Speaker 1: 0:04

All right, welcome to the Audit presented by IT Audit Labs. I'm your co-host and producer, joshua Schmidt. Today we're joined by the usual cast, nick Mellom and Eric Brown, our managing director at IT Audit Labs. Today we're joined by Dan Shaper and Adam. Sorry, adam, what's your last name? It's not on the Adam.

Speaker 2: 0:19

Warner.

Speaker 1: 0:20

Well, great guys, Thanks again. Maybe you could just give us a little background on yourselves and then how you got to be working with PyHole and where you're at today.

Speaker 4: 0:27

It's got to have been 10, 12 years now. I was looking for just things to do on the Internet. Github was kind of new at the time and bouncing around and saw a project that was working on DNS was working on DNS and it was kind of an interesting thing on content blocking and they were having problems, ironically, getting IPv6 to work. So I think my first poll was introducing IPv6, and here we are, 12 years later, and IPv6 is still nowhere to be seen. I've been told for like 20 years that school started IPv4 is over, you need to do six. But so we started working on that and it was just a ragtag little group of people throwing things together and then Adam joined in.

Speaker 4: 1:19

Uh, very shortly after that we added in our third, Dominic, who's in Germany to help out, and then we've had some other people come and go, as with open source programs kind of do and volunteer work does. I'm amazed that we're still here this much later and still have such a huge community and a big following. The community is everything for us.

Speaker 1: 1:49

Yeah, I can't wait to hear more about that. You have what? Over 190,000 Reddit followers, or?

Speaker 2: 1:55

Something like that. Yeah, you'd think I'd have that information just by hand.

Speaker 5: 1:58

I think it's 191 when I was on there earlier 191k.

Speaker 2: 2:02

Yeah, just so that, then that's awesome.

Speaker 1: 2:04

That's impressive. How about you, adam? What's the background on you and how did you get to be working with Dan?

Speaker 2: 2:11

So I first discovered I say discovered, I didn't discover it, but I found Piehole just on Reddit. I was just browsing down the front page and saw what looked like a fancy dashboard or something. Had a look into the post post and I was oh, hang on, this looks like an interesting project. I've got a raspberry pi that is sitting in a drawer. In fact, at the time, I probably had about 10 raspberry pi sitting in the drawer, because I had an awful habit of buying them and then putting them in a drawer, um, because I had no real, real purpose for them. I just thought they looked fancy. So span it up.

Speaker 2: 2:43

Um installed it and I think at the time so this was back in 2016 I was using it, uh, and what I noticed was that the whitelisting didn't work, or not very well anyway. It had an issue with it. Um. So, rather than uh complain, I had a look at the code to see how it was working, what could be done to to make that work, made it work, submitted a pull request to the project, and here I am today, still after about 10 years.

Speaker 1: 3:11

We were talking just before we started recording and you had let me know that you just released Pi Hole version six. Yeah, in February.

Speaker 2: 3:19

Yes, so that was five years in the making. One of the things about us being a sort of volunteer-run open-source project is we don't have an awful lot of time to work on things. So when we do look at sort of working on major things, it takes us a while, especially to try and sort of synchronize everyone and get everyone in the same place at the same time so that we can actually press a button to release it.

Speaker 3: 3:44

What's the big update in 6?

Speaker 2: 3:47

The web server, for example. So we used to use a third-party web server. Let me know how. You say it Lighty, is it just?

Speaker 4: 3:55

Lighty Lighty.

Speaker 2: 3:57

So that was a dependency of the project. So the install script would always install that PHP was a big dependency of the project, would always install that PHP was a big dependency of the project. In six, or PyHole six, we have removed the dependency for PHP and LIT, so PyHole FDL is its own web server now and the web interface has been rewritten in Lua pages.

Speaker 4: 4:19

There's some Lua pages, some Java script and that's still we're kind of looking at, maybe doing a better front end on it. So we had the genius of Dom who does a lot of the C coding and brought in, like Civit Web as a C package to handle the web serving and trying to make it a one binary project.

Speaker 3: 4:43

What is PyHolic? What does it do for the everyday user?

Speaker 4: 4:48

Essentially, when you go out on the internet, you use your web browser or whatever. You type in what's called a domain name. You want to go to Google. You just type in googlecom or whatever site that you want to go to. On the back end, on how computers work, they don't communicate via names and tokens and things like that. They communicate with IP addresses, numeric addresses. So you need something that will convert that name into an IP address, a string of numbers that computers can then use to get you to where you need to go. That's called a domain name service. You send out a request, you say what is the IP address for Google and you get back a number. Your computer then understands okay, to get to this number, I need to go here, here, here, and get passed along.

Speaker 4: 5:39

What we do is we come along and say, okay, there's this domain out there is. We come along and say, okay, there's this domain out there, Evil Corp. Well, we don't really want you to go to Evil Corp, or the person decides themselves I don't want to go to Evil Corp because Evil Corp is going to take the information they see from me and do things that I don't want them to do. So we say, when you ask us what's the address, how do I get to Evil Corp? We say Evil Corp doesn't exist, you can't get there, and that kind of is is a very low level basic. There's a lot of other features and things you can do to to make it like nicer and spice it up and change it up. Um, but uh, in in. Essentially that's what we do. It's called a DNS sinkhole because we take DNS requests and sync them.

Speaker 5: 6:31

And it sounds like these things are pretty easy to set up. When I was, you know, in pre-production here, we were talking about the YouTube video I was watching. It was a short where the guy was talking about he could set this up faster than he can cook a hot dog in the microwave. And he did do it. Are you guys able to speak to? Was that a part of the educational process? You wanted to make it easy, or was that just the vision you know throughout the project, to make it easy for, kind of the masses?

Speaker 2: 6:55

you didn't have to be technical, uh, to use the pile so I mean I think I can probably speak to this in that um. So when I, when I first joined the project um, I had never used, I'd never touched linux um, so I've never done any bash scripting anything like that before. I did have some background in sort of c sharp programming on windows, but beyond that um I've never touched it. So actually I found it pretty simple to install straight away. This is even, you know, going back 10 years when the installer was probably a little bit more basic but our, our installation is a bash script.

Speaker 4: 7:28

Um, and it is. We joke about it. It's the worst bash script you will ever see in your life. It's a thousand lines long of bash script and originally uh, the original project founder and considered co-founder myself and Jacob Salmela when we did the installation script. There are a lot of comments in there and the original intent was you could look at this script as somebody who doesn't know what batch is, doesn't know what any of this is, and read it line for line and see okay, here's, here's a command line, here's the explanation of what this command does, how it does it, what applications it uses and runs.

Speaker 4: 8:11

And to get back to the food thing. I guess there's a food thing with pie hole, because it's pie hole and apparently hot dogs, and we like to say you can run pie hole on a potato, so we had to have this food theme going on with everybody now I don't know if nick, you're vegan, right, so would it work with a?

Speaker 1: 8:29

vegan hot dog big vegan probably not big vegan here I don't think they'll let you into texas if you're a vegan one of the cool.

Speaker 5: 8:37

He's originally from minnesota though considering the, the gift box eric sent me yesterday was full of bacon goods. I think no vegans.

Speaker 3: 8:48

So the cool thing just to kind of tie together why an everyday user, maybe even a non-technologist, might like Piehole to set up at home is it's really easy to do. It's really easy to do. There's lots of great videos and great instructions to be able to set it up without a lot of technical expertise. But in some cases you can get enterprise-level security, like security that you would get at work with a device that costs 50, 60 bucks. Right, you get a Raspberry Pi and get a SIM card and you can install PiHole on the Raspberry Pi, plug it into your network and it's going to filter traffic. And you might say well, why do I want to filter traffic? And there's a lot of conversation with PiHole about being able to block ads. Able to block ads, but even more so than that is the ability to block malicious links, like what you were talking about. You can create that level of security at home. So you know, I don't know, adam Dan, anything you want to talk about related to that.

Speaker 4: 9:59

The way a lot of the like Cisco's firewall systems and their DNS systems are extremely similar to PyHole. You're paying for the support, obviously, but lists of domains that you want to block. If you can get a list in what's called host format, we can use it and it's very tailored to customization. You can have a big list of domains you want to block and there's only two or three that you want to let through, for whatever reasons. Okay, you can allow those. You have some systems where you need to access these domains for work. You can put your laptop into a group and say, okay, assign no domains blocks to any computer in that group, so you're not set to one system managing everything and everybody has to have the same thing. Yeah, you can do some extremely narrow, fine-grained systems.

Speaker 3: 11:01

I had to create the wife on block Acceptance factor Because I had everything locked down and we went to watch a show.

