lemonbytes

husband, dad, steelers fan and software engineer

Keeping Your Internet Safe with NextDNS


The internet is like the Wild Wild West, without the awesome soundtrack and dance moves of Will Smith. The truth is it’s a really dangerous place, for kids as well as adults. It gets harder every day to know what is safe and understand the consequences of interacting with all of the digital services that make up our world. As a father of three who are increasingly becoming connected it’s even harder, because the last thing I want is them stumbling into a snake’s nest. I’ve tried a number of things over the years, but I feel like for the first time my home internet is safe for me, my wife and my kids. Let me introduce you to NextDNS.

On the right hand side of the Roku home screen there is usually an ad.

It’s worth mentioning what pushed me over the edge to revisit my current ad blocking and tracker blocking strategy. Around the time the new Borat movie was released Amazon was buying ads everywhere, and one evening I turned on our Roku TV to find a picture of Borat in a Mankini plastered in the ad spot to the right of my Roku channels. My kids were in the room, but fortunately were paying attention to other things. To say I was mad would be an understatement. I was determined to find a way to block ads on the Roku TV. Many friends recommended setting up a pi-hole, but that involved more work than I wanted to take on. After much trial and error I’m happy to report NextDNS blocks the ad section on the Roku and also covers a ton of other nefarious ads and trackers. Thanks to NextDNS my home internet is much safer for me and my family.

  • Bottom line: Internet safety for you and your family is really hard.
  • There are essentially three categories you need to protect on: Tracking, ads and domains.
  • Tracking can get down right creepy. Everyone needs to make a personal decision about how much they want various websites to profile them. I’m somewhere between nothing and nothing.
  • A few years back Apple introduced ad blockers to much fanfare. The problem is that much of our engagement with content actually happens in Apps where these ad blockers have no ability to protect you.
  • Many ad blockers also block tracking too. The thing is, most people I know do not have ad blockers installed on their computers and definitely not on their mobile devices.
  • It is worth mentioning that not all ad blockers are created equal. Some actually do their own tracking and that’s how they make money. Buyer beware!
  • While some ad blockers are nefarious, many are not. My favorite has been Better, which I had been using on my Mac, iPhone and iPad.
  • Deploying an ad blocker app to your whole family is manual and a true headache.
  • Apple recently bundled tracking protection into its Safari web browser, which is great, but that does not extend into apps.
  • Not all ads are bad, and some are genuinely necessary for content providers to make money to continue to produce content. Unless you’re comfortable paying for all of your content on the internet you have to tolerate (and accept?) some ads, or the services that provide free ad-based content will cease to do so.
  • Many content providers have little visibility into what sort of ad garbage might be tacked onto their content. This is especially true for free games in the App Store. Another example would be my local newspaper’s app, which has some of the most egregious and self-compromising ads.
  • Many routers now ship with various content filters. These can be handy, but they’re more likely to be a pain to setup. Plus, this is not the primary business of these products and the quality of their content filters are just not top tier in my opinion.
  • Disney actually has a product in this space called Circle, specifically for kids’ use of the internet. It’s expensive ($9.99/month plus the central device). I think this product is more accessible than many but it’s still not Disney’s primary business and leaves a lot to be desired.
  • Services like OpenDNS have been around for a long time and provide a decent way for blocking things like pornography at your network level. They don’t offer a great solution once your mobile device leaves the nest. It’s not great at dealing with tracking and ads, either. And the interface for working with OpenDNS is painfully dated and difficult to use.
  • In comes NextDNS, a competitor to services like OpenDNS that also deals with stopping trackers and blocking ads.
  • Spoiler alert: NextDNS is awesome.
  • NextDNS is free for up to 300k DNS requests a month. In my household I blew through this in 12 days, but it’s a great way to grease the gears, and if you happen to be beneath that total request account, then the service is essentially free. There is simply no reason not to try it out.
  • NextDNS runs a bank-breaking $20/year for your home network and associated devices. This is half a trip to Burger King for my family.
  • NextDNS provides traditional domain category blocking, so you can shut down requests to porn, gambling and other things.
  • NextDNS provides a variety of additional security features, such as enforcing Safe Search with search engines like Google and forcing YouTube restricted mode.
  • NextDNS has advanced security features such as Cryptojacking protection, something that most people have never heard of but on which NextDNS has you covered.
  • NextDNS also include Native Tracking Protection, which stops hardware like my Sonos and Roku from capturing low level tracking data. Apple actually does some of this tracking too (though it’s anonymized when it hits Apple’s servers), but I’ve found that some Apps really choke when it’s enabled. I’m looking at you, Pokemon TCG and Marvel Unlimited.
  • I’ve stopped using ad blockers on my devices because NextDNS has me covered.
  • Using NextDNS at the router level, everyone in my family got tracking and ad protection. My kids largely don’t have access to the web because they interact mostly through apps which I have to approve before they can install them. NextDNS was an upgrade to our internet security because of how broadly I could apply it to all of my family’s devices.
  • My plan is to install the NextDNS iOS app on each iPhone, iPad and iPod touch in the house. This is a hassle the first time, but it uses a VPN profile to ensure that the device is forced to route through NextDNS DNS services when they leave the nest. I can still control NextDNS centrally, and the app also allows me to identify each device so that I can see what’s happening from NextDNS logs. The setup effort involved here is well worth it in my opinion.
  • NextDNS also has a Mac app that covers the same use case, and it’s installed on the one personal Mac we have in the house. I imagine they have a Windows app, too, for those who use that OS.
  • Side Note: It’s worth taking the time to install the NextDNS root certificate on your devices, too.
  • NextDNS has some seriously awesome technology, but they also have awesome explanations of what they do. Take, for example, this absurdly easy to understand privacy policy.
  • Tangentially related to this is that if you’ve just been using whatever random DNS servers your ISP has configured (whether that’s Comcast, etc. or your cellular provider like Verizon) you’re exposing a lot of data and it’s probably impacting your network performance. Over the years, services like OpenDNS or Google’s DNS or Cloudflare’s 1.1.1.1 have offered faster DNS lookups without all of the additional security protections of NextDNS. Cloudflare actually has a decent mobile setup to cover you when you leave the nest, but otherwise once you went mobile you were on your own. NextDNS has you covered on this front and as far as I can tell is competitive with the other big DNS providers. It’s definitively faster than the defaults my AT&T Broadband connection provides.
  • For the first time since I gave my kids devices I really feel like our internet is safe. NextDNS has thought about things I never considered and is protecting the household at multiple layers.
  • If you’re like me and you’re not comfortable with wide open access to the internet for your kids, this is the absolute best thing you can do for them.
  • If you’re like me and you’d rather not have every action you take on the internet be tracked, this is the absolute best way to stop that.
  • If you’re like me and you’re tired of excessive and inappropriate ads on everything from your news app, to the web, to your Roku, then this is the absolute best way to stop that.
  • Seriously, give NextDNS a shot. You won’t regret it!

I did not receive anything in return for this review, and none of the links I’m providing to NextDNS are affiliate links. I simply believe in the service.

NextDNS offers several layers of security, many of which are very advanced and mitigate serious risks.
NextDNS offers several layers of security, many of which are very advanced and mitigate serious risks.
NextDNS ad & tracker blocking is the best I've ever used.
NextDNS ad & tracker blocking is the best I've ever used.
NextDNS parental controls let you block entire categories as well as individual sites and services.
NextDNS parental controls let you block entire categories as well as individual sites and services.
NextDNS analytics give a nice overview of exactly what's happening with your internet traffic.
NextDNS analytics give a nice overview of exactly what's happening with your internet traffic.
NextDNS lets you see the individual requests mit blocks. As you can see my Roku is a bit out of control with the tracker requests.
NextDNS lets you see the individual requests mit blocks. As you can see my Roku is a bit out of control with the tracker requests.

Do you want to get new posts from lemonbytes directly in your inbox? Subscribe today!