Citizen Engineer
I Like Your Content But Your Terms Are Not Acceptable
by ladyada@alum.mit.edu and fill@2600.com
Greetz Citizen Engineers!
Before we get started, let's get this out of the way: It is ethically and morally O.K. to block ads.
We do not get to preemptively or selectively choose what we want to load from our devices or browsers.
When you click a link, it shouldn't mean "give up all privacy."
After the fact, you cannot retroactively get your time or privacy back. With ad blockers for computers doing deals with advertisers, we can only trust ourselves to make decisions about our time and data. And with more of the net experience moving to mobile, closed (or unrooted) devices like phones and tablets might not allow or have ad blockers. Moreover, now ads appear within apps, circumventing any browser add-on! Do you really think Google is going to make it easy to block ads on their Android phones?
Invasive tracking, click-throughs, personal data mining... these are unethical behaviors of advertisers and websites, and it is not unethical to get rid of them. A hack used Yahoo!'s ad network and infected millions of people. Fake pop-ups try to trick you into clicking affiliate links. Adware is malware. This is an attention war, but you have Linux and you are ready to defend yourself!
Use the power of open-source and cheap hardware to set up an ad blocking DNS server.
It's as easy as:
That's it!
What's Pi-hole? (pi-hole.net) It's an open-source DNS-level ad blocker that is designed to work great on a Raspberry Pi or other low-cost single-board computer. (github.com/pi-hole/pi-hole)
In their own words:
- No client-side software required.
- Run it with one command.
- Blocks over 100,000 ad-serving domains.
- Blocks ads on any device regardless of who made the device or the operating system.
- Ads are blocked before they download, this means faster networks.
- Reduces cellular data, use it with a VPN to save on data costs.
- Blocks ads at the DNS level, any device, even ads in apps since now apps have ads too.
- Monitoring and stats are part of the interface.
The way it works is you change your computer/phone/tablet DNS settings to go to the Pi-hole on your local network.
Then, Pi-hole will do a special trick: when it is asked for the IP address of ads.adserver.com (for example), it will return nothing! So you will never even connect to the ad server and get the ad.
This project can be performed with any Linux computer, but a single-board Raspberry Pi or similar lets you keep the server running separately from your desktop machine. For the most adorably compact version, we're using a Pi Zero W. This has enough power to do what we want, and has built in Wi-Fi too! It's tiny (66.0 mm x 30.5 mm x 5.0 mm [2.6" x 1.2" x 0.2"], 9.3g) - small enough to sit on top of your router at home or slip into your travel bag for on-the-go blocking.
For our version, we added a tiny screen on it so you can glance at the death of journalism (at least, that's what people will tell you).
Parts List
- 1 x Pi Zero W
- 1 x 4 GB or larger SD card (you will be) burning this card with Raspbian Jessie Lite, so it's O.K. if it's blank or pre-burned).
- 1 x 5V @ 1A USB wall adapter - our router had a USB port on it already, so we just used a short USB cable instead.
If you want to add an OLED display (which is suggested!) you'll also need a 128x32 Monochrome OLED and some header or wire to solder it up. It's not required, but makes for a nice little status indicator.
Install
1.) Download the latest Linux distribution on your SBC - we used "Lite" Raspbian, which is a Debian variant.
2.) Burn Linux to your micro SD card using your computer.
3.) Re-plug the SD card into your computer (don't use your Pi yet!) and set up your Wi-Fi connection by creating and editing supplicant.conf. (/etc/wpa_supplicant/wpa_supplicant.conf)
4.) Activate SSH support by creating an empty file named just ssh in the root directory of the SD card.
5.) Plug the SD card into the Pi Zero W.
6.) If you have an HDMI monitor, we recommend connecting it up via the mini-HDMI adapter we provide in the budget pack - so you can see that it's booting O.K.
7.) Plug in power to the Pi Zero W. You will see the green LED flicker a little. The Pi Zero will reboot while it sets up, so wait a good ten minutes.
8.) If you are running Windows on your computer, install Bonjour support so you can use "local" names. You'll need to reboot Windows after installation.
9.) You can then SSH into raspberrypi.local to complete your setup.
O.K., once you have set your Pi up, and the Wi-Fi is connecting to your home or office network, and your can SSH into it, continue with these easy steps!
If you cannot connect via SSH yet, go back and read some Raspberry Pi setup guides until you are able to log into your Pi.
Change the Hostname
We like to do this first so we don't get confused between all the different Pi's in the house.
Edit the hostname with sudo nano /etc/hostname and put something else on that first line, like pi-hole. There's more information on how installation works at: pi-hole.net
As of the writing of this guide, it's easier to just run:
It will take quite a while to install, and may seem to "hang" at points.
Just let it do its thing for about 20 minutes!
Configuration
Pick who will be the upstream DNS (for non-ad blocked sites).
We like MIT's server at: 18.70.0.160
(99% of people will use IPv4 - if you needed IPv6, you'd know!)
The installer will automatically try to set the dynamic IP address it got from your router to be fixed. This works well enough; if you have an advanced network set up, you can configure a custom IP address.
The web interface is kinda cool and is password protected. We'll be showing most of the stats on the little OLED, but we still need the API to be running so keep this on.
Admin Page
On your desktop computer or tablet, visit: pi-hole.local/admin
And you should see an administration panel!
Block the 5th Estate:
On your tablet, phone, computer, etc., go to your network settings and click edit.
Set the DNS server in the network settings to be the IP address of the Pi. You can put in your normal DNS server as the secondary source, so if the Pi crashes or gets unplugged, you won't be without Internet.
You may need to restart your network or browser to have it kick in. Also, there may be some cached ads, so don't worry if not everything is blocked. Visit your favorite site with ads (not 2600.com - they don't have any!) and see the difference!
If you want to set-it-and-forget it and never use the web admin, install an OLED to view the stats, and see what the DNS is, visit: learn.adafruit.com/pi-hole-ad-blocker-with-pi-zero-w/install-pioled
The full soldering instructions and code is located there too (also, no ads).
You'll save so much time not loading ads that you can spend that extra life helping others.
You can give these away and teach people how to set their DNS from the little screen.
It's your categorical imperative!