Tools which protect our privacy. Post your tools / ways you are using and opinions.

Discussion in 'Serious Discussion' started by Yen, Jul 23, 2013.

  1. nodnar

    nodnar MDL Expert

    Oct 15, 2011
    1,226
    955
    60
    not so very weird, when you know that those phones were sold as non-hackable,
    to crooks, and priced accordingly..said crooks used them to discuss illegal
    movement through customs, and the cops listened in on it, they plucked some
    record-breaking shipments from rotterdam and antwerp harbors..
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. Tiger-1

    Tiger-1 MDL Guru

    Oct 18, 2014
    6,826
    8,413
    210
    Hi @nodnar, well here I'm using only Adguard Premium + good sense when using the web, no problem in many years...:)
     
  3. nodnar

    nodnar MDL Expert

    Oct 15, 2011
    1,226
    955
    60
    hi @Tiger-1 , i am using the ultimate privacy protection; no dumbphone. [ saves lots of money too..];)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. Scr4tch

    Scr4tch MDL Junior Member

    Jan 29, 2017
    88
    16
    0
    LineageOS.
     
  5. nodnar

    nodnar MDL Expert

    Oct 15, 2011
    1,226
    955
    60
    nah. We take security very seriously: that’s why we deliver security updates every month
    as bad as m$..:D
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. moon510

    moon510 MDL Junior Member

    May 10, 2007
    77
    41
    0
    Hello,
    I am using following tools and methods:
    - Firefox web browser
    - Privacy badger Addon for Firefox
    - Adguard Addon for Firefox

    - I edited hosts file and put these entries:
    127.0.0.1 telecommand.telemetry.microsoft.com #MS Spying block
    127.0.0.1 telecommand.telemetry.microsoft.com.nsatc.net #MS Spying Block
    127.0.0.1 oca.telemetry.microsoft.com #MS Spying Block
    127.0.0.1 oca.telemetry.microsoft.com.nsatc.net #MS Spying Block
    127.0.0.1 sqm.telemetry.microsoft.com #MS Spying Block
    127.0.0.1 sqm.telemetry.microsoft.com.nsatc.net #MS Spying Block
    127.0.0.1 watson.telemetry.microsoft.com #MS Spying Blocik
    127.0.0.1 watson.telemetry.microsoft.com.nsatc.net #MS SPying Block
    127.0.0.1 redir.metaservices.microsoft.com #MS Spying Block
    127.0.0.1 choice.microsoft.com #MS Spying Block
    127.0.0.1 choice.microsoft.com.nsatc.net #MS Spying Block
    127.0.0.1 df.telemetry.microsoft.com #MS SPying Block
    127.0.0.1 reports.wes.df.telemetry.microsoft.com #MS Spying Block
    127.0.0.1 wes.df.telemetry.microsoft.com #MS Spying Block
    127.0.0.1 services.wes.df.telemetry.microsoft.com #MS Spying Block
    127.0.0.1 sqm.df.telemetry.microsoft.com #MS Spying Block
    127.0.0.1 telemetry.microsoft.com #MS Spying Block
    127.0.0.1 watson.ppe.telemetry.microsoft.com #MS Spying block
    127.0.0.1 telemetry.appex.bing.net #MS Spying Block
    127.0.0.1 telemetry.urs.microsoft.com #MS SPying Block
    127.0.0.1 telemetry.appex.bing.net:443 #MS Spying Block
    127.0.0.1 settings-sandbox.data.microsoft.com #MS Spying Block
    127.0.0.1 vortex-sandbox.data.microsoft.com #MS Spying Block
    127.0.0.1 survey.watson.microsoft.com #MS Spying Block
    127.0.0.1 watson.live.com #MS Spying Block
    127.0.0.1 watson.microsoft.com #MS Spying Block
    127.0.0.1 statsfe2.ws.microsoft.com #MS Spying Block
    127.0.0.1 corpext.msitadfs.glbdns2.microsoft.com #MS Spying Block
    127.0.0.1 compatexchange.cloudapp.net #MS Spying Block
    127.0.0.1 cs1.wpc.v0cdn.net #MS Spying Block
    127.0.0.1 a-0001.a-msedge.net #MS Spying Block
    127.0.0.1 statsfe2.update.microsoft.com.akadns.net #MS Spying Block
    127.0.0.1 sls.update.microsoft.com.akadns.net #MS Spying Block
    127.0.0.1 fe2.update.microsoft.com.akadns.net #MS Spying Block
    127.0.0.1 corp.sts.microsoft.com #MS Spying Block
    127.0.0.1 statsfe1.ws.microsoft.com #MS Spying Block
    127.0.0.1 pre.footprintpredict.com #MS Spying Block
    127.0.0.1 i1.services.social.microsoft.com #MS Spying Block
    127.0.0.1 i1.services.social.microsoft.com.nsatc.net #MS Spying Block
    127.0.0.1 feedback.windows.com #MS Spying Block
    127.0.0.1 feedback.microsoft-hohm.com #MS Spying Block
    127.0.0.1 feedback.search.microsoft.com #MS Spying Block
    127.0.0.1 rad.msn.com #MS Spying Block
    127.0.0.1 preview.msn.com #MS Spying Block
    127.0.0.1 ad.doubleclick.net #Google Adsense
    127.0.0.1 ads.msn.com #MS Spying Block
    127.0.0.1 ads1.msads.net #MS Spying Block
    127.0.0.1 ads1.msn.com #MS Spying Block
    127.0.0.1 a.ads1.msn.com #MS Spying Block
    127.0.0.1 a.ads2.msn.com #MS Spying Block
    127.0.0.1 adnexus.net #MS Spying Block
    127.0.0.1 adnxs.com #MS Spying Block
    127.0.0.1 az361816.vo.msecnd.net #MS Spying Block
    127.0.0.1 az512334.vo.msecnd.net #MS Spying Block
    #127.0.0.1 www.facebook.com
    127.0.0.1 pagead2.googlesyndication.com #Google adsense
    127.0.0.1 pagead.googlesyndication.com #Google Adsense