Speaker 3: 11:12

I was so excited when I first built out the pie hole and I've got my laptop and I'm watching all of the blocks and we went to watch a show.

Speaker 3: 11:23

I don't know if it was on prime or Netflix, but we're even just trying to bring up the Apple TV to get to the show and it's not working. I'm thinking this is great, right, I'm blocking a ton of stuff that I don't know, like I didn't know even existed, where it's trying to go out and send my information out to all of these third parties, and I'm just kind of watching it on the screen and then realizing that it's maybe blocking a little bit too much. I probably downloaded a few too many lists and integrated them, so then I was able to just go in and whitelist some, and then from time to time I will hear shouting from upstairs and you know, it's like that thing. You got running and so I uh, I am able to, you're able to easily, with piehole, put machines into a group with less or no filtering before before we have the group's feature on the.

Speaker 2: 12:18

On the piehole um. That was as much as I hate the uh the stereotype um on the. On the piehole um that. That was as much as I hate the. Uh the stereotype um. On the on the subreddit, that was one of the biggest complaints. Uh was uh. My wife's trying to buy things on google shopping, uh, and every time she clicks the sponsored link in the in google, she can't get to the shopping. How do I fix this? And the answer always used to be well, disable it for a bit whilst you want to click the link, um. So people were coming up with bookmarklets so that they could give it to their spouses or anyone else in their family and say hey look, if something's not working, just press this button. It'll disable PyHole for five minutes. You can then do what you want and then it will come back on.

Speaker 3: 12:55

Yeah, absolutely. I thought about even instituting something at home where it's like well, you got to watch this five minute video on security, I didn't. That didn't go over too well.

Speaker 5: 13:06

So, besides blocking all these websites and, you know, stopping wives or significant others from purchasing you know, this, that or the other, I suppose and I don't use a pie hole, so I'm I'm learning a lot here but could this also be thought of a way that just streamlines and speeds up your web browsing experience, because it's not going out to get all these curated ads on all these websites? I think the most, what I can think of the most easy, is you know you're doing a speed test for your internet. You know you go to one of these websites and it's just like all around where you're going to see how fast your internet is. It's just littered with ads so it takes a while for that to generate. If this is running, it's not even going out to get those those ads. So I would assume across the board, you know people are seeing you know an easier and more quick experience on the web.

Speaker 4: 13:57

It does reduce the amount of traffic you pull because malvertisements tend to be really heavy with a lot of garbage attached to them.

Speaker 4: 14:06

One thing that we kind of an unintended side effect CDNs, things that are geo IP based can get confused.

Speaker 4: 14:15

So a lot of the gamers at first were my latency shot to the roof. Well, yeah, because you're in America and the geo IP is not going to be able to work, so it's sending you to a server farm in Germany. There are ways to get around that with some DNS extensions that allow you to at least give a portion of where your IP is located at, so you can get to the proper CDN endpoints that are located closer to you. But at the heart of PyHole it is a full functioning DNS DHCP server. You want to develop and use they call it a split brain DNS or split horizon DNS, and they call it a split brain DNS or split horizon DNS where you have IP addresses for your production work and you want to use the same domain names but use your local area networks. You can go ahead and set it up and say when I ask for production domain names, return my local, and you don't have to worry about things like hairpin natting or any of the router tricks.

Speaker 4: 15:25

You're actually returning a different IP address depending on where you happen to be located.

Speaker 5: 15:31

Dan, you brought up YouTube a little bit ago and that's one thing I was thinking about. And, funny enough, before we jumped on, I was searching the internet looking at all the different pies, pies to piehole items and one of them one that Post I saw was oh, I'm gonna make a pie hole so I can essentially have YouTube premium for free, and I was thinking to myself what would that actually work? So, you know, maybe take a second. I'm curious on your thoughts. I know you said I think you dislike this YouTube because of this. Can you elaborate on that said?

Speaker 4: 16:03

I think you dislike this YouTube because of this. Can you elaborate on that? You want to do the Linus Tech Tips video that shot us in the foot with that one.

Speaker 5: 16:09

Was that what it was? I didn't see that one, but I am familiar with him.

Speaker 4: 16:12

Originally way, way back. Yeah, Four or five years ago Six years ago, we'll say, I think. Yeah, he did one and he was able to show somehow. And this was back in the days when, yes, you could block some of the video roll from YouTube. This was pre them knowing about how we worked and stuff. Now they bake it directly into the video stream. So there isn't a separate DNS query or a DNS endpoint. You're not going to a CDN anymore like they used to do. Ads were served from a different infrastructure than videos. It's all merged into one flow now, but people still see that video and go oh well, I should be able to block YouTube videos like ads.

Speaker 5: 16:58

I see it right now. Block every online ad with this pie hole on Raspberry Pi. It's got 4.6 million views and it was published five years ago. Spot on, yeah.

Speaker 1: 17:09

I think this is a good time for the disclaimer, as we insert that into the podcast here.

Speaker 2: 17:15

There he goes again.

Speaker 3: 17:16

Nick, there he goes.

Speaker 1: 17:19

Well, we are hosting this on YouTube.

Speaker 1: 17:20

I would hate to set off any algorithms to clamp down on our views, but yeah, we are hosting this on YouTube. I would hate to set off any algorithms to clamp down on our views, but yeah, we don't condone any illegal activity, of course. My question was do you have a sense of like I'm sure you do, and especially Adam running the Reddit what the community finds to be the most valuable part of this? Is it the ad blocking function, or is it mostly used by people with personal computers? Or do you find enterprises using this, or organizations, or is it a mix?

Speaker 2: 17:51

There's probably a pretty healthy mix of people that have just stumbled upon the project because they've seen it. There's a lot of people who are now new to the project because of all of the issues with ublock, origin in chrome, which is now um no longer working in the new version of chrome, um, I think anyway, um. So we've we've got a lot of new users through that um. But then you've got the, the super technical people who I would say, probably definitely know a lot more than us. Whether they do or not, they certainly come to us as though they do. But there's all sorts.

Speaker 3: 18:30

One of the things that you mentioned there, adam, was how some people are using plugins in their browser to do some of that ad blocking work, and that certainly works. But, as you mentioned, you block origin Chrome. That plugin then, with Chrome's recent changes, doesn't work. So then, how do you deal with that? How do you keep the same functionality? And well, you move it away from the browser and you move it to the network, and the Pi hole works at that network level. I suppose it could work locally too, but if you, if you have it on the network, then it's working for all of the machines on the network. And one of the tests that I just personally have found to be pretty cool is a website I think it's tmzcom, tmzcom. So, dan, maybe being more familiar with the Los Angeles area.

Speaker 4: 19:26

Yeah, I know, harvey.

Speaker 3: 19:28

It's for the 30-mile zone. I guess that's around Los Angeles. I mean something out there, no idea. All I know is that site gets a ton, has a ton of ads baked into it. So if you let that page load you'll see the counters just go up. If you have an ad blocker in the browser Over 100, I think it'll block on that, like if you're using Ghostery or something like that. But it's great to see it too on the pie hole and just go to that site and just watch all of the blocks come up from that site. It's pretty amazing all of the things that they're doing to monetize that site and that experience and what it looks like when you're looking at that website, filtered versus unfiltered.

Speaker 4: 20:15

Well, also consider how do you use an ad blocker or a malicious traffic blocker on your home surveillance cameras on your refrigerator, on your web-connected Light bulbs? Yeah, I got an air fryer the other day that has an application for it and it connects to Home Assistant. It's like it's an air fryer, come on.

Speaker 3: 20:53

And it's like it's an air fryer, come on, but yeah, so being at the internet or being at the network level, things that don't have user interfaces, things that you don't see and deal with, they can still benefit. Apple TVs can benefit from it. Smart TVs can benefit from it. Somebody I know has one of these. It's like some sort of electronic litter box, as I hear it it's called. What is it?

Speaker 3: 21:02

That's you, Eric who could that be eric that has this you can actually monitor the cat's activity in the litter box from an app on the on the phone. You know while you're remote. So you know to your point.

Speaker 4: 21:14

Everything is connected don't you have one of those adam?

Speaker 2: 21:18

I had one of those. The cat did not get on with it, so we Cat did not appreciate the litter box surveillance. He's a hipster, he hates technology.

Speaker 1: 21:33

He's a lewdite cat. That brings me to one of my other questions I had prepared. What are some of the challenges that Pileface is keeping up with increasing sophistication of ad delivery mechanisms? I'm assuming that was baked into your latest update in version six? Yeah, and maybe you could kind of shed some light on what some of those might be that we might not think about. We just talked about, like you know, roomba and adding that pile at the network level to kind of give you some extra protection on the IoT devices. But anything new that you've seen popped up, that that pie hole has been addressing.

