Hacker News new | past | comments | ask | show | jobs | submit login
Show HN: Ad-Free Life – Adblocking as a Service (adfree.life)
35 points by adfreelife on Aug 2, 2017 | hide | past | web | favorite | 49 comments

I'm not the most networking-literate person. How does this work? In the case PiHole you set your router force all of the devices on the network to go through the Pi, correct? So for this service you'd be routing all of your internet traffic through a remote server run by a company you know very little about? That feels sketchy to me, but again it might just be due to ignorance or misunderstanding.

Also, to anyone who has used PiHole - what do you do when a news site bugs you about using an ad blocker? What's the equivalent of "open up your other browser to access the page"?

Side note: why are people flagging this? Seems like a normal "Show HN"-type of post to me, but I'm not always savvy to the etiquette here.

I'm not sure why it keeps getting flagged, but it seems to be removed quickly afterwards.

It actually only sends your DNS traffic, which turns a pretty url (like https://www.adfree.life) into an ugly IP (like and then returns to your computer to make the actual call with all of the important stuff. It is not to be confused with a VPN, where your traffic could actually be logged. You can read more about it here http://computer.howstuffworks.com/dns.htm

Getting the URL of every site a person visits is quite a data mine... not something I'd personally be up for paying for. I have to give AT&T Gigafiber extra money to not track my stuff...

Without trying to be insulting, I think everyone is getting a little too greedy lately with the information they want sent into their "cloud".

To be blunt, that's still too much for me. I'm already unhappy about my ISP having my DNS history, I certainly don't want to offer it to a third part for a service that I could run without giving up that info.

I don't say that as a product criticism, I see why you can't do it another way and plenty of people won't mind. But if you're curious, that takes me out of the pool for this service. Shipping trusted hardware that could go behind a router is about all I'd be open to.

Give dnscrypt a try. Someone will still know that your IP made those requests, but it will be much harder to tie your identity to the IP.

This is PiHole[1] as a service without any mention about pricing. You can buy a Pi for ~£10 (one off price) and install this for your own network in a few minutes.

1. https://pi-hole.net/

I tried to be transparent about pricing, and the free trial lasts an entire day before resetting to make sure you are comfortable setting it up before purchasing. You are getting a dedicated VPS with every plan, no sharing. So the price includes the overhead there.

Seems a little weird and highly inefficient to separate them like that, especially use of IPs etc.

Why not just have one large instance?

Wouldn't different people want different things on their whitelist/blacklist? AFAIK Pi-hole doesn't offer a way to do that.

That's exactly right. Everyone gets their own white/blacklist, control over logging, etc. And how would you end a subscription if the IP still existed with the software?

That seems like an incredibly inefficient and wasteful way to do it. Am I missing some justification for this?

No, it lists the price at the bottom as $9/month.

That's hilariously expensive... Never mind Pi-Hole on an actual RPi, I can set up my own VPS running Pi-Hole for half that. Is the effort of setting up Pi-Hole on my own really worth a premium of $4/month?

I like this part of the pitch: "Ads on news sites gobble up as much as 79% of users' mobile data. Why are you wasting valuable data to see ads?"

Precious data –– there's only so much of it, and when we burn it all, it'll be gone.


No to mention your mobile data wouldn't be going through the device?

I would have thought that the target market for this service are the sort of people who would just run PiHole at home, or set up their own VPS if they really wanted? Most non-technical people I know are just happy with an ad blocker extension so they won't be interested.

I'm interested to see how this pans out.

They're explaining the technology they're using, which makes it sound like they don't know who they're marketing to. The average person isn't going to care about the stack, and the people who do care might not see the point in paying the price of a Raspberry Pi every month to run a Raspberry Pi.

Then again, if it saves a lot of people just a little bit of trouble, there's a lot of potential there. There's a lot of services that are like "dude I could have made that in a week!" but humans are lazy, and developers seem to be especially lazy, and many will happily pay for a pre-configured / hosted solution that "just works". :)

Yeah definitely, just depends whether people think the extra $4 a month is worth setting up a VPS for $5/mo and spending 5 mins installing PiHole on it. I guess there is no maintenance needed if you pay for it as a service. It's an interesting idea!

Thanks for checking it out! I actually am the sort of person that runs a pi-hole at home on a pi, but I wanted my family's devices to be blocking ads also when we left the house, and I found it a pain to always be asking to install extensions on each of the browsers on each of the computers, so a cloud offering let me manage it in one place (after setting up the DNS). I figured I was not alone as a hacker/tinkerer with a family and though others might benefit.

Yeah fair enough! Personally I wouldn't pay for a service like this as I have infrastructure at home that I run it on, and there are some privacy concerns around routing all my DNS traffic through a third party.

What ad lists does it use? the standard one?

The main selling point over just buying a raspberry pi and installing it locally on your home network is that it only works out of the box on your home network. Opening up your network to the internet is not recommended for the average developer, and generally not recommended at all.