    I also changed DNS server in my Home Gateway to Adguard DNS addresses:

    Setup guide

    - Fvery once in a while I use VPN service to download something ...

    and that's it.
     
  7. Scr4tch

    Scr4tch MDL Junior Member

    Jan 29, 2017
    88
    16
    0
    What you mean by that? Its basically the best mobile-system you can get so far.. :confused:

    I remember I had a phone with default google bloatware 5 years older than current LAOS, what I flashed on it, for example.
     
  8. case-sensitive

    case-sensitive MDL Expert

    Nov 7, 2013
    1,060
    422
    60
    @ HOST file ...... where did you get it ? ---- > ?

    127.0.0.1 localhost
    ::1 localhost
    0.0.0.0 fr.a2dfp.net
    0.0.0.0 mfr.a2dfp.net
    0.0.0.0 ad.a8.net
    0.0.0.0 asy.a8ww.net
    0.0.0.0 static.a-ads.com
    0.0.0.0 abcstats.com
    0.0.0.0 track.acclaimnetwork.com
    0.0.0.0 csh.actiondesk.com
    0.0.0.0 ads.activepower.net
    0.0.0.0 app.activetrail.com
    0.0.0.0 ad2games.com
    0.0.0.0 adadvisor.net
    0.0.0.0 www.adchimp.com
    0.0.0.0 pixel.adcrowd.com

    for example ?
     
  9. case-sensitive

    case-sensitive MDL Expert

    Nov 7, 2013
    1,060
    422
    60
    #429 case-sensitive, Nov 13, 2021
    Last edited: Nov 13, 2021
    My opinion ......... untill someone shows me better :) ---- >

    Theres not much point in haveing ' blocks ' on your computer ..........especialy in your browser AND in the HOST file ...... better is either an IP block list on your router ........... if it hasnt got one get firmware for your router wich has one ........... or use a raspberry pi as a router ......... with a pi hole = You decde what gets into and out of your computer .

    There was a new raspberry pi operating system released a few days ago .......... and theres speculation that they're about to release another newer version soon = Raspberry pi 5 .
     
  10. moon510

    moon510 MDL Junior Member

    May 10, 2007
    77
    41
    0
    If you ask me, I don't remember. I am not sure, maybe even on this forum.
     
  11. moon510

    moon510 MDL Junior Member

    May 10, 2007
    77
    41
    0
    @case-sensitive

    I agree. But I added these tools at different times so I left them in place. Nothing to lose! ;)
     
  12. case-sensitive

    case-sensitive MDL Expert

    Nov 7, 2013
    1,060
    422
    60
    I ment in that host file there is ...... for example

    127.0.0.1 telecommand.telemetry.microsoft.com

    i think it should be

    0.0.0.0 telecommand.telemetry.microsoft.com

    Wich means to me that that list is old / out of date ......... in ublock origin theres a list of different up to date IP block lists ........... @ other sources .......... for example ..... https://github.com/crazy-max/WindowsSpyBlocker/tree/master/data
     
  13. case-sensitive

    case-sensitive MDL Expert

    Nov 7, 2013
    1,060
    422
    60
    @ Lists ---- >

    AdAway is an open source ad blocker for Android using the hosts file.
    https://raw.githubusercontent.com/AdAway/adaway.github.io/master/hosts.txt

    EasyList
    https://easylist-downloads.adblockplus.org/easylist_noelemhide.txt

    EasyList China
    https://easylist-downloads.adblockplus.org/easylistchina.txt

    RU AdList
    https://easylist-downloads.adblockplus.org/advblock.txt

    Peter Lowe's Ad and tracking server list
    https://pgl.yoyo.org/adservers/serverlist.php?hostformat=nohtml

    Spam404
    https://raw.githubusercontent.com/Spam404/lists/master/main-blacklist.txt

    Malvertising filter list by Disconnect
    https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt

    Ads filter list by Disconnect
    https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt

    Basic tracking list by Disconnect
    https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt

    KAD host file (fraud/adware) without controversies
    https://raw.githubusercontent.com/P...sts/master/KADhosts_without_controversies.txt

    BarbBlock list (spurious and invalid DMCA takedowns)
    https://paulgb.github.io/BarbBlock/blacklists/domain-list.txt

    Dan Pollock's hosts list
    https://someonewhocares.org/hosts/hosts

    NoTracking's list - blocking ads, trackers and other online garbage
    https://raw.githubusercontent.com/n...r/dnscrypt-proxy/dnscrypt-proxy.blacklist.txt

    NextDNS CNAME cloaking list
    https://raw.githubusercontent.com/nextdns/cname-cloaking-blocklist/master/domains

    AdGuard Simplified Domain Names filter
    https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt

    Geoffrey Frogeye's block list of first-party trackers - https://hostfiles.frogeye.fr/
    https://hostfiles.frogeye.fr/firstparty-trackers.txt

    CoinBlockerLists: blocks websites serving cryptocurrency miners - https://gitlab.com/ZeroDot1/CoinBlockerLists/ - Contains false positives
    https://gitlab.com/ZeroDot1/CoinBlockerLists/raw/master/list_browser.txt

    Websites potentially publishing fake news
    https://raw.githubusercontent.com/marktron/fakenews/master/fakenews

    Quidsup NoTrack Blocklist - Contains too many false positives to be enabled by default
    https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-blocklist.txt

    Quidsup Malware Blocklist - Contains too many false positives to be enabled by default
    https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-malware.txt

    AntiSocial Blacklist is an extensive collection of potentially malicious domains
    https://theantisocialengineer.com/AntiSocial_Blacklist_Community_V1.txt

    Steven Black hosts file
    https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts

    A list of adserving and tracking sites maintained by @anudeepND
    https://raw.githubusercontent.com/anudeepND/blacklist/master/adservers.txt

    Anudeep's Blacklist (CoinMiner) - Blocks cryptojacking sites
    https://raw.githubusercontent.com/anudeepND/blacklist/master/CoinMiner.txt

    Block Spotify ads
    https://gitlab.com/CHEF-KOCH/cks-filterlist/-/raw/master/Anti-Corp/Spotify/Spotify-HOSTS.txt

    ##Spark < Blu Go < Blu < Basic < Ultimate
    ##(With pornware blocking) Porn < Unified
    Energized Ultimate
    https://block.energized.pro/ultimate/formats/domains.txt

    Energized Basic
    https://block.energized.pro/basic/formats/domains.txt

    Energized BLU
    https://block.energized.pro/blu/formats/domains.txt

    OISD.NL - Blocks ads, phishing, malware, tracking and more. WARNING: this is a huge list.
    https://dbl.oisd.nl/

    OISD.NL (smaller subset) - Blocks ads, phishing, malware, tracking and more. Tries to miminize false positives.
    https://hosts.oisd.nl/basic/

    Captain Miao ad list - Block ads and trackers, especially Chinese and Android trackers
    https://raw.githubusercontent.com/jdlingyu/ad-wars/master/sha_ad_hosts

    Phishing Army - https://phishing.army/
    https://phishing.army/download/phishing_army_blocklist.txt

    Block pornography
    https://raw.githubusercontent.com/Clefspeare13/pornhosts/master/0.0.0.0/hosts
    https://raw.githubusercontent.com/Sinfonietta/hostfiles/master/pornography-hosts
    https://raw.githubusercontent.com/cbuijs/shallalist/master/porn/domains
    https://raw.githubusercontent.com/olbat/ut1-blacklists/master/blacklists/adult/domains
    https://block.energized.pro/porn/formats/domains.txt
    https://raw.githubusercontent.com/mhxion/pornaway/master/hosts/porn_sites.txt

    Block gambling sites
    https://raw.githubusercontent.com/Sinfonietta/hostfiles/master/gambling-hosts
    https://raw.githubusercontent.com/olbat/ut1-blacklists/master/blacklists/gambling/domains

    Block dating websites
    https://raw.githubusercontent.com/olbat/ut1-blacklists/master/blacklists/dating/domains

    Block social media sites
    https://raw.githubusercontent.com/Sinfonietta/hostfiles/master/social-hosts
    https://block.energized.pro/extensions/social/formats/domains.txt
    https://raw.githubusercontent.com/olbat/ut1-blacklists/master/blacklists/social_networks/domains

    Goodbye Ads - Specially designed for mobile ad protection
    https://raw.githubusercontent.com/jerryn70/GoodbyeAds/master/Hosts/GoodbyeAds.txt

    NextDNS BitTorrent blocklist
    https://raw.githubusercontent.com/nextdns/bittorrent-blocklist/master/domains

    Block spying and tracking on Windows
    https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/dnscrypt/spy.txt

    GameIndustry.eu - Block spyware, advertising, analytics, tracking in games and associated clients
    https://www.gameindustry.eu/files/hosts.txt
     
  14. gorski

    gorski MDL Guru

    Oct 21, 2009
    4,722
    1,259
    150
    There are many ways to skin a cat...

    @Yen told us about Pi as firewall and host file etc.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  15. vladnil

    vladnil MDL Senior Member

    Jan 19, 2019
    301
    222
    10
    case-sensitive
    This match is taken from pfBlocker
    Do you have paylists?
    or the private ones, who separately compiled?

    PS:(We need to extend protection to the institution!
    Children watch all kinds of trash on the Internet and pick up contagion.)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  16. case-sensitive

    case-sensitive MDL Expert

    Nov 7, 2013
    1,060
    422
    60
  17. vladnil

    vladnil MDL Senior Member

    Jan 19, 2019
    301
    222
    10
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  18. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    12,610
    13,256
    340
    #438 Yen, Nov 15, 2021
    Last edited: Nov 15, 2021
    (OP)
    Adaway only runs on rooted devices since host files are stored at a place where you cannot write as user.
    The only way to do it anyway is to introduce a host list via virtual VPN.

    Tools as blokada and adguard are using that. The only issue with that is that you only can establish one VPN connection, so it is used already by those tools.

    Another way to get your entire network free of ads is to use a DNS service which already has a block list.

    This is a German project and I trust it.
    https://dnsforge.de/

    And there is another one:
    https://blahdns.com/

    You can use adguard server without using their app:
    https://adguard-dns.com/en/public-dns.html
    Go to "Our server addresses" there.


    You can use this like:

    Globally: Just config your router at home using that DNS. You can even use encrypted DNS over TLS or DNS over HTTPS.

    Or on a Android device.

    How to get any Android device ad-free within seconds:

    Go to your settings and search for 'private DNS' (since Android 9.)
    It uses DNS-over-TLS.

    So enter there the URL for DNS-over-TLS for instance dnsforge.de or dot-ch.blahdns.com (Switzerland server) or dot-sg.blahdns.com (Singapore server)
    Save the settings.

    And voila, the device is add free, you are using an encrypted way to a DNS and you resolve any URL over there and not at your ISP.



    Additionally yes I have my pi-hole running at home.

    I trust this global list:
    https://v.firebog.net/hosts/lists.php?type=tick

    The host lists in there are up to date and do only block 'generic stuff'.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  19. case-sensitive

    case-sensitive MDL Expert

    Nov 7, 2013
    1,060
    422
    60
    #439 case-sensitive, Nov 15, 2021
    Last edited: Nov 15, 2021
    >This is a German project and I trust it.

    >Getreu dem Motto "Vertrauen ist gut, Kontrolle ist besser" :)


    @ Problems ---- >

    1 - Trust :)

    2 - coded DNS ......... theres to many and maybe conflicting possibilitys
    .
    In some routers theres a coded DNS option

    In firefox theres a coded option

    Are they the same ? Conflicting ?

    3 - DNS crypt says that DNS over HTTPS isnt as safe as DNS Crypt = More confusion = Wich possibility /s are the best / safest / less dangerous ?

    4 - Pi hole is different than DNS Crypt ....... wich is better / safer / less risk ?

    5 - Personaly , myself , in my ' life ' , for me , alone and on my own ........... I like things simple :) ...... and iI like things in my hands as far as possible .......... and trust is a dirty word :) .......... the word filter here should write TxxxT :)


    6 - Their list for our list of lists :) ------ >

    https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
    https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt
    https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
    https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
    https://justdomains.github.io/blocklists/lists/easylist-justdomains.txt
    https://justdomains.github.io/blocklists/lists/easyprivacy-justdomains.txt
    https://justdomains.github.io/blocklists/lists/adguarddns-justdomains.txt
    https://justdomains.github.io/blocklists/lists/nocoin-justdomains.txt
    https://adaway.org/hosts.txt
    https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-blocklist.txt
    https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt
    https://dbl.oisd.nl/basic/
    https://blocklistproject.github.io/Lists/ads.txt
    https://blocklistproject.github.io/Lists/malware.txt
    https://blocklistproject.github.io/Lists/phishing.txt
    https://blocklistproject.github.io/Lists/ransomware.txt
    https://blocklistproject.github.io/Lists/tracking.txt
     
  20. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    12,610
    13,256
    340
    #440 Yen, Nov 15, 2021
    Last edited: Nov 15, 2021
    (OP)

    Trust. But rightly. :)

    You need a DNS service. So usually you trust your ISP. When you go to Vodafone you use their DNS. When you go to 1&1 (united Internet) you use their DNS.

    They have logging for sure! And they store it for sure, so they know EVERY site you have called. And Vodafone for instance once censored torrentsite without court order! https://torrentfreak.com/vodafone-blocks-two-pirate-streaming-sites-without-a-court-order-181221/

    So I rather trust dnsforge than ISPs such as Vodafone!!!
    And they have published their server setup:
    https://adminforge.de/dns/eigenen-dot-doh-dns-resolver-betreiben/

    You can setup your DNS entry at the router. Then any client behind it gets told it and uses this DNS.
    Or you can setup your network adapter at the OS. Then the OS is using it.

    Or you can setup the DNS at an app such as a browser, so only the app / browser is using it then.

    You can query the DNS plainly or encrypted. It doesn't matter if DNS-over-TLS (DoT) or DNS-over-HTTP (DoH)....
    The issue is that they (ISP) log your queries..and they could refuse to resolve a certain domain..or even redirect it....

    When you have running an own DNS (unbound to pi-hole) at home you can use plain DNS because the query is made over home network.

    And there is DNSSEC. This is useful to have signed servers. The DNS should support it.

    And here you can test it for leaks and if it's working properly.

    Here: https://dnsleaktest.com/
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...