Revisiting the Pi-Hole

By Rom Feria I recently updated my Pi-Hole instance to version 4.0, for faster FTLDNS and faster core processing. For those who are not familiar, Pi-Hole is an advert/tracker blocker for your network that runs on a small device like the Raspberry Pi. I use the Pi-Hole, in tandem with Circle with Disney and Firewalla, to protect my home network. Basically, all connections to the internet gets checked by Pi-Hole, and if an ad service, or a tracker, is detected, it prevents the device from connecting to it — leading it to a blackhole. This is similar to how you ad-blocker plug-in works on your browser, but only on a network scale. Discoveries After running it for a couple of months, I have identified the services or URLs that serve adverts, or worse, track you. Here’s a couple of these services, in no particular order: *.imrworldwide.com. This apparently gets accessed frequently by Amazon’s Kindle Fire tablets. The Pi-Hole recorded several servers from the imrworldwide.com domain, but blocking it does not hamper the Kindle Fire’s functionality. I suspect that this serves the ads on the Kindle Fire with Special Offers. I don’t mind the “special offers”, but the frequency that these devices connect to the server is annoying. .logs.roku.com. My Roku box regularly connects to this URL more than 1,000 times a day. device-metrics-us.amazon.com, device-metrics-us-2.amazon.com, amazon-adsystem.com, and data.alexa.com. I have two active Amazon Echo devices, and by design, it phones home. I know when it tries to connect since the Echo will temporarily indicate that it is offline. .crashlytics.com. This is a third-party mobile app analytics service. Normally, you use the service to gather device information when an application crashes. For some reason, it consistently connects to the server, which makes it suspect for doing some other background tasks besides the intended service. ip-api.com, *.mobileapptracking.com, .appboy.com, app-measurement.com, device-api.urbanairship.com, apptimize.com. Similar to crashlytics.com. www.baidu.com. The only Xiaomi device that I have that is constantly online is one of their cameras. googleads.g.doubleclick.net, www.googleadservices.com, .google-analytics.com, pagead2.googlesyndication.com, fonts.googleapis.com, www.googletagservices.com. These Google trackers are blocked, too. Most of these are from browsing websites. ads.nexage.com, z.moatads.com, *.wpdigital.net. Ad trackers. vortex.data.microsoft.com. One of the Kindle Fire tablets running Minecraft connects to Microsoft’s server, even when it is not being used (but online). metrics.icloud.com. This is an Apple service that I blocked. I don’t know what this collects. fbsbx.com. Facebook’s tracker. Summary The Pi-Hole effectively reduced the amount of data that gets sent out to trackers. Firewalla does the same thing, its AdBlocking feature is also turned on. The combination of browser plug-ins, Pi-Hole, Circle and Firewalla, seems to be an effective way to protect my family’s devices on our network. Exception My Macbook Pro does not use the Pi-Hole and Firewalla, but is protected by LittleSnitch (in addition to browser plug-ins uBlock Origin), which blocks all of the domains listed above. In fact, the entire Google.com/Google.com.ph domains are blocked by default. It is unblocked only when I need to use it. And no, no Facebook and Facebook services allowed, too.