Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

While I let my smart TV connect to the internet for firmware update reasons (bug fixes), I’m running my entire home network through NextDNS, and before that a PiHole. Not seeing any ads in the UI, and I note some attempted logging traffic is blocked.

Before I upgraded to LG last year I had a Samsung and it was trying to ping home constantly. It constituted 80% of outbound requests denied by the PiHole



In this arms race, these companies might start shipping with their own resolver.


You can work around this by either setting a fake gateway in a static IP configuration, or configuring your DHCP server to give a fake gateway to requests coming from the TV's MAC address.

By "fake gateway" I mean a non-existing IP on your LAN: that way, no outgoing request from the offending MAC address will ever get out to the public Internet.


> work around this by either setting a fake gateway in a static IP configuration ...

Take it to backyard and axe it to pieces. Just to be sure.


It's already mentioned in this thread: built in IoT. There are IoT vendors that have roaming agreements worldwide; typically you stick these things on containers or other mobile assets. They call home whenever they can.

For an actual arms race, we need vendors on the consumer side front to create beautiful Faraday Cages for "your" home appliances.


My smart TV will update the firmware via USB. Other than the fact that it's a 1.5 GB download [1], it's quick and easy.

[1] There's a couple 4k test videos in the system menu, which I guess is some of the hugeness. Seems crazy though.


Out of interest - Why do you use both a PiHole and NextDNS?

I removed my PiHole once I got NextDNS as it just seemed redundant.


I have a similar setup at home: local AdGuardHome deployment with NextDNS as the upstream. I have several NextDNS configurations and AdGuardHome's upstream is one that has no filters. I use other profiles with filters when I am on the go.

I can't install NextDNS client on a lot of devices like a robot vacuum. Sure you can configure NextDNS to be the resolver on the gateway, but then the gateway becomes the only client in your NextDNS logs and you can't figure out which device is downloading Google ads, which makes the log useless. It is also easier to temporarily disable filters -- changing DNS on some routers may need a rebooting, which causes downtime on the whole home network.

The only thing you can do with NextDNS logs is looking at them on NextDNS web UI. I had a lot of fun messing with my local AdGuardHome logs with visualizations, analysis, and alerting.


I was unclear, sorry about that. I used to have a PiHole, but have since switched to NextDNS




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: