Every time I've tried pihole it has failed on services like YouTube. Can someone explain this to me and how I solve it? I know it's not just me, it even happened to Linus Tech Tips but I constantly hear responses "works for me" which are unhelpful. If ublock works fine, why can't pihole? I'm actually interested in a technical answer.
Pihole only works if ads are served from a distinct domain name from content. This works in most cases but YouTube serves ads and content from the same place so pihole can’t prevent. As uBlock works client side it does not face this limitation
So wouldn't there be a way to intercept the data and apply the same blocking that uBlock does and then resend it? I know it would have a delay, but that'd probably be worth it to me tbh.
It would be very hard to do so because SSL prevents middlemen from intercepting and modifying data. You'd have to install custom SSL certificates on all devices connected to your network like businesses do. PiHole would then use a copy of that custom certificate to decrypt the SSL, inspect/modify the contents, re-encrypt the contents with a normal SSL certificate, and send it off to its final destination.
I've looked into this and it seems like there is no software out there that makes this easy. For it to be convenient enough to make sense, I think there would have to be some router 'login' page which makes downloading and installing the certificate as easy as possible. But, even 'easy as possible' would probably be too inconvenient for any guests who just want to use your wifi. Maybe it could be optional somehow. Don't install the custom certificate? Fine but you'll still get ads. Install the custom certificate? Awesome, your ads will be blocked.
PiHole works by blocking domains. Few years ago it was like youtube.com served videos and ad.youtube.com (just an example) served ads.
Back then you could simply block ad.youtube.com and there would be no ads but today Google is serving ads via their main domain. You can't block ads unless you block youtube.com.
So now no DNS based adblocker can block YouTube ads. uBlock is the only option which works inside browser only.
PiHole blocks at a DNS level, uBlock blocks down to the page element level. If the ads are coming from the same domain as actual content, a DNS block can't be used since you'd be blocking the content that you're trying to view.
When your device sends out requests to the internet, the vast majority of them are encrypted with SSL. SSL encrypts your requests so that middlemen can't inspect or change the content of your requests. Without SSL, anyone would be able to do anything with your data, which of course would be a massive security problem that just cannot happen. Unfortunately SSL also means middlemen adblockers (like PiHole) can't see or modify the contents of your requests either. The only way for PiHole to block requests is by using the only necessarily unencrypted part of the request: the destination IP address.
Without being able to read the destination IP address, all the middlemen between your device and your destination server, wouldn't know where to forward your request. Your request would never make it to its destination website. The destination IP address is retrieved when you access a website. When you type google.com into the address bar, your computer sends out something called a DNS request to something called a DNS server. That DNS server sends back the destination IP address for the website you're trying to access. This DNS request is unencrypted and so PiHole can simply intercept it before it leaves your network, check if it's an ad domain, and if it is an ad domain, send back trash data to your device instead. Your device, unable to retrieve the destination IP address, is now blocked from accessing that content.
To prevent people from being able to block their ads via DNS, Google hosts ads on domains which are critical to using their services. For example, YouTube ads might come from youtube.com. This way, if you block YouTube ads using PiHole, you are also blocking the entire YouTube service as well.
UBlock Origin and other browser-based adblocking tools are able to block with a more fine-grained approach because they live in your browser and don't have to worry about SSL.
Pihole only see dns query. It doesn't see the full url. On the other hand, ad block extensions can see the whole url and can decide to block them while allowing other requests to the same domain through.
I think you should install both though. Pihole can block ads on apps, and can block CNAME cloaking.
