• Darkassassin07@lemmy.ca
    link
    fedilink
    English
    arrow-up
    43
    arrow-down
    1
    ·
    10 months ago

    Pi-hole blocks ads served by these networks just fine. Never seen an ad in Boost for Lemmy or for Reddit, though I tend to use Jerboa now that I’ve gotten used to it while I was waiting for Boost for Lemmy to release.

    DNS based adblocking like Pihole or Adguard limits you to receiving advertising hosted by the app provider (youtube for example) which is usually better curated than third party advertising networks and less commonly found at all.

    • BoofStroke
      link
      fedilink
      English
      arrow-up
      3
      ·
      10 months ago

      To be truly effective you must also block DoH and DoT. The first can only be done with endpoint lists, since it is https.

      • Darkassassin07@lemmy.ca
        link
        fedilink
        English
        arrow-up
        2
        ·
        10 months ago

        Maybe in comming years, but I’ve never encountered an ad served explicitly through DoH/DoT. It’s certainly possible, just not actually in use yet.

        You can also setup DoH front and back ends for pihole so traffic entering and leaving it is encrypted. When/if it becomes necessary I’ll probably look into https packet inspection using custom Root certs to force clients to use my local DoH services and block other traffic, or look into inspecting the SNI to apply blocking there; but again its just not needed yet and may not be for a long time. We’ll see. I’m sure the pihole/Adguard teams are also investigating solutions.

      • N0x0n@lemmy.ml
        link
        fedilink
        arrow-up
        1
        ·
        10 months ago

        Hey, could you elaborate or send some lecture? I have the upstream quad9 DoH address in adguard. It’s supposed to better encrypt my traffic right? Never saw any ads or strange DNS requests.

        Never heard about ads being inject though DoH or DoT, or did I misunderstood your comment?

        • Darkassassin07@lemmy.ca
          link
          fedilink
          English
          arrow-up
          4
          ·
          10 months ago

          Theoretically an app could use a custom DoH endpoint to retrieve ads instead of the standard dns provided by the system. As this uses purely https without a preceding dns request, pihole/adguard would fail to block it; but it’s just not something currently employed.