Noob here. This is probably the most repeated question, but I don’t know the technical terms to make the appropiate digging online, and thought of asking humans before slopping my way around.
I don’t trust my ISP or the government above it.
The ISP remotely manages the local network! So I installed a router of my own and my devices only to that one.
I would like to encrypt (?) anything that goes out of my own router, so my ISP doesn’t evesdrop what I’m doing even if they want to (I know I know… if they really wanted, they could just send friends to my house).
Using Linux, Android GOS, and Pihole. They live under a “picked-up-from-a-shelf” router; and that router under theirs.
(I cannot get a different ISP)
Thanks
Other than a VPN, use a privacy respecting DoH provider on your router so all your sevices use that instead of your ISP for DNS.
My router’s DHCP service is pointing clients to the pihole for DNS. Should I run that on HTTPS too? Can the pi do that?
It’s not necessary for the pihole to run over HTTPS, because that would only encrypt traffic between the pi and your device within your own network. When the pi doesn’t have the DNS that your device requests, it looks it up from the internet. You’ve probably set the DNS lookup servers in pihole. That’s a good start to avoid your ISP. The servers you choose may support DoH, and. you should use ones that do. That way, when the pi sends a DNS lookup to the internet, via your ISP, it’s encrypted by HTTPS so your ISP can’t inspect it.