I don't think it's live on latest. I just did a fresh pull again (I did it a couple hours ago too) but I don't see the new bar graphs nor the local DNS option.
Edit: Oops I didn't wipe the container. Works now!
One of the Pi-hole dev's here. The comment you are replying to is talking about the blog post about this CVE, not Pi-hole's aesthetics. (Which haven't changed, btw)
That's awesome! I'm excited to see what comes of this! I took a look at the changes and the amount of work here is impressive.
I'm going to guess that there are also major UI changes that will need to come along to make this feature usable. Maybe the release that incorporates everything could be Pi-Hole 5.0?
As commented below, we don't actually maintain any of the lists, so that wasn't us you spoke to!
You can configure the lists that you use to suit your needs. You can also whitelist any domains that you need. It's up to you what you ultimately block!
Hmmm, not sure I recall. Mind linking back to the conversation? Point is, we don't choose what domains are blocked or not, so there is nothing we can do except ship with a default whitelist. But we're not going to do that either, if we were to start doing that... what's to say we wouldn't whitelist something more nefarious.
It's safest for us, and our reputation, to stay out of the finer points of the actual blocked/not domains and instead defer to individual list maintainers who make that their business.
That post is 2 years old, and the op understood and was ok with the outcome...
Oobe is either
1)leave suggested defaults as is
2)don't use those lists.
Option 2 is available in the installer before you're even up and running. There is only so much hand holding we can do, to be fair. We have an extensive support community, and plenty of documentation, and yes, whilst I agree some users may fall between the cracks, the majority are able to find a solution to their problems.
There is no doubt that pihole works for some people. I'm just giving my honest review: it didn't work for me. It blocked too much. I asked for guidance and got a lecture about privacy.
And I did find a solution, just not with you product :)
When you say unbearably slow, do you mean the actual DNS resolution, or the Admin interface?
An Rpi3, even a Rpi B or zero is plenty good enough for DNS queries! The Admin interface has been a bit of a bugbear for a while, but we are working on some massive improvements for the 3.0 release (coming soon™)
There is a disable button on the web interface[1] which allows you to either disable it permanently, or for a specific amount of time. Of course, client devices need to clear their DNS cache, too, in order for this to work properly, but at the moment there is no way of automating that.
There are also other tools to help with blacklisted domains that cause issues/site breakages, such as a query log to identify them, and the ability to whitelist with ease!
Of course it can! If it has a domain name, it can be blocked. What you may see is the browser grumbling about it.
Essentially all that is happening is a client asks for a domain (e.g ssl.google.com) and if it is on the blacklist, then it returns it's own local IP address for that domain instead of the real one. Which is where you will find the browser complaining. All we return is a blank page/blocking information page, but not via https.
Of course, we could probably get around that by generating self-signed certificates on install, but the user would then need to install that certificate on all of their client machines (I think, I'm not massively proficient in this area!) which makes it an extra, and not vital, step that may scare off the more novice users.
