How do you filter ads and trackers outside of a browser while still using a VPN service? (lemmy.world)

submitted 2 days ago by TheTwelveYearOld@lemmy.world to c/privacy@lemmy.ca

7 comments fedilink hide all child comments

This is straightforward with browser addons like uBlock Origin where you can add and choose blocklists, but I did searches for doing so system wide and using a VPN but didn’t find clear answers. I could use a DNS service that provides blocklists but isn’t it best practice to leave DNS to the VPN provider? I looked up blocklists and VPNs but didn’t find relevant results.

On Android, I didn’t find any apps that let you filter blocklists and using your own VPN other than Rethink, but the blocklists feature requires using Rethink’s DNS.

So what’s the best way to filter ads and trackers on both 3rd party apps and on OS’s like Android (specific Samsung phones) while still using a VPN?

all 8 comments

sorted by: hot top controversial new old

[-] Showroom7561@lemmy.ca 2 points 1 day ago

Adguard can work with adguard VPN to provide adblocking through the VPN. This applies to Android and Windows, and maybe even iOS versions.

With other VPNs, I've used some with their own adblocker, but they aren't nearly as good at filtering.

[-] cyberpunk007@lemmy.ca 2 points 1 day ago

The DNS config is really a totally separate piece from your Honeypot. Sorry, I mean your vpn.

You can use whatever DNS service you wish, or better yet set up your own with pihole or zenarmor or something like that.

[-] sugar_in_your_tea@sh.itjust.works 2 points 2 days ago

You could set up a PiHole on your local network, and have the VPN's DNS be secondary.

[-] Pixel@lemmy.ca 1 points 2 days ago

Wouldn't that still leak your DNS? I guess that's not a big deal if you don't care about timing correlation attacks.

[-] sugar_in_your_tea@sh.itjust.works 2 points 2 days ago

Why would it? The PiHole would be on your local network, so it would never need to go past your router. So the request itself would be private, what matters is what you do with the response. Theoretically, the PiHole would only give responses for things it'll block (usually directing it to localhost or something), and have no response for everything else (check your configs).

So if you get a response from the PiHole, you route the request locally, which does nothing. If you don't get one, you'll check the secondary DNS, which is provided by the VPN service.

You should certainly confirm this before completely trusting it, but it should work fine.

[-] girsaysdoom@sh.itjust.works 1 points 2 days ago

On a rooted phone, you could edit your /etc/hosts file with a list of blocked domains. Outside of that, I'm not aware of any way to have a filtering app and a VPN app at the same time.

Alternatively, you could try hosting a DNS server that doesn't resolve the domains you want blocked, like a pihole server. Some VPN apps allow you to use your own DNS and if you're feeling up for it, there's apparently even a way to run a local DNS server using dnsmasq on your phone mentioned in this link.

[-] AnotherDirtyAnglo@lemmy.ca 1 points 2 days ago

Essentially, you outsource the blocking to your VPN server in that scenario. You can have a blocklist of advertisers, trackers, or bad-behaviour like SSH/HTTPS scans, etc. You would generally download a list of misbehaving netblocks and block them on your firewall, then download a list of known-bad domain names, and block them from being resolved by DNS (i.e. just return 127.0.0.1, which is your local device, which always fails)

this post was submitted on 16 Sep 2024

14 points (100.0% liked)

privacy

2892 readers

45 users here now

Big tech and governments are monitoring and recording your eating activities. c/Privacy provides tips and tricks to protect your privacy against global surveillance.

Partners:

community.nicfab.it/c/privacy

founded 2 years ago

MODERATORS

QuentinCallaghan@sopuli.xyz

Kokomheart@lemmy.ca

altair222@beehaw.org