OK, so whenever any device (e.g. your computer) wants to connect to a website (say, “wikipedia.org”), it tells your router that it wants to go to that website. Your router then sends what is called a “DNS Query” to some server, such as Google or Cloudflare, which takes the string of characters “wikipedia.org” and looks it up in their own dictionary of websites. In that listing, “wikipedia.org” will be linked to a specific IP address, which Google or Cloudflare then pass back to the router. Your router then connects the original device to that IP address, allowing your computer to get data from wikipedia.
Now, modern devices make up to hundreds of these requests every second, so it’s not like it’s going to ask your permission for every single _one of them, right? Of course not. The problem, however, is that virtually every single proprietary app and piece of networked hardware nowadays is actively spying on you, by sending constant “telemetry”, marketing, and ad-servicing requests to hundreds, or even thousands of different services every day.
Pihole is a program that runs on a device (traditionally a raspberry pi, but could also be as simple as an old always-on tower computer or as complex as a self-hosted server). This device is connected to your internet, and what you do is you tell your router that the only place it’s allowed to ask for DNS queries is your pihole device, rather than google or Cloudflare. Then you add blocklists, en masse, to your pihole, which takes every single DNS Query and checks it against the blocklists. If a DNS request isn’t on the blocklists, it passes the request on to an actual DNS server, like Cloudflare, then gives the response back to the router, and the router is none-the-wiser. You get to see wikipedia. HOWEVER, if your device has the temerity, the absolute gall, to connect to any server on your blocklists? The pihole just… Doesn’t pass on the message, and you get to choose whether the pihole actually sends your device a refusal, like “no, we won’t be connecting to google ad services today, thank you” or if it just stays silent, not letting the blacklisted requests through, and just shredding the request every time it gets one for that unwanted site. Also, the pihole can keep a log of every single request made, both blocked and allowed, and keep tallies of the most-requested servers. It does this by default, but can easily be told to stop whenever you want.
TooComplex;Didn’tUnderstand: imagine your local network is a medieval walled city. Whenever someone inside wants to communicate out, they send their letter to the post office, which sends a runner out of the city and returns with the response. A pihole acts as a guard at the city gate, taking every letter, checking the addressee to see if the city’s magistrate is okay with sending information there. The guard has a long list of places letters aren’t allowed to go, and they are very fast at their job. If the addressee isn’t on their list, they send out their own soldier to take the letter themselves, rather than letting the post office runner go. If the addressee is on the blocklists, they either rip up the letter and send the runner back with their own, or they just rip up the letter and beat up the runner so they don’t go crying back to the sender and narc. Its the magistrate’s call how the guard handles it. Also, the guard keeps a list of every single letter that arrives at the gate, unless the magistrate tells them not to. The magistrate can peruse the list and tell the guard to allow or block any addressee on that list (or off of it) at any time.
Thanks for the comprehensive answer. I was hoping for something more like an alt-OS for the TV, so it doesn’t ask for updates all the time or really do anything besides cast from a computer or console
Fun fact: all these smart TVs run Linux, which is supposed to facilitate that, but they’re DRM’d to prevent it instead. There are active lawsuits going on about it.
OK, so whenever any device (e.g. your computer) wants to connect to a website (say, “wikipedia.org”), it tells your router that it wants to go to that website. Your router then sends what is called a “DNS Query” to some server, such as Google or Cloudflare, which takes the string of characters “wikipedia.org” and looks it up in their own dictionary of websites. In that listing, “wikipedia.org” will be linked to a specific IP address, which Google or Cloudflare then pass back to the router. Your router then connects the original device to that IP address, allowing your computer to get data from wikipedia.
Now, modern devices make up to hundreds of these requests every second, so it’s not like it’s going to ask your permission for every single _one of them, right? Of course not. The problem, however, is that virtually every single proprietary app and piece of networked hardware nowadays is actively spying on you, by sending constant “telemetry”, marketing, and ad-servicing requests to hundreds, or even thousands of different services every day.
Pihole is a program that runs on a device (traditionally a raspberry pi, but could also be as simple as an old always-on tower computer or as complex as a self-hosted server). This device is connected to your internet, and what you do is you tell your router that the only place it’s allowed to ask for DNS queries is your pihole device, rather than google or Cloudflare. Then you add blocklists, en masse, to your pihole, which takes every single DNS Query and checks it against the blocklists. If a DNS request isn’t on the blocklists, it passes the request on to an actual DNS server, like Cloudflare, then gives the response back to the router, and the router is none-the-wiser. You get to see wikipedia. HOWEVER, if your device has the temerity, the absolute gall, to connect to any server on your blocklists? The pihole just… Doesn’t pass on the message, and you get to choose whether the pihole actually sends your device a refusal, like “no, we won’t be connecting to google ad services today, thank you” or if it just stays silent, not letting the blacklisted requests through, and just shredding the request every time it gets one for that unwanted site. Also, the pihole can keep a log of every single request made, both blocked and allowed, and keep tallies of the most-requested servers. It does this by default, but can easily be told to stop whenever you want.
TooComplex;Didn’tUnderstand: imagine your local network is a medieval walled city. Whenever someone inside wants to communicate out, they send their letter to the post office, which sends a runner out of the city and returns with the response. A pihole acts as a guard at the city gate, taking every letter, checking the addressee to see if the city’s magistrate is okay with sending information there. The guard has a long list of places letters aren’t allowed to go, and they are very fast at their job. If the addressee isn’t on their list, they send out their own soldier to take the letter themselves, rather than letting the post office runner go. If the addressee is on the blocklists, they either rip up the letter and send the runner back with their own, or they just rip up the letter and beat up the runner so they don’t go crying back to the sender and narc. Its the magistrate’s call how the guard handles it. Also, the guard keeps a list of every single letter that arrives at the gate, unless the magistrate tells them not to. The magistrate can peruse the list and tell the guard to allow or block any addressee on that list (or off of it) at any time.
Thanks for the comprehensive answer. I was hoping for something more like an alt-OS for the TV, so it doesn’t ask for updates all the time or really do anything besides cast from a computer or console
Fun fact: all these smart TVs run Linux, which is supposed to facilitate that, but they’re DRM’d to prevent it instead. There are active lawsuits going on about it.
https://sfconservancy.org/copyleft-compliance/vizio.html
Ah, yeah, for that, just factory reset it, don’t connect it to the internet on setup and use HDMI.
My wife likes to cast YouTube from her phone
Could that work if you connect it to LAN but don’t allow it to communicate outside of your network?
I’m 99% sure “casting” a website just opens that site on the device and gives you remote control. It gets the data through the WAN, not your phone.
With how laggy and horrible casting is, for me, I can confidently say that’s not how my TV works
An alternate less useful answer might be looking up TVs marked as “commercial displays”. They are a less consumer marketed display.