Speaker 4: 22:09

It depends on white hat versus black hat on a few things Ever since.

Speaker 4: 22:16

The big thing now is encrypted DNS DOT, doh, doq, no-transcript and, depending on what that canary domain responded, you could turn off DOH in Firefox internally. So you could with PyHole, say anybody on my network. They need to stick with plain, unencrypted DNS. Where you get into some difficulty is for the bad actors that give you an Android app that is intentionally hard-coded and bypass all of that and go through that gets into where you do need some pretty heavy-duty firepower to be able to do it. Even your home firewalls can't do it, because you need to be able to break those encrypted packets to see what the payload is, able to break those encrypted packets to see what the payload is. So, as long as people play by the generally accepted rules and I think that's going to happen because you have enterprises Enterprises are going to need to figure out how to prevent exfiltration through systems where they have their internal DNS and you need to use our Active Directory systems, our structures, then how do they protect themselves?

Speaker 4: 23:45

And luckily, the way that they protect themselves can be scaled down to home use also. These agreements, these policies and procedures that are being codified do not need heavy lifting technology to be able to use them. We have version 6.1 coming out that we wanna get out within, probably this weekend. Maybe that has some updates where these specific requests from Apple, svcb requests where we can return either say these services do not exist, don't go looking for them, or these services exist and here are how you can connect to the pie hole to use these services instead.

Speaker 1: 24:30

I was wondering if Eric could speak to using this type of technology within organizations or helping others shore up their security posture.

Speaker 3: 24:39

I think it's great in organizations that maybe can't afford the enterprise-level firewalls that are going to be able to do that man-in-the-middle, where they're breaking encryption and inspecting and then re-encrypting and sending the traffic on, which is what you need to do in order to look at encrypted packets that might be coming from an infected endpoint, where the threat actor put a protocol in place in order to protect that traffic. Smaller organizations and home entities aren't going to, as Dan said, break that encryption, look at it and send it on, but something like a pie hole or a way to bring in lists, host lists, into their firewall or whatever is providing their DNS services, is really a great thing Like we were talking about earlier.

Speaker 3: 25:36

This is really enterprise grade technology that is at fractions of the cost, so you could bring it in and plug it into a network and it doesn't consume much resources at all. And a really big shout out to the Pihole community, because there are some people out there that are curating and generating lists that we all then consume and use, and the lists are up to date. Some of them are updated daily, if not more frequently, with really new and emerging malicious sites and we can consume that and then we're just as safe as an enterprise organization.

Speaker 1: 26:24

That was going to be my follow up with. That was going to say, adam, maybe you could speak to just the value of the community and how, how those people have been generating those lists and how you, how you integrate that information into what?

Speaker 2: 26:37

you and Dan are working on. Every block list that's out there is community maintained. We don't have an opinion. So, as the software itself, we don't care what you're blocking. You can block as much or as little as you like. It's really up to you how you use it. So when we initially install, just to make sure it works and just to sort of lower the barrier to entry, we have one suggested list which we found works quite well, doesn't block too much, doesn't break a lot, and that's just there to get sort of people started. But yeah, there are, I mean certainly on reddit. There's a guy forget his name, w3k who maintains a list of lists, so not just his own lists that he puts together, but he also, I think he goes through and kind of optimizes a few other people's lists. Firebognet, I believe, is where he keeps those.

Speaker 4: 27:35

Yeah.

Speaker 2: 27:35

Firebog, and then you've got. There's just so many's, so many people out there that are just coming up with the different things.

Speaker 1: 27:43

One list to rule them all.

Speaker 3: 27:45

It sounds like sometimes more isn't necessarily better. So, Adam Dan, I don't know how big are your lists that you run on your home environments.

Speaker 2: 27:56

So I'm I'm not super fussy at home, um, I'm still running just the default block list. So I've got currently about 130,000 blocks on my block list. You see, people on Reddit it's almost a competition at some point. So people will come in with like 15 million domains and you think that you're not visiting or you're not hitting that many domains, surely? But people, you can do it, so they do.

Speaker 5: 28:21

But their wives might be visiting all those.

Speaker 1: 28:25

Is there a list with Joanne Fabrics included on there, aren't they?

Speaker 3: 28:29

out of business.

