‹ Jack's Brain

They’re Watching You (and they see more than you know)

Sep 02, 2018

A couple weekends ago, I install PiHole, a software package that provides DNS blackholing for your local network, and I was shocked.

Some background: DNS (domain name server) is essentially the internet’s phone book. When you type google.com,  your computer first asks a DNS server (run by your internet service provider, Google, Cloudflare, or any other of hundreds of DNS providers) for the website’s IP address. The IP address is how the infrastructure of the web actually knows how to route your request — if google.com is like saying “Dave Smith’s House”, the IP address 216.58.192.14 that corresponds to it is like knowing “123 Main Street, Greenville, South Carolina.

DNS requests are often resolved recursively, meaning that your request first goes to your local network router. If the router doesn’t know the IP offhand (which it might if it’s looked it up recently, called the DNS cache), it will then ask the next DNS provider up the chain (which is usually your internet service provider by default, but could be a different one if you’ve set it).

PiHole runs on any device (originally intended for Raspberry Pi’s, small and cheap (<$20) linux computers, hence the name) and is set up to be the first step of any DNS resolution. All devices check its “phonebook” first, rather than going to the router. Most of these requests the PiHole responds to and/or passes along to the next DNS server. However, PiHole maintains blacklists of a variety of types, and if a DNS request comes in for a domain on a blacklist, the PiHole responds, essentially, “no such number” — the network request never makes it out of your house.

For example, advertisement blacklists serve as a sort of ad-block — no one on my home network ever sees or hears ads on Spotify, etc. Malicious site blacklists stop malware or viruses from communicating. Telemetry blocklists, however, are much more interesting — they block the ability for devices to “phone home” to report your activity on your computer, what websites you browse, what you’re watching on TV (and yes, if you own a smart TV, it’s definitely reporting what you’re watching), and so on.

The amount of data that is passively sent out on your network is staggering.

Click to enlarge image

More than half the data devices on my network try to send out is tracking me. (The above image is solely for my tracking and telemetry blacklists). For example, my Roku, tries to phone home every other second; my Oculus tries multiple times per second.

Privacy is on its way to become cold and dead for all who don’t actively seek to protect it — and it’s always worth a second and third thought if you really need that new smart device! Convenience always has a cost.