Why not run a Pi-hole? You only stand to benefit. Whilst it doesn't address DoH,... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		stirfrykitty on April 10, 2019 \| parent \| context \| favorite \| on: DNS-over-HTTPS Policy Requirements for Resolvers Why not run a Pi-hole? You only stand to benefit. Whilst it doesn't address DoH, it does go a long way in preventing the tracking you mention. It also saves on bandwidth. And because it works at the DNS level, you benefit from the calls not even being made. The Pi-hole can be customized with an endless set of rules to block about any ads, beacons, trackers. Couple this with uBlock Origin, Privacy Badger, Decentraleys, Referer Block, and some creative browser settings (about:config) and you are largely safe from prying eyes. JS can be whitelisted, etc. You have nothing to lose.

Nas808 on April 10, 2019 [–]

You can do both, I have a Pi-Hole running alongside the “Cloudflared” package so Dnsmasq forwards lookups to Cloudflare over DoH.

KitDuncan on April 10, 2019 | [–]

My setup is similar. Pihole with dnssec and dnscrypt-proxy connected to cloudflare. Didn't see a reason to use the cloudflared package instead of dnscrypt-proxy.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact