1) Find a bunch of high-quality block lists on the internet which have been painstakingly curated my their maintainers for many years
2) Combine it all into one big list. Tell everyone that you will quickly whitelist any domains if they are causing breakage.
3) Once enough people start using your list, get an advertiser to pay you to silently remove their domains. If anyone notices, just say it was to fix breakage on some obscure site.
I’m not saying that Energized or StevenBlack are doing step 3, but please realize that there are issues with using lists like these. Even if they aren’t getting paid, they might still have some undesirable whitelisted domains. They also deprive the original block list maintainers of views (meaning they might be less inclined to continue maintaining them). You also won’t receive updates from the lists as quickly because of the middle man.
If you are using Pi—hole, OPNsense, or any other tool which can run multiple block lists simultaneously, I recommend taking a look at https://firebog.net for a list of original-source block lists.
I can point to thousands of combined...
* issues https://github.com/StevenBlack/hosts/issues?q=is%3Aissue+is%...
* ...pull requests... https://github.com/StevenBlack/hosts/pulls?q=is%3Apr+is%3Acl...
* ... and commits https://github.com/StevenBlack/hosts/commits/master
...that indicate, it's not so easy.
The sources we use are all vetted. Some sources are remarkable in terms of activity, and responsiveness to problems as they occur.
Overall I think this area is far more dynamic than many realize. Some good people curate the lists we carry.
Consolidated block lists like yours are still important for people who are using the traditional etc/hosts file. I believe the Pihole project would like to focus more on the software and less on the block lists - so they include your list, which has a good track record of vetting sources and responding to issues. I also appreciate that your project has produced its own original block lists (which happen to be included on the Energized list and firebog.net).
I just wish more people would use the original source when possible.
I dislike this Energized list, partly because I had a bad experience using one of their non-primary lists which wasn’t well maintained, and partly because their website (https://energized.pro/) makes it sound like a commercial product.
Disclosure: Some of us have been actively curating such amalgamated lists for a long time. https://github.com/StevenBlack/hosts
On April 23, GitHub disabled the repository. Exact reasons are unknown.
The repository was then deleted and recreated.
The essential problem is, without active curation, source lists can't quickly react to emerging threats.
Without active curation, source lists become add-only buckets where domains land, and are rarely removed, long after they are abandoned.
The soft option is to simply cumulate domains. We've seen candidate block lists grow from 350,000 domains to 750,000 domains. These are just endless one-way buckets. Use that as your Android phone's hosts file, or you Windows PC hosts file, and you're going to have a bad time.
At the edges, there are myriad grey areas. We can all agree that YouTube serving ads is painful. But what about Youtube retaining your viewing history, which some people find very useful and handy. Over the years we've often had discussions such as this. This is what it means to actively curate.
If there is a userbase for a list, they have to trust the list to not filter out domains that shouldn't be filtered. I have a hard time thinking how this could lead to hidden repercussions, other than some security flaw that is only exploitable when some subset of requests go through.
The internet experience has improved a lot since ads and trackers are blocked system wide.
A few block lists that I would recommend:
1. Steven Hosts - https://github.com/StevenBlack/hosts
2. Adguard DNS - https://github.com/AdguardTeam/AdguardSDNSFilter
3. disconnect.me
The amount of DNS requests made silently in the background is astonishing across all devices.
I still remember seeing the log for the first time. It is very radizalizing.
That said: maybe it's just me, but I find their website[1] a bit...strange?
It looks like one of those SAAS startup landing pages, you can pick your "pack of block list" ranging from "Tru lite" to "XTreme" etc...
Or maybe it's supposed to be ironic and I just don't get it :) [1] https://energized.pro/
NoScript really needs the ability to whitelist a TLD for providers like cloudflare.
As a part-time grammar Nazi, there are several things here that annoy the hell outta me!
After reading that, I had to quickly abort and close the tab.
Its fine that people love creating these massive all-in-one lists. But I recommend just using the sources directly. That way, if a list gives you trouble, you know who to open a ticket with, or just disable that specific list if its too aggressive for your tastes.
Something like this should also be applicable for social networks as well. I found this for twitter - https://blocktogether.org/ not sure if it is possible for others like facebook.
They have a public whitelist and updates are pushed on a daily basis.
Ideally it leverages things like GitHub Actions (or another CI tool) + GH Pages/GH releases/Netlify to relief the burden of having to host it myself.
The reason for this is so that I can use NetGuard, which allows for only 1 blocklist. Currently I'm flipping between Blokada and DNS66 because they allow for multiple lists.
They work pretty good, but can be a little cumbersome to turn off or to enable certain domains from time to time (such as when a site has so many ads it breaks the site). But the increases safety and speed while surfing is well worth it.
Along with a script that aggregates data from multiple lists, removes duplicates/overlaps, whitelists, etc.
I've gotten a few friends started on pi hole and ended up with minecraft servers, free nas, kodi, and retropi
