From 7db811a1d13e52d598facb37f2a6729d7859f2d5 Mon Sep 17 00:00:00 2001 From: Amolith Date: Tue, 27 Aug 2019 23:52:04 -0400 Subject: [PATCH] modify some dns information --- ...019-07-20-blocking-ads-on-mobile-and-desktop.md | 6 +++--- dns.md | 14 +++++++++++--- privacy-policy.md | 2 +- 3 files changed, 15 insertions(+), 7 deletions(-) diff --git a/_posts/2019-07-20-blocking-ads-on-mobile-and-desktop.md b/_posts/2019-07-20-blocking-ads-on-mobile-and-desktop.md index d1c5c9e..62e9e12 100644 --- a/_posts/2019-07-20-blocking-ads-on-mobile-and-desktop.md +++ b/_posts/2019-07-20-blocking-ads-on-mobile-and-desktop.md @@ -21,12 +21,10 @@ For general browsing, I recommend [uBlock Origin](https://addons.mozilla.org/en- Same as with Firefox, I recommend [uBlock Origin](https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm) and [uMatrix](https://chrome.google.com/webstore/detail/umatrix/ogfcmafjalglgifnmanfmnieipoejdcf) together. Check the bottom for my [configuration](#ublock-origin-configuration) recommendations! ## Safari -Again, I recommend Firefox. If you're stuck on Safari, however, [uBlock Origin](https://safari-extensions.apple.com/details/?id=com.el1t.uBlock-3NU33NW2M3) is available as an extension there as well. There's some general information about who develops it on the main [GitHub repo](https://github.com/gorhill/uBlock#safari-macos). For instructions on installing it, read the related [wiki page](https://github.com/el1t/uBlock-Safari/wiki/Installation-and-Updates). If you do use it over Better (below), check the last section for my uBO [configuration](#ublock-origin-configuration) recommendations. +Again, I recommend Firefox. If you're stuck on Safari, however, [uBlock Origin](https://safari-extensions.apple.com/details/?id=com.el1t.uBlock-3NU33NW2M3) is available as a desktop extension there as well. There's some general information about who develops it on the main [GitHub repo](https://github.com/gorhill/uBlock#safari-macos). For instructions on installing it, read the related [wiki page](https://github.com/el1t/uBlock-Safari/wiki/Installation-and-Updates). If you do use it over Better (below), check the last section for my uBO [configuration](#ublock-origin-configuration) recommendations. You can also use [Better](https://better.fyi/) from [Aral Balkan](https://mastodon.ar.al/@aral). This is probably the . . . *Better* 😏 choice as Safari is known to disable uBlock Origin because it's "too heavy". I don't use macOS or iOS so I don't have any personal experience. I got some suggestions from other people, went through them, and chose two of the better ones. -A close friend of mine is currently testing [AdGuard](https://apps.apple.com/app/apple-store/id1047223162), a free adblocker. I'll update this once she reaches a verdict. - # Mobile Phones are typically more limited than desktops so blocking ads here is a bit more difficult. In the past, the Firefox Android app had support for extensions but, starting with version 70, that will be no more. Other than that, the only decent way is to use VPN or DNS techniques. I prefer Android but I know iOS is also popular so I tried to find some solutions for it as well. @@ -54,3 +52,5 @@ A close friend of mine is currently testing [AdGuard](https://apps.apple.com/app In my opinion, uBO is one of the most powerful adblocking tools there is. It has sane defaults for the new user, the settings are easy to understand nad navigate through, and there are many advanced features for people who know what they're doing. **Protip:** if there's an add on a page that you don't want to see, click the extension icon, then the icon, then find the element you want removed, click it, then click `Create`. That will hide the element in the future 👍 Personally, I recommend enabling the majority of the filter lists. I have all the Built-in lists enabled, Ads, Privacy, Malware domains, Annoyances, and Multipurpose. I've also added my own [hosts file](/hosts.txt) (generated with [`hblock`](https://github.com/hectorm/hblock)) in the custom section. Other than enabling