The internet is one scary place. Most people wouldn't know that as they go to their favourite website that they have no idea what else is connecting to their device. I have a crazy example: my Samsung Note 10 had most of the requested connections coming all day from Samsung.com.cn and from Baidu.com. I've never been to mainland China so that was an interesting block! Now why do I said block? Personally I block a hell of a lot of traffic with blocklists!
On iOS, we have already reviewed DNSCloak and nextDNS where you can block traffic using blocklists but what about your computer, or better yet, what about your router?
Network-wide blocking is achieved by either DNS - a list of those who leave 'no log info providing' DNS servers can be found below......
.....however, a better and more in depth solution like Pi-hole or Adguard would be best whilst a local solution would be a hostfile.
Let's start with that solution.
What is a hostfile?
Computer file hosts are operating system files that map hostnames to IP addresses. They are plain text files. Originally, a file named HOSTS.TXT was manually maintained and made available via file sharing by the Stanford Research Institute for the ARPANET to it's membership and containing the hostnames and addresses of hosts as contributed for inclusion by member organizations.
The Domain Name System (DNS), first described in 1983 and implemented in 1984, automated the publication process and provided instant hostname resolution across the rapidly expanding network. In modern operating systems, the host's file remains as an alternative name resolution mechanism, configurable as part of facilities offered by such as the Name Service Switch as either the primary method or fallback method.
The beauty of a hostfile is that it can be easy modified on Windows, Linux or Mac.
More recently, however, Windows 10 has made it more difficult to open apps such as administrator but it’s not impossible! Search on your Notepad, then right-click on Notepad in the search results list, and choose to run it as administrator.
Once you’ve done that, open up the following file using the File -> Open feature
After which you can edit as usual once notepad is open.
In this example we will block Facebook. To do this just enter in the following after the # mark.
0.0.0.0 www.facebook.com #suckerberg
Now that you have edited your Hostfile make sure to save it, Facebook should now be blocked on your browser!
On Linux and Mac it is simpler, just open the terminal and type
Sudo nano /etc/hosts
Or if you use vim
Sudo vim /etc/hosts
Add the same format
0.0.0.0 Facebook.com #deletefacebook
Save it and you're free of facebook.com
Now that's probably not the only page you want to block!
Here is a list of great hostlists, copy all the entries to your list and you are golden!
Adguard Simplified - English filter, Social media filter, Spyware filter, Mobile ads filter, EasyList and EasyPrivacy
AdAway - Blocking mobile ad providers and some analytics providers
hpHosts - Ad and Tracking servers only
CHEFKOCH - NSA Blocklist
CHEFKOCH - Canvas font fingerprinting
CHEFKOCH - Audio fingerprinting
CHEFKOCH - Canvas fingerprinting
CHEFKOCH - Trackers
CHEFKOCH - Facebook
StevenBlack - with the fakenews, gambling and social extensions
Google - Blocks all Google domains and services
Facebook & FB - Blocks Facebook and its Apps
Microsoft - Blocks all Microsoft known call home domains
GoodByeAds - Great list of Ads blocked
Yhosts - Great list!
Crimeflare - Cloudflare domains
Android - Android Ads and Tracking
AdGuard Mobile - Mobile Ads
AdGuard Tracking - Tracking domains
Mobile Ads - more mobile ads
AMP Mobile - Google AMP Mobile
EU Cookie - cookie shit list
Energized - Regional
Energized Social - Social Media
Google - International domains
Mobile OISD - Great list!
OISD - Great list
Adobe - Adobe Updates and call home
Samsung - Snooping
Samsung TV - Smart TV
Google - Analytics & more Gshit
Antisocial - No Social Networks
Ads - Advertisements
Crypto - Mining sites
Huawei - Cellphones call home
Fanboy's - Annoyance List
Mobile - Ad Tracker
GoogleVideo - Youtube Ads
Facebook - Zuckestion Killer
Staying on the Phone - You want to download that app
For iOS (used with Pi-hole and Adguard Home)
iOS Paranoid - Blocks most Apple Analytics and requests (Push and App Store works)
Apple & iOS - Apple Telemetary
iOS Ads - Careful might block more as you want! We use it!
AdGuard Safari - Safari Browser Ads
You can also use browser add-ons and traffic filters within the browser. This is a great and easy solution and our list should work on ublock original and uMatrix.
We will write an entire chapter on how to make your browser more secure, and what software you could use to be more private, what add-ons to use etc.
For now lets stick with ublock original and umatrix, both of which allow hostfile lists to filter your traffic.
Bear in mind that the browser solution only blocks requests within the browser whereas a hostfile locally filters them system-wide.
Please remember you can also send your traffic with Firefox over encrypted DNS, some of them even have blocklists already installed!
These lists are even easier, safer and more effective to use in conjunction with a Pi-hole or Adguard Home, best of all you can then monitor what traffic you receive and send, then manually block any errant requests.
And that is why we will be devoting our next chapters of the Privacy Cookbook to exactly these solutions.