undefined | Better HN

0 pointsClumsyPilot3y ago0 comments

> uBlock Origin and other ad blockers

Router based adblockers work well, Flint by GL.net comes with nice UI and adhlock and VPN built in.

Some people complain about its chinese origin but at least I know only 1 government is spying on me - my provider supplies a router with a linux kernel older than this house. There could be an entire ensemble of Trojans partying there

0 comments

Springtime3y ago

Pi-Hole or the adblock package for OpenWRT are probably better examples. GL.Inet routers are already natively supported by OpenWRT (since their firmware are just custom forks) so one can flash them.

ClumsyPilotOP3y ago

They come with OpenWRT already, just have a much nicer UI.

You can still access LUCI openWRT UI if you need advanced features.

If you need a new router, they are a decent choice, better than average performance, no need to flash anything.

Springtime3y ago

Yes, theirs is a custom fork. Only commented about flashing to vanilla OpenWRT in relation to your comment about being spying concerns (and since some, including myself, aren't that comfortable with their remote cloud service built into it).

dcow3y ago

Not with encrypted DNS (DoH and DoT).

withinboredom3y ago

Your router can proxy encrypted DNS (if you have some decent firmware) or you can set up your own DNS server. There are also things like nextdns.io which can do all the work that a pihole does but works outside your home network.

jeroenhd3y ago

I think the point is that some applications will use DoH/DoT/a custom protocol to bypass DNS-based blocklists. It's trivial to run your own DoH/DoT/custom server if you just hardcode the IP into your application.

You can still block those by doing IP-level blocks for known ad domains, but that starts to become a problem if one of those domains are run from a shared cloud host (i.e. Cloudflare etc.) because you will also block legitimate domains.

Most in-app ads and tracking will still use HTTPS so if you use SNI sniffing + certificate validation (to prevent domain fronting) you can still do network level blocks, but that's quite resource intensive, especially at modern internet speeds.

1 more reply

j / k navigate · click thread line to collapse

0 pointsClumsyPilot3y ago0 comments

> uBlock Origin and other ad blockers

Router based adblockers work well, Flint by GL.net comes with nice UI and adhlock and VPN built in.

0 comments

Springtime3y ago

Pi-Hole or the adblock package for OpenWRT are probably better examples. GL.Inet routers are already natively supported by OpenWRT (since their firmware are just custom forks) so one can flash them.

ClumsyPilotOP3y ago

They come with OpenWRT already, just have a much nicer UI.

You can still access LUCI openWRT UI if you need advanced features.

If you need a new router, they are a decent choice, better than average performance, no need to flash anything.

Springtime3y ago

dcow3y ago

Not with encrypted DNS (DoH and DoT).

withinboredom3y ago

jeroenhd3y ago

1 more reply

j / k navigate · click thread line to collapse