Yes, you can set up your own VPS for less than $9/mo. But not much less.

There is a lot of concern over logging the DNS entries. I'll put a notice on the site, but you are not only able to clear your logs at any time but are also able to turn off logging altogether. I do not keep your logs.

This is not a DNS provider, this is simply a layer that attempts to stifle known ads and trackers. You can already assume your DNS logs are being used somewhere, this does not stop that.

This does not use a VPN to hide your IP.

Technical question: when I send over my DNS requests to you (do I actually do that?), aren't those requests unencrypted going over the internet so everybody can sniff on which pages I visit?

This looks promising! I'm a bit unclear on who the target audience is though. Techies? Regular folks? Techies who want to secure their loved ones? Are you trying to take out the hassle of configuring Pi Hole on a VPS, or to create an easy solution for the average person? It seems like the former to me, so just making sure that you're aware that's how the site comes across.

If you can afford it I would get a professional designer to take a look at the site. It looks pretty good but it's a little bit "off", rough around the edges somehow.

If you're targeting tech people it won't matter as much, but still, first impressions are important.

Best wishes :)

I see two obvious targets: people who want this service but aren't game to configure a Pi Hole, and techies who travel and want a fast-and-easy way to get this benefit on any network.

Won't Pi-Hole work fine on any VPS? Seems there are much cheaper solutions for anyone who is willing to do the Pi-Hole configuration themselves.

Why would someone route their traffic through your servers, opening themselves up to a whole slew of potential privacy issues, and pay you for it, to accomplish the same thing they could do on their own for the cost of a Raspberry pi?

You are getting a dedicated VPS, so there is no cross traffic sharing between other subscriptions. You can also disable logging if you don't want to graphs. A Raspberry Pi has to be set up on your own local network, and you'd have to open up that port to the world to be able to use it from outside your home, which has farther reaching security issues. This is limiting that exposure to a dedicated VPS outside your network.

> You are getting a dedicated VPS, so there is no cross traffic sharing between other subscriptions. You can also disable logging if you don't want to graphs.

...but neither of those things tell me that you don't still have access to that data, which is kind of the whole issue.

Its DNS. How do you propose they have access to the data?

DNS queries are data, and can give a motivated party plenty of insight into a user's internet usage habits.

Sure they are. However, all dns servers are going to have this issue. Even most selfhosted ones, like a self hosted pihole use Google DNS as its backend.

The data is far less valuable than your original claim of "Why would someone route their traffic through your servers" which sounds like a VPN/Proxy.

How do you make sure your pi-hole instance is only used by the rightful user? After all you can't restrict port 53, and I am sure iptables are not an option here since you don't know from where the users will be connecting?

I want to know this too.

FD - I recently launched an adblock as a service (listed in my profile.)

Edit1 - maybe it's security through anonymity. Don't tell anyone your DNS server address?

I doubt it. People are specifically looking for open port 53. After reading a bit the pi-hole documentation, I found out they recommend pairing it with OpenVPN. https://github.com/pi-hole/pi-hole/wiki/Pi-hole---OpenVPN-se...

If OP is using a vpn to route traffic, they should call it out.

Our adblocker uses a much less intrusive idea than VPN to block unauthorized IPs from hitting 53.

The general problem I see with network ad blockers is sometimes you need to enable certain blocked domains for certain sites to work. When the utility or content of the site outweighs the need to block , its impossible to do with most of these network level blockers.

"Ads on news sites gobble up as much as 79% of users' mobile data. Why are you wasting valuable data to see ads?"

My understanding is that this is a device on your network... your home network. Can you explain how this device/service would help your mobile data?

I think that's the value proposition: rather than using a Pi Hole in your home, you connect to this service on all your devices anywhere.

I think this presumes that you'd be using the hosted service from your phone.

How does this even work for mobile (the major selling point AFAICT)? A few minutes of research suggests that it's non-trivial to change my DNS server on iOS when using my cellular data connection.

After creating an account there is a tutorial linking to an iOS and Android app that provides a way to set your DNS via a VPN.

A VPN to where? The VPS you control? Now we are back to giving you all of our data rather than just DNS queries... It's mind blowing to me that you expect people to pay a premium for the privilege of giving you all of their data.

Nothing personal, but I really hope this business fails fast and hard.

So it's a DNS service that blocks blacklisted domains?

Page is giving an error

$9/month for what essentially is a preinstalled pi-hole is a rip-off.

Does anyone know why this post would be flagged?

Just a follow up to my own comment here for those wondering the same or for in the future if it happens to you. I got word from HN that the community probably thought this post was marketing for a business, and that the community was, understandably, wary of a new account posting their product. Truth is I am a solo hacker and this is just a side project of mine. I made an account with a matching name so that it was easier to determine official answers.

TL;DR: submissions from new accounts that are flagged for any reason weigh heavily against you, keeping you from posting or answering questions in a timely manner. Also, it took 40 min for it to be public on New, starting on the second page.

TL;DR:TL:DR: don't create a new account to post something.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact