|
Marc Clifton wrote: pihole -w settings-win.data.microsoft.com
pihole -w v10.vortex-win.data.microsoft.com
and v20.vortex-win.data.microsoft.com
All addresses I recognize as often being at the top of Pi-Hole's log.
I also use WSUS in a VM, and none of my systems talk directly to MS to get updates. Only those updates I approve (when I approve them) find their way in. Bonus: updates are only downloaded once.
|
|
|
|
|
I tried the first few pi-hole sites using my standard in browser ad blocker + Privacy Badger pairs. In Firefox ABP passed with flying colors. In Chrome with uBlockOrigin one of the sites sprung a few leaks (sleeping should be easy); OTOH because I mostly use chrome in the office for work related sites not general browsing it could just be down to Privacy Badger being much less trained not uBO being less effective. If I remember I'll repeat the test from home tonight where I've got a very well trained Privacy Badger paired with some flavor of uBlock in a chromish browser.
I used to use various out of browser options, both a host list and many years ago and on PC proxy application, but ultimately switched to in browser tools because when things break it was much easier to troubleshoot and repair.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, weighing all things in the balance of reason?
Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful?
--Zachris Topelius
Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies.
-- Sarah Hoyt
|
|
|
|
|
Dan Neely wrote: when things break it was much easier to troubleshoot and repair.
On the few occasions "things break" with Pi-Hole, I just disable it for 5 minutes and do whatever I need during that time period. It's so rare I don't spend the time to try to figure out what went wrong and add it to the whitelist.
|
|
|
|
|
Is Pi-Hole something you download and run? If so, how do you update the blacklisted domain list?
".45 ACP - because shooting twice is just silly" - JSOP, 2010 ----- You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 ----- When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
Full installation on a Linux VM consists of:
curl -sSL https://install.pi-hole.net | bash
The community edits get downloaded on their own - I don't think I ever looked at the frequency at which those edits are made. I do know it gets updates from multiple lists. Updating the software itself to the latest version is also a one-liner:
pihole -up
If you want to add to your own blacklist/whitelist, Pi-hole has an HTML dashboard you can make your edits through with a browser. Though I've never looked into it, I have to imagine there's a way to import from a plain-text hosts file.
|
|
|
|
|
But then the next time you visit that site, you have to turn it off again, which means that it's advertiscum gets to track you every time.
Adding a targeted exception - generally moving some domain from block entirely to only block tracking in Privacy Badger (most adblock related problems are self-inflicted from non-ad related crap blocking rules I manually add affecting something unintended on the site after a redesign) - means that after the single fix they still can't maliciously track me. Also, in the 90% of cases where only the adblocker or privacy badger means that while I'm fixing it only a small minority of the avertiscum are able to get through, not all of them.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, weighing all things in the balance of reason?
Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful?
--Zachris Topelius
Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies.
-- Sarah Hoyt
|
|
|
|
|
Dan Neely wrote: But then the next time you visit that site, you have to turn it off again, which means that it's advertiscum gets to track you every time.
A site I frequently visit that requires advertiser whitelisting will soon turn into a site I no longer frequently visit.
Frankly - it never happens. Maybe that's just my own surfing habits.
|
|
|
|
|
Mine is 620K and it works really well.
|
|
|
|
|
I recently ran into some ad sites that seem to be ignored by the hosts file.
deals.slashdot.org
tracking.deltadefense.com
Happens on both windows and linux boxes.
I even tried clearing the browser cache and (for linux) restarting the network-manager service.
EDIT ======================
Sneaky bastages - I had to view the page's source to get the actual URL of the ad site. Once I did that, and added the domain to the hosts file, it cleared the ads.
".45 ACP - because shooting twice is just silly" - JSOP, 2010 ----- You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 ----- When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
modified 16-Sep-18 13:41pm.
|
|
|
|
|
I do that a lot. It makes for more peaceful surfing.
|
|
|
|
|
I've been using an ad blocker, but I think I'll give the hosts file approach a go.
|
|
|
|
|
someone mentioned pi-hole as another solution.
".45 ACP - because shooting twice is just silly" - JSOP, 2010 ----- You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 ----- When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
Here[^]'s something to get you started
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
"If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.
|
|
|
|
|
That's where I get my hosts file.
