Post · BT Free Social

Post

Over the weekend I got Pi-hole up and running (first time user), and it sure is eye-opening seeing what your devices are up to.

The screenshot that's all red, for example, is my Samsung smart TV, which is constantly talking to Netflix (and other domains, even when using my PC and not interacting with the "smart hub".) I haven't opened the Netflix app in at least two weeks.

The other one all in green (allowed for now), is my Echo Dot with Alexa. That thing is talking to Amazon constantly...

Dark-themed log table showing timestamps, green status icons, record type "A", and domain names (api.amazon.com, various aws.dev diagnostic networking hostnames, cloudfront.net, msh.amazon.com, api.amazonalexa.com).

Table-like dark interface showing repeated timestamped DNS entries (2026-01-04 with times from 21:20:10 to 21:22:16) with columns for a red blocked symbol, record TYPE (A or AAAA), and DOMAIN (logs.netflix.com).

Jason Evangelho 🐧🎒

@killyourfm@layer8.space replied · 6 days ago

Suffice to say, it's time to ditch Alexa and bump Home Assistant a little higher on the priority tree of things to get set up.

Bonus points if I can "dumb-ify" my Samsung TV somehow.

Greg Bell

@ferrix@mastodon.online replied · 6 days ago

@killyourfm @phillycodehound unsmarting a tv should be as simple as not telling it the right wifi details, yeah?

fall3nsun🌄🐧

@pepdmin@fedi.local.hasel.cloud replied · 6 days ago

@ferrix @killyourfm @phillycodehound Also interested in dumbifying a smart TV as my Sony Smart-TV got ever more sluggish with every passing Android TV-Update. Though I fear that simply turning off the unterwegs wollte solve that issue.

Himmelssohn

@himmelssohn@social.adlerhorst.net replied · 6 days ago

@killyourfm
I keep on hearing about home automation a lot. Please help me understand why that's a useful thing. I live in a rented apartment, so I wouldn't come to upgrade any hardware in my home.

bazzete

@bezet234@mastodon.social replied · 6 days ago

@himmelssohn @killyourfm
Home assistant is more like your central brain for your home and not only about automation. You can implement all your smart devices into it, sure you can have smart light switches or bulbs or whatever but you can also control media play on speakers or TV, display your calendar, implement local voice assistants (also cloud based of course) and a lot more. If you like tinkering, your imagination is basically the limit and all can be achieved locally/privacy respecting.

Jason Evangelho 🐧🎒

@killyourfm@layer8.space replied · 6 days ago

@himmelssohn Well, my current level of home automation is only lights and smart plugs right now (I'm renting too). More of a convenience factor than anything else.

I like having things all wired up for certain routines (outside lights going on at sunset/off at sunrise, changing to soft blue lights and dimming things in the evening, having my old-school component stereo system on a smart plug to make sure they're off at night, etc).

Veronica Explains

@vkc@linuxmom.net replied · 6 days ago

@killyourfm LMK if you want help dumb-ifying the TV, I've done a bit of that recently (LibreELEC on a NUC is a great thing).

Billy O'Neal

@malwareminigun@infosec.exchange replied · 6 days ago

@killyourfm @catsalad I'm.... not sure what one was expecting an Echo device to do other than talk to Amazon constantly?

Jason Evangelho 🐧🎒

@killyourfm@layer8.space replied · 6 days ago

@malwareminigun @catsalad Fair. But for me, I guess SEEING IT visualized like this drives home how awful it is.

Billy O'Neal

@malwareminigun@infosec.exchange replied · 6 days ago

@killyourfm That's fair. It's one of the reasons I don't have those 👍

Jason Evangelho 🐧🎒

@killyourfm@layer8.space replied · 6 days ago

@malwareminigun Yea. Getting Home Assistant set up is HIGH on my list now.

dexternemrod

@dexternemrod@troet.cafe replied · 6 days ago

@killyourfm
If the application can't phone home they will try it repeadetly in short rhythms. So you will see more tries compared to an unblocked environment. Still, your observation is correct and shows how annoying those apps try to get your data.

C++ Wage Slave

@CppGuy@infosec.space replied · 6 days ago

@killyourfm

Congratulations on getting #PiHole set up. As you say, it's a real eye-opener. I've kitted mine out with a selection of lists from the Blocklist Project:

https://github.com/blocklistproject/Lists

I've also installed #Blokada on my phone. It protects me from some of the background chatter of nosy apps, especially when I'm away from home and don't get the benefit of the Pi-Hole.

GitHub

GitHub - blocklistproject/Lists: Primary Block Lists

Primary Block Lists. Contribute to blocklistproject/Lists development by creating an account on GitHub.

Johan Sköld

@rhoot@mastodon.gamedev.place replied · 7 days ago

@killyourfm the worst part is pi-hole may not even be enough to see all of it, depending on what devices you have. I've personally had at least two devices that hard coded Google DNS as their DNS server and only used the one obtained from DHCP if Google DNS was unreachable. The only reason I found out was that I had blocked outgoing packets to Google DNS in the firewall.

chronophage

@chronovore@infosec.exchange replied · 7 days ago

@killyourfm Hey! I too set up a pi-hole recently. Also seeing the netflix shenanigans and it's mind bending, 10K requests blocked and the next highest was around 200.

But more importantly wanted to share some advice someone gave me - when you get a moment to find an alternative storage media for the OS, since the SD card can get fried relatively quickly with all the R/W operations.

Jason Evangelho 🐧🎒

@killyourfm@layer8.space replied · 6 days ago

@chronovore I appreciate the advice! That makes a lot of sense.

I'm actually running my instance on my NAS (TrueNAS) with the OS installed to an NVMe drive.

Jiří Eischmann

@sesivany@social.vivaldi.net replied · 7 days ago

@killyourfm Coincidentally I wrote a blog post about AdGuard Home (Pi-hole alternative) yesterday: https://blog.eischmann.cz/2026/01/04/adguard-home-domaci-ochrana-nejen-pred-reklamou/ (in Czech, but GT works well on it)
I've also noticed how much the Netflix apps call home. Glad it's blocked now.

stigatle

@stigatle@activitypub.taildad4ee.ts.net replied · 7 days ago

I have this on my to-do list..
Got the pi and all that, just have to get things installed.

I have 2 kids in the house, and one of them needs some stricter filtering, and this seems like a great way to set that up.

GreatLakeTrout

@greatlaketrout@noc.social replied · 7 days ago

@killyourfm Good for you. I have used Pihole from time to time over the years. I have set it up around 5 seperate times. I usually throw it on a raspberrypi but sometimes I put it on a VM on my server. The basic setup is not too bad, I almsot always setup it as a recurssive DNS resolver and that takes a minute.

Campbell Jones

@serebit@floss.social replied · 7 days ago

@killyourfm How hard was it to set up? I'd like to do the same eventually.

Whatisgoingon

@themipper@mastodon.social replied · 7 days ago

@killyourfm It is crazy how much they are tracking with these things.

I am running pi-hole for a couple of months now and am still baffled by the numbers.

In the last 30 days 50% of all requests (100k) are being blocked by pi-hole. 60% of the blocked requests are coming from one Smart-TV.

At the moment the TV and HDMI works but it is not able to load the ads and tracking ridden main menu.

In comparison my main desktop with linux, vivaldi and ublock origin had 89 requests blocked.

Jason Evangelho 🐧🎒

@killyourfm@layer8.space replied · 7 days ago

@themipper That's absolutely bananas about your Smart TV!

Question: Do you have Vivaldi already blocking tracking and ads, or do you let Pihole handle all of that?

Whatisgoingon

@themipper@mastodon.social replied · 7 days ago

@killyourfm I have all of them in full blocking mode. Vivaldi, UBlock and Pi-Hole.

UBlock tells me that it blocked 6% of 192k requests since being installed (6+ months).
So I assume that Vivaldi is doing the main work in blocking things.

Jason Evangelho 🐧🎒

@killyourfm@layer8.space replied · 7 days ago

Also, I immediately switched to the included L-CARS interface, because of course I did.

Dashboard screenshot of a Pi-hole web interface that resembles the Star Trek: The Next Generation L-CARS UI showing statistics: total queries (20,762), queries blocked (4,497, 21.7%), domains on lists (142,281), time-series graphs for total queries and client activity, and donut charts for query types and upstream servers.

GarretSidzaka

@GarretSidzaka@mastodon.social replied · 6 days ago

@killyourfm
Gotta have your LCARS. You know what's funny IMO?
People (including me) are running containerized pi-hole. What's funnier to me? I've seen it being used as DNS servers in cloud architectures.... Lol it's a damn good DNS server! You don't have a lot of options when choosing DNS servers!

Myosotis Scanlations

@myosotis_scans@sakurajima.moe replied · 7 days ago

@killyourfm Similar experience here, about 33% of DNS requests blocked because they're on some filters. Some bastards even tries to circumvent filtering with CNAME clocking (luckily to no avail).

draeath

@draeath@infosec.exchange replied · 7 days ago

@killyourfm that UI is just... Chef's Kiss.

Did you set up unbound with it? Check that out on the pihole wiki if you didn't. It's easy to do and further removes you from potential fuckery.

Jason Evangelho 🐧🎒

@killyourfm@layer8.space replied · 6 days ago

@draeath No, Unbound is new to me. I'll add it to my research notes, thanks!

Bill

@bobthcowboy@fosstodon.org replied · 6 days ago

@killyourfm I'll second @draeath on unbound. It was pretty easy to add to pihole and it's basically taking pretty full control over your DNS lookups. I just need to get around to enforcing DNS traffic go through pihole for lookups for my handful of IoT/Smart devices...

RooneyMcNibNug

@rooneymcnibnug@mastodon.social replied · 7 days ago

@killyourfm nice! I have a gebeal purpose blocklist here that I have been using on some networks for years now: "SNAFU" https://github.com/RooneyMcNibNug/pihole-stuff

GitHub

GitHub - RooneyMcNibNug/pihole-stuff: blocklists, scripts, etc.

blocklists, scripts, etc. Contribute to RooneyMcNibNug/pihole-stuff development by creating an account on GitHub.

Pairko

@Pairko@bookstodon.com replied · 7 days ago

@killyourfm The gossipy neighbor who doesn't have to peek in your window, already being in the living room.

jnr in life

@NigelGreenway@mastodon.social replied · 7 days ago

@killyourfm yeah, I was horrified with the requests. I've since started investing in Home Assistant and just block stuff I don't want - to the annoyance of my partner who needs to be set up on an "allow all" rule in PiHole 🫣

Jason Evangelho 🐧🎒

@killyourfm@layer8.space replied · 7 days ago

@NigelGreenway You know, when I upgraded my router (in preparation for the NAS), I realized to my horror how many of my smart plugs and smart lights need DEDICATED APPS on my phone just to get reconnected and activated.

So yea, Home Assistant is high on my list of things to set up next. Have you had a good experience with it?

jnr in life

@NigelGreenway@mastodon.social replied · 7 days ago

@killyourfm I did, and since then I've needed to move from MVP setup to setting up my home lab up properly as it's been left for a few months and I've unplugged my HA voice device.

When I used it, I loved it. Felt free and like I actually owned my own house devices 😅

Best part for me, being able to control the lights without an internet connection 🥰. Local first is just perfect for me!

My task next month is to get it all sorted - and cost up my network set up moving forward.

Jason Evangelho 🐧🎒

@killyourfm@layer8.space replied · 6 days ago

@NigelGreenway Forgive the complete noob question here, but: in order to control the smart devices with home assistant (especially locally without internet -- love that), does that limit the types of devices I can use? Will anything I'm using with Alexa be compatible?

If that's way too broad a question and you don't feel like answering it, no worries :)

jnr in life

@NigelGreenway@mastodon.social replied · 6 days ago

@killyourfm I've got it working (so far) with:

- Phillips Hue Lights (via the bridge from memory)
- Google's Nest Thermostat
- WiiM Pro streamer

I don't have much for automation other than that. I've tried with my Ezviz camera's, but I don't remember how that turned out.

I've found the routines are better, as is the location awareness when I'm using my phone to trigger lights to on/off when leaving and entering my house.

I can't give much more than that as I've not played with it fully 🙄

tootbrute

@tootbrute@fedi.arkadi.one replied · 7 days ago

@killyourfm now you'll be like me...load up a list with 1mill blocked things.

Benjamin

@blindcoder@toot.berlin replied · 7 days ago

@killyourfm I have an LG TV, and NEVER EVER opened the Netflix app AT ALL.
It still tried to talk to Netflix ALL THE FUCKING TIME.

Nicely, LG allowed me to uninstall the NetFlix application. It's quiet now.

draeath

@draeath@infosec.exchange replied · 7 days ago

@blindcoder @killyourfm it's probably something stupid too, like a cronjob to upload in-app telemetry.

But since we can't actually look at what it's doing...

Jason Evangelho 🐧🎒

@killyourfm@layer8.space replied · 7 days ago

@blindcoder Youch. I hope you don't have one of the LG models that's having Copilot installed to it...

Benjamin

@blindcoder@toot.berlin replied · 7 days ago

@killyourfm Checked it yesterday, no Copilot there (yet).

snowrocket

@snowrocket@mastodon.social replied · 7 days ago

@killyourfm how hard was it for you as a first time user to set up / understand what was going on in your network? i want to do something similar and possibly block most of the unnecessary calls

Jason Evangelho 🐧🎒

@killyourfm@layer8.space replied · 7 days ago

@snowrocket I'll level with you: it was pretty brain-intensive and I almost gave up at one point. The big hurdle for me was correctly configuring my router AND the ISP modem/router which is in my landlord's house. DNS has always been difficult for me to grasp.

There's a dance you have to do around which device is the DHCP server, forwarding ports, etc. But some of that revolves around the NAS learning curve.

As far as interpreting what's happening on my network, that's a work in progress :)

GreatLakeTrout

@greatlaketrout@noc.social replied · 7 days ago

@killyourfm @snowrocket
You are correct that you have to know where your DHCP server is and figure out how to set the DNS entries on it. I have not used pihole in awhile as I have been working with a new pfsense+ firewall and have been using pfBlockerNG, Snort and Suricata on the netgate device.

BT Free Social

BT Free is a non-profit organization founded by @ozoned@btfree.social . It's goal is for digital privacy rights, advocacy and consulting. This goal will be attained by hosting open platforms to allow others to seamlessly join the Fediverse on moderated instances or by helping others join the Fediverse.

BT Free Social: About · Code of conduct · Privacy ·

Bonfire social · 1.0.1-beta.22 no JS en

Automatic federation enabled