Installing Pi-Hole for a quiet life

Does anyone really like advertising? I think of it as a kind of social disease, something that runs rampant through our society as an unfortunate consequence of our desire for, well, stuff.

So I decided to eliminate as much of it as I can, and this drew me to Pi-Hole, a networking app that helps you strip advertising from your online life. I’ve installed it on a spare Raspberry Pi and thought it worth writing about partly because it’s easy and also because it’s worth doing.

So, given how easy Pi-Hole is to set up, this isn’t going to be a particularly detailed post from a technical perspective. However, there was a slight hitch that nearly made me abandon the project. I’ll tell you how I got around that, but first, let’s talk a little more about advertising, because there’s an ethical issue we need to address.

<rant>

The curse of advertising

Advertising is the process of people trying to convince you to buy stuff you don’t need. You know you don’t need it because, if you did, you’d be planning to buy it anyway.

I’m lucky enough to live in the depths of rural France where I’m not subject to much advertising. I don’t watch commercial TV nor do I listen to commercial radio. And I rarely buy magazines these days (an astonishing turn of events given that I made my living for much of my life as a magazine journalist).

But the Internet is awash with advertising. Indeed, you don’t even need to go on to the net – in Windows 10, for example, advertising comes right into your home via the OS itself. Gah!

It seems that few organisations can make a living from Internet-based products other than by running ads. It’s sad, but selling us unnecessary crap is the engine that drives web-based commerce.

Unreasonable behaviour

If you use AdBlock Plus, like I do, you’ll find many websites complain about it – some won’t even let you into the site unless you turn it off. Is that reasonable?

I understand the argument: these companies put a lot of effort and expense into providing a service – whether it’s a newspaper dishing up news and features, or perhaps a social networking site offering you … oh wait. I forgot. On social networking sites you’re the product. (When you consider the crap that Facebook gets up to with the personal data you’ve given it, it’s astonishing it has the gall to run ads at all.)

Anyway, it is reasonable for many sites to point out that they depend on ad revenue to survive, and so you really should let them show you those ads. But I have a few points to make too.

I have made a firm (and thus far unbroken) commitment to never buying anything that has been advertised to me that I didn’t already know about and wanted anyway. In other words, there’s little point in showing me an ad because my reaction is that if you’re going to that much effort to convince me to buy your crap, there must be something wrong with it. If there wasn’t, it would sell itself.

That might sound like an extreme position, and it almost certainly is. I’m also kidding myself about how resistant I am to advertising. In all likelihood, some of that indoctrination gets through.

No clicking

But here’s something I can be damn sure about – I never click on ads on websites, in emails or in Windows 10. Not once have I done that. For all the reasons I’ve already mentioned plus another very good one – ads are dangerous.

Malvertising – in which bad people use ads distributed by (often) legitimate advertising distribution channels to carry out attacks such as phishing – is a serious problem. And it’s one that’s getting worse, not better. Many ad networks seem incapable of, or reluctant to, police the stuff they’re pushing out.

One way to keep safe is to never click on ads. A better way is to never see those ads in the first place – to prevent them arriving on your device. To me, as someone who works in the cyber-security world, eliminating ads is a basic part of my security hygeine.

A website that depends for its income from ad clicks is never going to make a penny out of me. So there’s little point in showing me the ads in the first place.

Of course, I know there are cases when revenue is dependent on ad impressions – simply showing an ad can create income for the site. But I have a problem with this too. Ads can chew up bandwidth (that I’m paying for, especially on mobile). And I’m kind of fussy about what I allow on my devices because of the malvertising issue. Resource-hogging (and potentially malicious) advertising code isn’t welcome on any of my machines. If a website were willing to take legal and financial responsibility for any malicious advertising that found its way on to my device, I might take a less extreme position. But they won’t, so neither will I.

You may have noticed that I don’t run ads on this site. (If you feel like supporting the blog, you could always buy one of my books.) There have been times in the past when I ran AdSense ads on various blogs, but I stopped doing that a long time ago.

</rant>

Ad-free world

So I live in a surprisingly ad-free world. And it’s great. And here’s a way you can join me.

Pi-Hole, as the name suggests, was originally developed for the Raspberry Pi but now runs on other platforms too. I have a number of spare Raspberry Pi boards knocking about so I figured I’d use up one of those.

Pi-Hole is actually quite lightweight, so you can use the Pi for other things.

The way Pi-Hole works is that it acts as the primary DNS server for the devices on your home network. It maintains regularly updated lists of domains used for advertising, tracking and other nefarious purposes. When it sees a DNS lookup request for one of those domains, it simply blocks it. Unlike using a browser-based ad blocker, the website isn’t aware anything untoward is happening, and therefore won’t complain.

If you’ve got a Raspberry Pi up and running with a standard flavour of Linux (such as Raspbian), installation is a simple matter of typing one line in the Bash shell. Your Raspberry Pi needs to have a static IP address, although one assigned via DHCP from your router is fine.

And that’s mostly it.

To the Pi-Hole!

The only remaining step is to persuade all your devices to use the Pi-Hole machine as their DNS server.

By far the easiest way to do this is to configure your router to do that. Then, any device that connects to the interwebz via the router using DHCP will automatically get the Pi-Hole treatment.

Alas, I couldn’t do that. The router I use (a Livebox 4 supplied by Orange) doesn’t allow you to meddle with DNS settings. No doubt Orange wants you using its own DNS servers. That was the glitch that nearly ended this project for me.

The alternative is to turn off your router’s DHCP server functions and use the Pi-Hole machine as your network’s DHCP server. That was possible for me, and it’s very easy to do in Pi-Hole. But for a variety of reasons I can’t go into here, that wasn’t an option for me.

Luckily, there is one more method, albeit rather clumsy, which is how I got around the problem. You change the DNS settings on each device you use on the network so that the Pi-Hole is the first server. So far, I’ve done that on two desktop machines, two laptops and two iOS devices. Still haven’t found the appropriate setting on my Android tablet, but I assume it’s there somewhere. It’s a pain, but it works.

Up and running

Once it’s all running, you can log into the Pi-Hole admin panel via a web browser. From here it’s easy to see what’s being blocked and what’s being let through. The Query Log makes for especially interesting reading, and from there you can easily block or unblock domains.

Pi-Hole is free, but the creators would appreciate a donation. It’s an ongoing project that’s worthy of support. And I think it’s right to expect to pay for things that of are value to you. It’s just that, for me, advertising doesn’t make that list.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.