By Rom Feria
I recently updated my Pi-Hole instance to version 4.0, for faster FTLDNS and faster core processing. For those who are not familiar, Pi-Hole is an advert/tracker blocker for your network that runs on a small device like the Raspberry Pi. I use the Pi-Hole, in tandem with Circle with Disney and Firewalla, to protect my home network.
Basically, all connections to the internet gets checked by Pi-Hole, and if an ad service, or a tracker, is detected, it prevents the device from connecting to it — leading it to a blackhole. This is similar to how you ad-blocker plug-in works on your browser, but only on a network scale.
After running it for a couple of months, I have identified the services or URLs that serve adverts, or worse, track you. Here’s a couple of these services, in no particular order:
*.imrworldwide.com. This apparently gets accessed frequently by Amazon’s Kindle Fire tablets. The Pi-Hole recorded several servers from the imrworldwide.com domain, but blocking it does not hamper the Kindle Fire’s functionality. I suspect that this serves the ads on the Kindle Fire with Special Offers. I don’t mind the “special offers”, but the frequency that these devices connect to the server is annoying.
[tyler|scribe].logs.roku.com. My Roku box regularly connects to this URL more than 1,000 times a day.
ip-api.com, *.mobileapptracking.com, [venetia.iad|dev].appboy.com, app-measurement.com, device-api.urbanairship.com, apptimize.com. Similar to crashlytics.com.
www.baidu.com. The only Xiaomi device that I have that is constantly online is one of their cameras.
googleads.g.doubleclick.net, www.googleadservices.com, [ssl|www].google-analytics.com
ads.nexage.com, z.moatads.com, *.wpdigital.net. Ad trackers.
vortex.data.microsoft.com. One of the Kindle Fire tablets running Minecraft connects to Microsoft’s server, even when it is not being used (but online).
metrics.icloud.com. This is an Apple service that I blocked. I don’t know what this collects.
fbsbx.com. Facebook’s tracker.
The Pi-Hole effectively reduced the amount of data that gets sent out to trackers. Firewalla does the same thing, its AdBlocking feature is also turned on. The combination of browser plug-ins, Pi-Hole, Circle and Firewalla, seems to be an effective way to protect my family’s devices on our network.
My Macbook Pro does not use the Pi-Hole and Firewalla, but is protected by LittleSnitch (in addition to browser plug-ins uBlock Origin), which blocks all of the domains listed above. In fact, the entire Google.com/Google.com.ph domains are blocked by default. It is unblocked only when I need to use it. And no, no Facebook and Facebook services allowed, too.