additional lists, my setup is the same as default! + +I also recommend taking a look at a friend of mine's [uBO Recommendations](https://theel0ja.info/ubo-recommendations/). diff --git a/dns.md b/dns.md index 7425e83..391fa26 100644 --- a/dns.md +++ b/dns.md @@ -10,31 +10,36 @@ cover: /assets/pages/dns.png Before going through and setting every device to use my DNS servers, I recommend you read sections 1 - 2 of a [previous post](/blog/dns-and-root-certificates-what-you-need-to-know/#1-what-is-dns-and-why-does-it-concern-you) so you actually understand what's happening and what you're doing. DNS is set up on the same servers as my [Tor exits](/tor-nodes/) so, if you're in a country that actively blocks Tor, you could run into issues unless you use the Anycast IP/hostname. # Features +* Uncensored (the backend is [Unbound](https://en.wikipedia.org/wiki/Unbound_(DNS_server))) +* No logging (see [Privacy Policy](/privacy)) * [Anycast](https://en.wikipedia.org/wiki/Anycast) * [DNS-over-TLS](https://en.wikipedia.org/wiki/DNS_over_TLS) * [QNAME minimisation](https://tools.ietf.org/html/rfc7816) * [DNSSEC validation](https://www.icann.org/resources/pages/dnssec-what-is-it-why-important-2019-03-05-en) -* No logs (see [Privacy Policy](/privacy)) -* Optional adblock w/ [Pi-Hole](https://pi-hole.net/) coming soon™ +* Optional adblock w/ [Pi-Hole](https://pi-hole.net/) using my [hosts.txt](/hosts.txt) # IPs & Hostnames For simplicity's sake, I recommend using the [Anycast](https://en.wikipedia.org/wiki/Anycast) hostname as your primary, the location normally nearest to you as secondary, and a different provider for your tertiary DNS. With Anycast, you'll automatically use the server geographically nearest (the one with the lowest latency) and it will be secured with TLS. For more technical information on Anycast, click the link above. The second Anycast IP address is for plaintext DNS (**not recommended**); everything else is DNS-over-TLS. If you don't know what those are, the next section explains a bit more. Anycast * `uncensored.any.dns.nixnet.xyz` +* `adblock.any.dns.nixnet.xyz` * `198.251.90.114:853` **(DoT)** * `198.251.90.114` **(plaintext)** Las Vegas * `uncensored.lv1.dns.nixnet.xyz` +* `adblock.lv1.dns.nixnet.xyz` * `209.141.34.95:853` **(DoT)** New York * `uncensored.ny1.dns.nixnet.xyz` +* `adblock.ny1.dns.nixnet.xyz` * `199.195.251.84:853` **(DoT)** Luxembourg * `uncensored.lux1.dns.nixnet.xyz` +* `adblock.lux1.dns.nixnet.xyz` * `104.244.78.231:853` **(DoT)** After setting them, you can test your connection with [ipleak.net](https://ipleak.net). If you have JavaScript enabled, the line below will tell you which server you'll connect to with Anycast at the moment. If you travel a lot, that server will change depending on your location. @@ -48,7 +53,10 @@ I recommend setting fallbacks with other providers (such as [Lelux.fi's](https:/ The best thing to do, in my opinion, is set your DNS at the OS level with [Stubby](https://wiki.archlinux.org/index.php/Stubby) or [Unbound](https://wiki.archlinux.org/index.php/Unbound), for example, and not at the application level i.e. with Firefox's DoH implementation. For more information about configuring custom DNS servers on various devices, read the related [blog post](/blog/setting-dns-on-mobile-and-desktop/). -Until I get adblocking DNS set up, take a look at my post on blocking ads [locally](/blog/blocking-ads-on-mobile-and-desktop/). There are solutions for most™ devices and none of the guides are *particularly* difficult to implement. +If you don't want to use DNS for blocking ads, take a look at my post on doing it [locally](/blog/blocking-ads-on-mobile-and-desktop/). There are solutions for most™ devices and none of the guides are *particularly* difficult to implement. + +# "Source" +All the software running the backend is open source so the configs are really the only unique parts about my setup. They can be found at [NixNet/dns](https://git.nixnet.xyz/NixNet/dns) on my Gitea instance. If you have any questions, simply [contact me](/contact) somewhere!