Pi-hole 4.3 Now Available
Today, we’re pleased to announce the release of Pi-hole 4.3! Thank you to to our patrons and everyone else who continue to support us.
Highlights
Network Information Table
We have added a new page to the web interface which displays some enhanced information about the devices on your network.
Fixes And Tweaks
- Improved support for HTTPS on the block page
- We have removed jQuery Input mask, which prevented correct entry of IP addresses on mobile
- Fixed a vulnerability in the web interface that could have triggered remote code execution when adding or removing white/blacklist entries.
- Support for more granular debugging configurations for FTL
More information can be found at https://changes.pi-hole.net
On my odroid xu4 running Debian and last pihole the network information table is empty. How can I fix this?
Here debug token
https://tricorder.pi-hole.net/9qty6e4d3v!
On my raspberry pi running pihole it works.
EDIT:
Fixed it by deleting /etc/pihole/pihole-FTL.db followed by pihole -r
Seems that database was malformed.
Works perfectly fine on 2 RPi3B+. I completed apt update with 6 new updates and everything is running smooth.
Here is a guide to installing Pi Hole
https://valhallagroup.ltd/network-wide-ad-blocker/
So far so good with this update. The new network page provides a good summary of devices that have been seen and if they use the pi-hole.
Also keep in mind that DoH / DoT is not the holy grail for privacy. Your ISP (and others) will still be able to see where you connect to.
Think of it like this:
Example: when your laptop gets a DNS reply from somewhere (e.g.: ISP, root server, anything upstream really) for website.com, and receives IP address 1.2.3.4 as a reply… then your browser connects to 1.2.3.4 which is visible to your ISP (and others upstream). Even when the DNS query was done over DoT or DoH.
It does not matter even if the IP you connect to hosts multiple websites. While TLS (HTTPS) may encrypt the HTTP-protocol host-header which is needed for virtual hosts, its SNI outside of the encrypted stream that is easily readable for anyone along the way.
Folks are working on ESNI, which could encrypt this. But this is far from being the standard yet. It also is far from being perfect, as the ESNI proposal still has a flaw in the design itself.
Even with ESNI or an improved successor, your ISP and others “along the way” will still be able to see which IP you connect to. So its not hard to figure out what site you visit if “they” wanted to.
Since its a rather complex topic, with lots of stuff involved, let me try somewhat to give an overview:
Browser ad-blocker
Pi-hole
TLS (HTTPS)
DNSSEC
DoH/DoT
VPN
As you can see filtering out ads and other bad stuff, and also keeping a high level of privacy, is a major undertaking that requires a combination of techniques and a lot of technical know-how. And even then its never perfect I’m sure.