RethinkDNS – monitor app activity, block ads and firewall apps on Android

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Android android-app Blocker Firewall Adblock

InfluxDB
Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • rethink-app

    DNS over HTTPS / DNS over Tor / DNSCrypt client, WireGuard proxifier, firewall, and connection tracker for Android.

    • Apologies, I saw a different issue https://github.com/celzero/rethink-app/issues/210#issuecomme... and did not realize those concerns had already been addressed. It's good to learn that it is that much closer to F-Droid inclusion! :)

    I think my comment must have appeared harsher than I intended, when I say "just an android app" that's a massive positive for me, but I understand why it might read otherwise! I had assumed at first blush this was yet another scammy SASS product with a corresponding app, but when I realized it was "just" an open source Android app (and finding the open issue re: working towards F-Droid inclusion) it made me very interested indeed!

    I also didn't mean to imply that DNS 66 was anywhere near feature parity with this project, so apologies if that appeared to be the case. That said I have used DNS 66 in the past effectively, despite its limitations. Can you suggest where I can read more about its security deficiencies, or by "insecure" do you just mean to say it is an incomplete solution? (i.e. the lack of protocol support and the reliance on the Android VPN framework?)

  • serverless-dns

    • Hi there, RethinkDNS developer here.

    NextDNS does a lot more than RethinkDNS, at this point, but no reason why we couldn't implement their feature set. We are a team of three spread thin between the Android app and the stub resolver, but are continuing to make progress. Our focus, unlike NextDNS', is geared more towards anti-censorship.

    With RethinkDNS though, right now, you don't need an account and could simply select a set of blocklists and copy the resulting URL to any DoH client [0]. As of today, RethinkDNS, the resolver, is more of a limited BlahDNS / Quad9 replacement than a NextDNS replacement. Limited, because it only supports DNS over HTTPS/[2|3].

    That said, we do plan to pick up development pace on the DNS side and FOSS our DNS stub resolver that one could deploy to Cloudflare Workers with one-click [1].

    And may be start catching up with NextDNS on the path it has trail-blazed.

    [0] https://RethinkDNS.com/configure

    [1] Not ready yet, but should be by end of this month: https://github.com/celzero/serverless-dns

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • rfp

    • It took me a second to grok that this is really mostly just an OSS Android app with some associated DNS servers you can optionally use with it. It's not in F-Droid yet (which I personally consider to be a hard requirement for this class of software) because it includes proprietary bits, but here's the link to the F-Droid issue for those who want to keep an eye on it:

    https://gitlab.com/fdroid/rfp/-/issues/1552

    In the meantime, there's DNS 66, which includes some similar features (minus the app firewall)

    https://f-droid.org/en/packages/org.jak_linux.dns66/

  • dns66

    DNS-based Host Blocker (and lightweight ad blocker) for Android

    • > Apologies, I saw a different issue and did not realize those concerns had already been addressed.

    My bad. I guess I may be at fault here for over-reacting to your comment. My reaction really stems from an unpleasant r/Android experience where folks just piled up on RethinkDNS with utter non-sense and blatant misleading lies.

    > I had assumed at first blush this was yet another scammy SaaS product with a corresponding app...

    This isn't the first time I've heard from folks that the whole thing comes off as scammy / scareware. Is it the website design? The copy? The readme on GitHub? The name of the project?

    > Can you suggest where I can read more about its security deficiencies, or by "insecure" do you just mean to say it is an incomplete solution?

    DNS66 is insecure in the sense it doesn't do any form of encryption for DNS requests [0] and like every other DNS client leaks DNS connections over TCP (only handles UDP) [1].

    I wouldn't call it incomplete, it is likely fully complete in the eyes of the original developers. A DNS client can definitely do more, and that's why RethinkDNS exists in the first place. I used to use Nebulo [2] which is super light weight, supports DNS over HTTPS3, and has way more features than any other DNS client I've come across.

    [0] https://github.com/julian-klode/dns66/issues/11

    [1] https://github.com/julian-klode/dns66/blob/4f1304746e2/app/s...

    [2] https://github.com/Ch4t4r/Nebulo

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts