| > prevents apps and browsers installed on your device from sending your private data (known as tracking fingerprints) to the Internet. For now, Blokada's utility is limited to DNS-based content blocking. It cannot and does not prevent most forms of fingerprinting. > Is it doing some kind of packet inspection? Yes, only DNS packet inspection, but even for the only thing it does, it is clumsy: It leaks DNS requests; that is, Blokada does not trap all DNS traffic on port 53, and it does not handle DNS queries sent over TCP. DNS66 has these same issues, too. > As a secondary layer of blocking I use DNS66 which intercepts DNS requests and fails them for blacklisted domains, by installing itself as a virtual VPN - essentially a cooked /etc/hosts for Android. Blokada uses the same trick (I mean, core parts of Blokada 4 code-base does bear similarities with DNS66 which preceded it... Blokada 5 however was re-written in Rust). > Would Blokada work alongside that? No, it cannot. But: Apps that support "DNS proxying" (like Nebulo [0]) can. It is quite an involved setup. I'd simply use Nebulo over DNS66, as it is not only more capable but also encrypts DNS traffic unlike Blokada 4 or DNS66. > ...but you seem to be a good person to ask.. A disclosure, rather something to keep in mind: I have been accused of spreading fud by the Blokada lead developer and using it to "market" a "competitor" app I co-develop. In my defense, it wasn't / isn't fud what I spread, unless fud === uncomfortable truth. [0] https://github.com/ch4t4r/Nebulo (fixed link, thanks u/NoGravitas) |
https://github.com/Ch4t4r/Nebulo