as PiHole
Only if you're talking about AdGuard Home, then yes. When you talk about AdGuard you usually just mean the adblocker app which is something completely different.
I used all three of them. While AdGuard Home has some nice features that Pi-hole doesn't, it in my experience has much more problems and has been unstable on some updates. So since you prefer stability for your DNS server I'd recommend Pi-hole over AdGuard Home.
NextDNS doesn't need to be self-hosted because it's a service on the internet. The disadvantage is that you are offered a list of blocklists from which you can choose but unlike Pi-hole or AdGuard Home you cannot add more lists. But they offer many lists so that's not a big problem. If you need more than 300k queries a month you need to pay for their service. But since NextDNS is a service on the internet it means that you can use it on all of your devices no matter where you are.
Strange we've had differing experiences. I've only been using Adguard for a couple of months, but the reason I left Pihol was because of its instability! Or at least, the database would constantly get chowned elsewhere when running in docker so I couldn't whitelist any domains.
Adguard's been 100% stable so far for me.
As long as it works fine for you I'm glad. :)
If you're interested here are my three bad experiences with AGH:
- The "use AdGuard browsing security web service" option made all DNS queries so slow after a week to the point where nothing was resolved anymore. (That was 2 years ago, maybe fixed now)
- They removed some library with an update which caused a panic when booting AGH so it wouldn't start anymore. That library was needed to use the DoH encryption of one of my upstream DNS servers. I had to remove that one from my config.
- The next update didn't fix this issue but added another one: A few hours of running this version ( I don't remember the version number) the AGH service suddenly crashed. I started it again but 5 minutes later it would crash again. That was the point where I stopped using AGH because it didn't feel reliable anymore and updates only made it worse.
Fair enough!
It's just worked out of the box for me - and TIL it actually existed two years ago, I hadn't heard of it until about six months ago.
But yes - it's great to have choices and pihole deserves some extra credit for blazing the trail in this area.
I currently selfhost AdGuard Home and it works very efficiently. I added custom lists plus personal filters, and as a plus, I exposed the DoT on the web, so I can use the device I "authorized" no matter where I am. Big plus for me
~~You are incorrect. You can add custom lists to NextDNS~~
Edit: I am so sorry. Apparently I was completely misremembering my setup.
The contradict me directly.
I too was under the impression that you couldn't add custom lists to NextDNS. Last time I researched this everything I found said you couldn't as well. I know you can build your deny list but that can be time consuming. I do it, but would love to be able to pull block lists that are already compiled. Can you share more info on how to add custom lists to NextDNS? Thanks!
My memory is shit. I was wrong. I've updated my post.
Ahh no worries mate! I do it all the time! 😅
I have been intending to explore other options outside of NextDNS because I want custom block lists. Just means the plan remains the same! Thanks for the update!
A droplet running pihole on digital ocean work?
NextDNS seems cool but it looks like it is for-profit and proprietary software, which is a deal breaker for me. Even if their "free" tier were good for me, for now, the price and my privacy would always be subject to the whims of a company who is going to be trying to get money from me. Fuck that.
I am honestly surprised to see it recommended here on Lemmy. When I first heard of it, I went to their website to see what it's all about. I assumed it would be another self hosted DNS service, not a paid proprietary cloud service.
I wondered if it is astroturfing.
Just to clarify, you don't need to install an app or extension to use AdGuard, you can just use its dns servers. I use their own dns for my phone, so that it works everywhere, but I use my self hosted AdGuard instance at home.
I haven't needed to change anything in the filters yet, but by self hosting, I've got the option if it's ever needed.
Adguard home works great and if you have a supported router it can run on that instead of needing a seperate device.
Also, it looks like they're financially supporting the person/people who compile one of the better blocklists out there (oisd.nl) and that's a plus in my book.
Adguard