".45 ACP - because shooting twice is just silly" - JSOP, 2010 ----- You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 ----- When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
I was going to kill "Useless IoT item of the weekend" after it's hugely successful tour of two items - but then I found this: The World's First Connected Iron.[^]
Ignoring the website design where the text colour fades into the background, and just hope it's the World's Last as well.
Then you get to the price: "more than $1000". Oh, good grief.
Sent from my Amstrad PC 1640
Never throw anything away, Griff
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
Ya see? This kinda crap is why we're running out of IPV4 addresses...
".45 ACP - because shooting twice is just silly" - JSOP, 2010 ----- You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 ----- When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
Not really. We ran out of IPv4 addresses many years before IoT.
And... Nowadays, not very many people have read, while paying attention, RFC 791. IP was designed to be an inter-NET protocol, not an inter-device protocol. Its primary function was to make connections between different kinds of networks, similar to the interconnection of cellular phones and POTS. Each local network would have an "Interface Message Processor" (IMP) - a gateway to other networks. The IMP would have an IP address. We do not have 4.3 billion IMPs, 4.3 billion networks!
The "problem" with the original approach is that the source and destination networks might be quite different, both in protocols, addressing and other aspects. You might have to do some conversion: Continuing the cellular/POTS analogy, you might have to do analog/digigal and digital/analog conversion. For an IP phone, making connections using SIP, the addressing format is an alphanumeric one, distict from the numeric, worldwide POTS/cellular addressing scheme. The Internet is not intended to provide conversion neither between formats nor addresses; it just carries the connect request from one network to another, such as an IMP in a SIP network sending a message to an IMP in a POTS network: I want a connection to POTS phone 012-345-6789. It is up to the POTS IMP to do the addressing within its own network, and to do the A/D-D/A conversions. (Which one of the two IMPs is doing which part of conversion of digital formats could be a negotiation question, but it certainly is not the responsibility of the internet.)
The great advantage of such an internet is exactly the same: It interconnects arbitrarily different networks. The architecture is prepared for all sorts of conversions and mappings, fully respecting the individual nature of different data formats, addressing schemes etc. It doesn't force all communication to be exactly like all other communication.
But in the 1980s, (too) "Simple xxx" was the Word: (too) Simple Mail Transfer Protocol, (too) Trivial File Transfer Protocol, (too) Simple Network Management Protocol. Solutions that couldn't be implemented as a college level homework assignment were rejected. So rather than mapping between addressing domains and converting data formats, everyone said: We'll do everything within the IMP, and forget about that silly local network with its own protocold and formats! We'll let every single computer pretend to be an IMP, a gateway to the local network, but since there is no network there, we don't have to do any address mapping. And we will abandon all fancy, local formats and reduce email to 7-bit ASCII only and use a too SMPT. We'll abandon file system structures and exchange file data by a (too) TFTP,... No conversion work, hooray! No mapping and forwarding work, hooray! Every little computer behaving as a complete network, interfacing with other network, hooray!
THAT is why we have run out of IPv4 addresses.
The funny thing is that we have devised a whole buch of firefighting techniques, in the area of NAT/DHCP/..., for overcoming the 4.3G limits, that really is like you ISP and IP interface acting like an IMP. The only thing is that this is not result of a planned design, just emergency solutions, so you run into a lot of crazy problems. It cannot handle any other address formats, it just maps between IPv4 domains (similar to X.75 mapping between X.25 domains), and it does no address conversion. But it sort of proves that a true inter-NET protocol is needed. If it only had been a properly designed one, not just a buch of firefighting solutions..
|
|
|
|
|
You are the fun guy at parties, ain't you ?
|
|
|
|
|
Don't bother me with facts. They only punch holes in my nature to be a smart-ass.
".45 ACP - because shooting twice is just silly" - JSOP, 2010 ----- You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 ----- When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
Thank you, my wife already has enough weapons to throw at me. Don't need a smart one.
If you can keep your head while those about you are losing theirs, perhaps you don't understand the situation.
|
|
|
|
|
Why would she want to throw a $1,000 iron at you, when a $10 iron would do just as good a job?
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows.
-- 6079 Smith W.
|
|
|
|
|
It is not the same to blame on you $1000 and $10!!!
"The greatest enemy of knowledge is not ignorance, it is the illusion of knowledge". Stephen Hawking, 1942- 2018
|
|
|
|
|
For $1,000 it better lock on to target
|
|
|
|
|
For $1000 it ought to be self driving.
|
|
|
|
|
Self throwing
|
|
|
|
|