this post was submitted on 12 Feb 2024
147 points (96.8% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

54772 readers
482 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 1 year ago
MODERATORS
 

Hi, I'd like to set the sails due to being frustrated with streaming services, but I have some questions beforehand. I hope, you can help me with that, since lurking and reading the Megathread/Wiki didn't really answer my questions. Thanks for your help.

  1. Is just using a fitting VPN (I've read about Mullvad and ProtonVPN in this community) safe enough to not get caught? I'm located in germany, so sharing even as much as a few kB of pirated content can cost me thousands of euros. I want to be really sure, that I won't get letters from some lawyer soon. All, that I've read so far is basically: Setup VPN and your Torrent software, including kill switch and maybe get into private trackers. Thats it. Is this really enough? Can I do more to be safe? What exactly is the risk with public trackers (as they are often mentioned as the "low hanging fruit" for copyright lawyers)?

  2. I've read the post The complete guide to building your personal self hosted server for streaming and ad-blocking, which mentions many tools to setup. I'm sure these help me find and view content. But are there good resources explaining the functionalities of this software? I'm familiar with Docker and I know about Jellyfin, but it is really unclear to me, what exactly all the other tools do.

Big thanks from a long time lurker!

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 5 points 9 months ago (1 children)

VPNs usually route your DNS through them as well, sometimes to other DNS servers but sometimes they just send them to your original DNS server but through the VPN, kinda up to your VPN config - all of the vpn services I've used to date did this, although they were all reputable ones. I'd not recommend to use a questionable VPN though.

Dnssec only verifies authenticity of the server and the integrity of the data, so it helps to prevent man-in-the-middle of DNS, it doesn't provide privacy. Look into DNS over Https (DoH) instead. It provides e2e encryption for your DNS traffic which achieves what dnssec does, but also gives you privacy. DNS over TLS (DoT) also does this, but it runs on a different port so it's easier to block (e.g. if your isp decided they don't like private DNS), while with DoH your DNS traffic looks the same as other web traffic - and afaik it can't be blocked. As above, it's likely this is not needed for use with a VPN, but I'd recommend looking into in general for use even when not on the VPN. Things like controld or nextdns can give you even more peace of mind (although read up on their policies for yourself)

[–] [email protected] 4 points 9 months ago (2 children)

Pihole also can be your sole DNS provider and then you can pick your upstream server.

[–] [email protected] 3 points 9 months ago (1 children)

Thats what I have in my home network. Upstream is currently cloudflares 1.1.1.1

[–] [email protected] 1 points 9 months ago (1 children)

Unless you configure pihole to connect to CF via DoH, the above is still entirely true. Pihole is not a privacy tool, it's a filtering tool.

I used to have this setup too until I realised spending a single hour per year on pihole "costs" me more than paying for a good DNS resolver which can also do the blocking, and I can easily use on my phone as well when I'm away. I'm very happy to have switched, personally.

[–] [email protected] 2 points 9 months ago

Definitely true, but I think the problem is there's no DNS out there that blocks everything you want. I've never found a DNS resolver that blocks my TV's telemetry domains, for instance. A pi-hole on a RPi runs super cheap so the quick initial setup adding blocklists is super worth it for me at least.

[–] [email protected] 0 points 9 months ago

The above is still true for the upstream regardless, pihole provides filtering - it doesn't replace the privacy provided by using a trusted upstream server and you should still configure pihole to use DoH to the upstream.