• 0 Posts
  • 5 Comments
Joined 1 year ago
cake
Cake day: September 13th, 2023

help-circle
  • Gotcha! My bad, I clearly misinterpreted the discussion. Thank you for the clarification!

    Your setup sounds pretty legit. as far as “too paranoid”, I don’t think that’s a factor as long as the effort required to maintain your system is something you’re comfortable with upkeeping and you don’t feel these concerns are getting in the way of your mental well-being. I do more than work probably most of the people I know, but that’s because I like to tinker and this is sort of a hobby for me. My family and partner think it’s extreme, but I feel it’s good to know how to implement different procedures, countermeasures, and security levels. Do I need them all? Definitely not. But there was a situation at work the other day where I was able to consult on remediation because I have exposed myself to a wide array of different tools and methodologies that most people I work with don’t care to bother with. All of that to say, " do you, boo!" Follow your info tech/cyber sec bliss.

    NextDNS is cool but it also doesn’t sound necessary for your use case. My primary use for it was because of the limitations of my stock OS when it comes to features like built-in firewalls. Then since I was already using it on my mobile, I just decided to experiment with wrapping it into things like Postmaster and my router to control things like smart TVs.

    My goal with my next mobile is a custom ROM where I can implement a setup similar to yours. That day can’t come soon enough! 😂



  • It’s possible I’m misunderstanding something, I am admittedly a layman when it comes to much of this. That being said, I believe NextDNS is marketed as a DNS level firewall. I do use Postmaster, but for the secure DNS I use a profile on NextDNS so I can implement granular control over what is being blocked on my PCs.

    Idk what mobile device you are using, but I know on Android you can use NextDNS by updating your “Private DNS” in the Android settings. If you set it to a NextDNS profile it eliminates the need to install an app, and allows NextDNS to block ads and trackers even while not at home and utilizing your mobile data (or any other network you might need to connect to). Can also be implemented in conjunction with a VPN (if that is something the user is trying to implement based on their threat model) because it is built into the system settings rather than an app using a VPN-esque connection as a sinkhole for trackers. There is also a setting that allows you to prevent bypass if activated. I use that on our router.

    Hope this helps! If I am wrong, please feel free to educate me. Always happy to learn more. 🍻


  • I too was under the impression that you couldn’t add custom lists to NextDNS. Last time I researched this everything I found said you couldn’t as well. I know you can build your deny list but that can be time consuming. I do it, but would love to be able to pull block lists that are already compiled. Can you share more info on how to add custom lists to NextDNS? Thanks!


  • From reading other posts it sounds like it is only for crash reporting and that the user has to click to provide the report in the event of a crash. It also appears to be documented in their policy docs so it’s not exactly like it’s anything underhanded.

    If the user doesn’t trust that their data will be safe, couldn’t the domain attached to the tracker found by Classyshark be blocked using something like NextDNS or RethinkDNS to prevent any data from connecting to said domain?