Speaker 4: 28:31

I was going to say Joanne's closing.

Speaker 2: 28:34

Sort of talking of block lists. I've even seen and I think maybe I think, Dan, you used to do this as well I've seen it the complete other way around, where people have no block lists and they have a single domain on their block or a single entry on their block list which is just dot, and that blocks everything by default, and then they won't look at it the other way around. They start whitelisting things so they actually end up with bigger whitelists than a block list. It's, I imagine, a pain in the ass to manage and to keep up with because there are just so many domains out there, but it's another thing that we've seen people do.

Speaker 4: 29:14

Yeah, it's a default deny and then only specifically allow certain minors that you want. Yeah, if you're streaming video, that is not the way to go, because you're you're going more. I'll have this. No, no, I'll have this now.

Speaker 3: 29:27

Yeah, you could do that almost as a time base right, Like if it's, if it's time for the kids to go to bed, and you're like, all right shut.

Speaker 4: 29:40

They don't want to do it and you're like all right, boom, 10 pm shutdown. People do do prong, job based or chronologically based, for not even just complete shutdowns, but just for I want to cut my addiction to social media. So I'm going to give myself these five minute blocks where I can access it but most of the time not be able to access it. And then you have some external things saying no, don't do it, reminders, yeah.

Speaker 1: 30:03

Have you guys seen this, this new product called a brick, I think it's called where it makes you physically physically get up and unlock you know an app. You can program it to unlock a specific app by you know blue toothing it to your phone For a specific amount of time so you can only hit Instagram if you go up to the brick, unlock it. Oh wow, for just kind of what you're talking about, but it sounds like you can do that with Piehole.

Speaker 4: 30:28

Originally we wanted to be able to provide this tool and then say, hey, do with it as you want, Extend it as you want, add in features as you want. And we're getting to that point where you can programmatically access things. I never use the web interface Once it's set up. It's set up and I don't really need to go through and tweak it. Took a while to get to that point, but yeah, now it just kind of just runs on its own.

Speaker 1: 30:56

That's a perfect segue. I was going to ask, adam, if you've seen any interesting or unexpected use cases for the Pi hole that go beyond the ad blocking function.

Speaker 2: 31:07

Not really that go beyond the ad blocking function, but certainly in terms of just integration to other systems. So again, as I mentioned with v6, we've got this new shiny, restful API which is much more advanced than the old API in our v5 version and with that people I think there's a guy who's made an Android. Yeah, there's an Android app, there's an iPhone app. These are all community made that effectively mimic the web interface, allow you to manage it on the go. I've seen integrations into Home Assistant. I think you've got people in there, sort of automations actually setting up a trigger to disable PyHole or enable PyHole in certain things, based on not just time but whether or not the lighting they're always on, that sort of thing.

Speaker 4: 31:55

Yeah, the staples easy button when you want to stop the blocking I've got one on my desk actually where do you see the future going?

Speaker 5: 32:02

you know how is ai dictating how pie holes evolving. Anything you guys want to speak to on that?

Speaker 3: 32:08

the future? Um, nick, to some extent is all of the technology that is built into appliances. These days, I think just about every appliance that you could put in your home has some form of connectivity capabilities washers, dryers, refrigerators, rice makers, right Toasters I think Dan said your car everything is connected and that kind of gets into the IPV6, where everything potentially could be on the internet and if you're not taking some level of caution you're just pretty much exposed. So a project like this is really awesome. It puts some of the control back in the consumer's hands that may not want to just plug that refrigerator in and then the next thing you know it's dumping out the contents of whatever is in there to who knows where that's going.

Speaker 3: 33:11

I mean, the simple solution to that is you just don't connect your fridge to the internet and it might be one of these days that, in order to warranty the thing, it's got to be internet connected right Like they're going to put checks and balances in place, unfortunately, and I hope it doesn't go there for a while, but that is certainly a possibility.

Speaker 1: 33:33

Yes and so on that note, adam, can you think of any? How do you see yourself in this ecosystem of the community on Reddit? Do you see yourself more as like a firefighter, police officer, park ranger? I mean, it's a lot of people to manage and seems like a big job.

Speaker 2: 33:53

When we first started certainly when I first got involved 10 years ago, I was on Reddit every day. Every sort of hour of free time outside of work I would be in, read every thread, read every comment. That got very tiring very quickly In sort. Of. Recent years I've had less time to be able to commit to that for work reasons, but I mean we've got some super moderators out there. Jfb John is a good one. He again, he is like that. He's in every thread. He reads every message, not just on Reddit but on our discourse forum as well. I don't know where he finds the time. I assume he's got a lot of it or maybe I've never met him. Actually he could be AI.

Speaker 2: 34:49

There are a lot of people out there who are very into Pi-Hole and are happily giving back to us, to the community, sharing their own projects. One of our biggest requested features in all time has been high availability of having two pie holes on your network for redundancy and being able to synchronize those two pie holes. It's not something we've ever quite got around to doing. However, there are at least six that I can think of off the top of my head projects out in the community where people have taken it upon themselves to create a project that will approximate that and actually keep several pie holes in sync. There's there's been a few popular videos doing the rounds recently, since we launched v6, of how to set up, you know, three pie holes for redundancy on a, an LXC stack, plus having these synchronizers to to keep everything like the block lists and everything the same, so that the community for that purpose, you know they, it's brilliant the best of all worlds, can you know?

Speaker 1: 36:00

free software, an amazing community. People are joining together to help other people out. It's good to have some positivity, especially in the world in general. But in cybersecurity, we often hear a lot about a lot of the bad things that are happening. So it's really cool to hear how people are banding together and creating a positive impact.

Speaker 2: 36:21

The people who are sort of enthusiastically negative as well. I'm sure you agree.

Speaker 1: 36:27

So if someone like me who doesn't know a lot about tech really piqued my interest on this conversation, where should they go to get started, and how should they get started with integrating a pie hole into their security posture?

Speaker 4: 36:40

Probably the best way is our website, piholenet. It's P-I-H-O-L-Enet, I think it's still pretty much a version five. You'll see there. I haven't updated it for version six, but there's links there to our GitHub at the top, to the community for our discourse. Best place to get a hold of us is to do that discourse, which is discoursepy-holenet. And yeah, any questions, anything you need, come find us there. We're happy to talk to you and get things set up for you.

Speaker 1: 37:17

Excellent, well, great work Everything you've been up to and, on behalf of the cybersecurity community, we commend you for your time and that you put into this and helping people shore up their security.

Speaker 4: 37:29

Thank you.

Speaker 1: 37:30

If I may speak for them on this podcast.

Speaker 5: 37:33

You can. Yeah, congratulations, guys on what you've built, and especially the community. I think that's huge for me, especially in this space, seeing a community of almost 200,000 people like-minded that are helping everybody else. Kudos to you guys for curating and building that.

Speaker 2: 37:51

Yeah, I mean it's a team effort. At the end of the day, it's not just myself and Dan that are on the core team. We've got Dom over in Germany, rd down in brazil, um ub again over in germany, so we've got sort of there's a few of us in the sort of cool team and then there's probably contributors that I don't know where they are, but they're regular enough well, if they would like to join us on on the upcoming episode, we'd be happy to host them and hear what they've been working on and have another piehole conversation and get their take from different parts of the world.

Speaker 1: 38:24

It definitely is of interest to us, so please extend our invitation and our kudos to them as well, okay, sounds good.

Speaker 3: 38:32

Yeah, this was great, thank you.

Speaker 1: 38:34

Thanks a lot, gents, for your time. Today You've been listening to the Audit presented by IT Audit Labs. My name is Joshua Schmidt, co-host, and today You've been listening to the Audit presented by IT Audit Labs. My name is Joshua Schmidt, co-host and producer. I've been joined by Nick Mellom and Eric Brown, and today our guests were Dan Schaper and Adam Warner from Piehole. So thanks again. And we publish every other week on Monday, and you can catch us on YouTube, spotify, apple, amazon, wherever you get your podcasts, and we have video on Spotify now as well. So like and subscribe and we'll catch you soon.

Speaker 3: 39:01

You have been listening to the Audit presented by IT Audit Labs. We are experts at assessing risk and compliance, while providing administrative and technical controls to improve our clients' data security. Our threat assessments find the soft spots before the bad guys do, identifying likelihood and impact or all. Our security control assessments rank the level of maturity relative to the size of your organization. Thanks to our devoted listeners and followers, as well as our producer, Joshua J Schmidt, and our audio video editor, Cameron Hill, you can stay up to date on the latest cybersecurity topics by giving us a like and a follow on our socials and subscribing to this podcast on Apple, Spotify or wherever you source your security content.